Hi, today i wanna talk about the security of 7Zip. If you think 7 Zip is good for you then think about your security. If you wanna encrypt a file with AES you are welcome.
Till today AES is one of the strongest encryption, but be carefull what you do!
7zip generates a SHA256 that has your Password inside.
So far secure if you don’t have arround 120.000€ for a small cluster network. At least a single GPU need 10 years to crack a 7Zip hash that has 8 chars, to cut the time a Cluster and a NAS as collector can split the time to less than 5 years.
Cracking an encryption (the password or key) takes a bunch of time. Why not generate all possible keys and check them? Sure it takes lot´s of space like Petabytes… but once generated it´s faster. Same to the RSA…. generate is faster than tear down to primes.
SHA256 with 5 Chars = 16 Hours on a single GPU.
*Cracking speed of a HASH depens on your local GPU!
Importent is that the SHA256 is based on AES, that means if you use C as password the SHA is always Unique! Make 2 files with the same password…. you will see a different HASH! So if you use the password C often or a name like Mike or Anton it´s easyer to tear down. So the AES function is useless on 7Zip and Winrar. It´s not secure!
Grab a AES encrypter tool… that do not put your password into the archive too!
Using some kind of thoose packers with encryption is like using a known backdoor. Why using a password if it´s inside a file? Make no sense!