### Analysis of the WinZip encryption method

##### Abstract

WinZip is a popular compression utility for Microsoft Windows computers, the latest version of which is advertised as having "easy-to-use AES encryption to protect your sensitive data." We exhibit several attacks against WinZip's new encryption method, dubbed "AE-2" or "Advanced Encryption, version two." We then discuss secure alternatives. Since at a high level the underlying WinZip encryption method appears secure (the core is exactly Encrypt-then-Authenticate using AES-CTR and HMAC-SHA1), and since one of our attacks was made possible because of the way that WinZip Computing, Inc.~decided to fix a different security problem with its previous encryption method AE-1, our attacks further underscore the subtlety of designing cryptographically secure software.

Available format(s)
Category
Applications
Publication info
Published elsewhere. Unknown where it was published
Keywords
WinZipZipcompressionencryptionapplied cryptographyattackssecurity fixes.
Contact author(s)
tkohno @ cs ucsd edu
History
2004-05-09: last of 5 revisions
See all versions
Short URL
https://ia.cr/2004/078

CC BY

BibTeX

@misc{cryptoeprint:2004/078,