Can the content of a password protected zip file be known?

Yes. Aside from the fact that the filenames are unencrypted, the contents of a password-protected Zip file can be recovered if it uses the old, insecure ZipCrypto cipher which uses the insecure, non-cryptographic CRC algorithm for data confidentiality. A research paper from 1994 showed that an attack against the underlying encryption can be done in several hours regardless of the strength of the password on a contemporary home PC. Nowadays, such an attack can be completed in seconds with free and publicly available tools. You must not rely on default, legacy Zip encryption.

The PKZip format supports three encryption methods. The first is the legacy, highly-insecure ZipCrypto. The second is AES-based encryption stored in the compression field in the metadata, and the third is AES-based encrypting using its own header format. The encryption specification is online. Using AES-based encryption rather than legacy encryption can result in incompatibilities, especially with older programs, but most modern, well-designed Zip programs can handle it.

In order to protect the contents of a Zip file, you should use strong encryption. Various tools such as WinZip and 7zip support an ad hoc AES-based format for Zip files which additionally encrypts the individual filenames and sizes within the compressed archive.


Potentially, yes.

Encrypted zip files protect the data reasonably well (perhaps the equivalent of a cheap lock) but leak meta-data about the files inside the zip. Like a cheap lock, an attacker with a small degree of training could still break the underlying encryption. The far easier scenario is the meta-data, which requires no cracking. That means the filenames, file dates, file lengths, and directory names of all the files inside the zip file are all stored in the clear. This is extremely trivial to find without the password, and can be done using the command line zip utility to list the contents of the zip file.

If the file names inside the zip file have names associated with copyrighted content, the copyright holder is going to assume the zip file contains copy-written content. Matching file sizes of the original files would only provide further evidence.

One way to protect against this is to simply zip up your files, and then zip-encrypt the resulting zip file again. The meta-data at the lower level should now be protected by the outer layer zip file. You'd still be vulnerable to the attacks above to decrypt the data since the encryption is still "cheap lock" equivalent.


Yes. Yes. They can.

https://unix.stackexchange.com/questions/289999/how-to-zip-directory-with-encryption-for-file-names

The main point is in zip encryption, the filenames are not encrypted. WHAT A JOKE.

That means if you name your file "taylor swift's latest song", they could reasonably infer that your zip archive contains tailor swift's song, and file a takedown notice.

I haven't tried this, but maybe you can double zip. 1. zip the files into a file called "files.zip", and 2. zip and encrypt the file "files.zip". Then when you look into the encrypted archive's files, all you see is "files.zip" and that reveals no information about the actual data.

Do not use zip for security. --- INSTEAD try send.firefox.com

Tags:

Zip