What encryption algorithm is used by linux's 'zip' command?
Solution 1
Since the zip command will write out PKZIP files, it would follow they're implementing the specs for that. Apparently the format allows for several distinct ciphers, the one typically considered "insecure" looks like it's homegrown.
See here for a detailed discussion of how to break it, including some insights into the original algorithm: http://math.ucr.edu/~mike/zipattacks.pdf
Solution 2
Traditional encryption is based on a stream cypher by Roger Schaffely. The exact, symmetric algorithm is illustrated here http://www.academia.edu/348210/PKZIP_Algorithm
Newer versions of the linux zip utility (zip-info) seem to be going to include AES encryption aswell: http://www.info-zip.org/phpBB3/viewtopic.php?f=4&t=396&p=2453&hilit=aes#p2453
Related videos on Youtube
Mike
I'm a programmer in Higher Education in Detroit. I mostly work with Magento and Android development, and (nearly) exclusively use Linux (Kubuntu, Debian, CentOS).
Updated on September 15, 2022Comments
-
Mike over 1 year
I'm aware that the default encryption provided by the
zip
command in Linux isn't considered to be secure, but I'm curious - what algorithm does it use when encrypting with the--encrypt
option?-
Marc B over 11 yearsSame as any other zip: en.wikipedia.org/wiki/Zip_%28file_format%29#Encryption
-
Pierz about 6 yearsThe algorithm used may be displayed using 7zip:
7z l -slt file.zip
-