Elcomsoft.com » Password Recovery Software » Advanced Archive Password Recovery

Passwords and encryption

 

Previous  Top  Next

The encryption in modern versions of ZIP and RAR as well as in ARJ and ACE archives is very strong, and if the password is reasonably long and complex enough, the chance of breaking it on a single computer in a reasonable time is slim. Either way, unless one can exploit a security vulnerability, one has to rely on brute-force and dictionary attacks to recover the password.

 

The dictionary attack is the most effective one as it relies on dictionary words that are commonly chosen as passwords or parts of passwords. Dictionaries of common words as well as specialist, technical and foreign language dictionaries are available, as are lists of thousands of words that are commonly used as passwords such as "qwerty", "abcdef" etc.

 

If you have completed a dictionary attack, but were unable to recover the password, you will have to rely on the brute-force attack. In this attack, the program tries to guess the password by trying every single combination of characters until the password is found. For example, the program might follow a sequence like this:

 

"aaaaaaaa"

"aaaaaaab"

"aaaaaaac" ...

 

This method is time-consuming, and is only recommended for short and simple passwords.

 

There are also some special notes about the file formats.

 

ZIP

 

There are several different encryption algorithms used in ZIP archives. ARCHPR supports two of them: the legacy PKWARE encryption (used in legacy ZIP tools; see Application Notes - .ZIP File Format Specification) and Advanced Encryption Technology AES encryption (used in WinZip starting from version 9.0 and many modern ZIP archivers).

 

For archives protected with legacy encryption, ARCHPR recovery speed is about 15 million passwords per second on a Pentium 4 CPU, so the practical limit on password length for brute-force attacks is about 10 characters. In addition, the known-plaintext attack is available. In most cases, this attack does not recover the original password, but allows to recover the encryption keys to decrypt the archive. This attack usually takes 10-15 minutes independent on the password length. Note that this attack is not always applicable.

 

Also, due to the weakness of legacy WinZip versions up to 8.0 implementation of ZIP encryption algorithm, guaranteed recovery is available for WinZip archives containing 5 or more encrypted files. As for the known-plaintext attack, ARCHPR can find the decryption keys so the password is not needed. This attack is very fast and takes from several minutes to several hours regardless of the password length.

 

For ZIP files with advanced encryption technology (AES-256 encryption), the known-plaintext attack is not available, while the brute-force attack is fairly slow.

 

ARJ

 

ARJ encryption is simpler than ZIP one. In addition to brute-force and dictionary attacks, the known-plaintext attack is also supported and allows to recover the original password. The practical limit for brute-force attack is 7-8 characters.

 

RAR

 

For RAR 2.0..2.8 archives, the attacks are fairly slow, while RAR 2.9/3.x encryption slows them down even more (see UnRAR sources for details). We recommend dictionary attacks and/or distributed attacks with Elcomsoft Distributed Password Recovery on all but the simplest passwords.

 

ACE

 

For ACE 1.x archives, the recovery speed is several hundred passwords per second. ACE 2.x archives are not supported because ACE 2.x decompression algorithm is proprietary. There are no plans for supporting ACE 2.x archives.