Windows – What zip encryption is used by Windows Explorer

windows xpwindows-explorerzip

I'm trying to find out what algorithm and key strength is used by Windows (XP) Explorer in order to explain why it isn't secure, but it does not seem to be detailed anywhere (Google only seems to give me offers of other software, and MS KB search is about as useful as a chocolate fireguard).

I presume it uses the PKZIP stream cipher, which certainly has documented weaknesses, but I'd like to also note if the key strength is too small to prevent brute force.

Best Answer

  • I presume it uses the PKZIP stream cipher

    AFAIK, you're correct about that. Given that XP was originally released in 2001, more powerful encryption methods for securing Zip files were extremely rare (if available at all). The only protection that could be applied that could be reasonably expected to be usable by all recipients would have been the old stream cipher. (Think: Recipients of these zip files running Windows 98/ME/2000 that had WinZip or PKZIP installed.)

    I'd like to also note if the key strength is too small to prevent brute force.

    The pkzip stream cipher is so completely broken it doesn't matter.

  • Related Question