Is zip's encryption really bad?

The weakness of the old encryption was due to the weakness of the chosen encryption algorithm.

Nowadays one can use industry grade encryption via 'AES', which is used everywhere (and is under heavy attack but as it seems pretty hard to attack). As the site you cited stated: the weakest spot is in the passphrase and the rules you mentioned especially address that problem.

Theses rules do not apply to the passphrase for the old encryption, since that old encryption was very weak in itself, no matter if you choose a good password or not.

The statement of

the problem is removed provided you follow a few rules when choosing your password.

is not true, since the real solution to encrypt ZIP files securely is to choose a strong encryption algorithm AND a strong password. The strongest password is worth nothing if the encryption algorithm is weak.

Read also http://www.info-zip.org/FAQ.html#crypto and http://www.topbits.com/how-can-i-recover-a-zip-password.html

Is zip's encryption really bad?

Tags:

Security

Encryption

Compression

Zip

Related

Recent Posts