Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m aware that the default encryption provided by the zip command in Linux isn’t considered to be secure, but I’m curious – what algorithm does it use when encrypting with the --encrypt option?
Since the zip command will write out PKZIP files, it would follow they’re implementing the specs for that. Apparently the format allows for several distinct ciphers, the one typically considered “insecure” looks like it’s homegrown.
See here for a detailed discussion of how to break it, including some insights into the original algorithm: http://math.ucr.edu/~mike/zipattacks.pdf