Zip file with passwd security?

We have client server based app which saves user related data into a zip file and sets th开发者_开发问答e passwd to the zip file programatically. Just wondering if it could be considered as secure. Thanks N

The "classic" encryption for Zip files is considered to be weak. It is breakable, quickly, by known methods. See: "A Known Plaintext Attack on the PKZIP Stream Cipher" for the original paper, by Biham and Kocher, from 1994. Yes, 16 years ago.

More recently there have been other exploits described, for example, the paper Yet another Plaintext Attack on ZIP's Encryption Scheme (WinZIP) says that a classic-zip encrypted file with 3 entries, and created by WinZip, can be cracked in 2 hours on a "pentium". This was based on an exploit of a weakness in the random number generator then-current WinZip v9.0 tool. I'm sure it would go much faster now, on current processors, but at the same time, I'm pretty sure WinZip, now at v12.0, has fixed this problem in their random number generator. Nevertheless, even without the specific-to-WinZip-v9 exploit, classic ZIP encryption remains weak.

This weak zip encryption that has been cracked is also known as "ZIP 2.0 encryption" or "PKZIP encryption".

Many modern ZIP toolkits also support AES encryption of ZIP entries. This is considered to be strong encryption, and is quite secure (** See note). WinZip, XCeed, and DotNetZip are three such tools that support reading and writing zip files with this encryption level. Among the three, DotNetZip is the only free option.

You didn't mention the library you use to programmatically produce the zip file. If you use DotNetZip, producing an AES-encrypted ZIP file in C# is as easy as this:

using (var zip = new ZipFile()) 
{
   zip.AddFile("MySensitiveFile.doc");
   zip.Encryption = EncryptionAlgorithm.WinZipAes128; 
   zip.Password = "Very.Secret!"; 
   zip.Save("MyEncryptedArchive.zip");
}

** note: Yoshi has published a paper entitled Attacking and Repairing the WinZip Encryption Scheme, describing exploits of WinZip's AES encryption to argue that WinZip's AES encryption is not secure. However, the exploits he describes rely on social-engineering or previous compromises or both. For example, the primary exploit described in the paper involves an attacker intercepting the encrypted zip file, modifying it, sending the modified copy to its intended recipient, getting the recipient to attempt to decrypt it and then send the result of that encryption back to the attacker, who can then decrypt the original file. This so-called "exploit" involves numerous leaps of faith, piled on the previous compromise of intercepted communication in both directions. No one has described any structural exploits of WinZip AES, on par with the exploits of ZIP classic encryption.

use 7zip, that has better password security - and also tick the 'encrypt filenames' option

Secure to what level? There are programs out there that can crack the password encryption on a zip file very quickly so if it has to withstand any sort of effort, then no.

If it's just a matter of ensuring that someone with a password can open it and to keep away casual prying eyes, then maybe.

If you want to have some halfway reasonably security I'd look into zipping up the data and then running it through proper encryption software like gpg.

You should ask a couple of question to yourself.

• Where are you storing the zip files?
• Which permissions are associated to the zip file?
• Is the password a strong password?

Usually, it's a good habit to store user data into a folder that is out of the webroot, not directly accessible. Password generators are also available and they should be used.