Is 7Zip with AES secure?

Hi, today i wanna talk about the security of 7Zip. If you think 7 Zip is good for you then think about your security. If you wanna encrypt a file with AES you are welcome.

Till today AES is one of the strongest encryption, but be carefull what you do!

ziprart-1

7zip generates a SHA256 that has your Password inside.

Example:

$7z$0$19$0$$16$63078584706589b6606f98bb33af77cf$919

346473$16$6$3e790d4558b8876c2cb9741d5e25cac1

$7z$0$19$0$$16$8f3326e912909e81f7ae67378da68de7$31112

15484$16$11$81be1198d6adc21b6c1860330b5fc6f2

strong2

Titan

So far secure if you don’t have arround 120.000€ for a small cluster network. At least a single GPU need 10 years to crack a 7Zip hash that has 8 chars, to cut the time a Cluster and a NAS as collector can split the time to less than 5 years.

Cracking an encryption (the password or key) takes a bunch of time. Why not generate all possible keys and check them? Sure it takes lot´s of space like Petabytes… but once generated it´s faster. Same to the RSA…. generate is faster than tear down to primes.

SHA256 with 5 Chars = 16 Hours on a single GPU.

*Cracking speed of a HASH depens on your local GPU!

 

Importent is that the SHA256 is based on AES, that means if you use C as password the SHA is always Unique! Make 2 files with the same password…. you will see a different HASH! So if you use the password C often or a name like Mike or Anton it´s easyer to tear down. So the AES function is useless on 7Zip and Winrar. It´s not secure!

Grab a AES encrypter tool… that do not put your password into the archive too!

Using some kind of thoose packers with encryption is like using a known backdoor. Why using a password if it´s inside a file? Make no sense!

 

Dieser Beitrag wurde unter Allgemein abgelegt und mit , , , , , verschlagwortet. Setze ein Lesezeichen auf den Permalink.