Ask the Expert

Encryption capabilities of PKZIP

One of our network people is telling me that PKZIP has an encryption routine in it. He claims that zipping the file and using a password on it also encrypts it. When questioned about the key and how/what encryption it is, he could not answer for certain. Is this the case? My recollection of PKZIP is that it is a data compression tool and putting a password on it does NOT encrypt the data.

    Requires Free Membership to View

PKZIP does have an encryption feature, based on a proprietary algorithm, but they don't seem to talk about it much and readily admit that it's vulnerable to brute-force attack.

Security is based on a password of up to 255 characters which is used to encrypt the zipped files. But there are numerous tools available to crack the passwords, and few users seem to have any real faith in PKZIP security.

The company is believed to be working on a stronger version of the algorithm, but no word yet on details or a release date.

The product also has a digital signature feature for authentication.

For more information on this topic, visit these other resources on
Featured Topic: The encryption debate
Scheier's Security Product Roundup: PKI complexities, cost hold promising technology back
Strom's Security Tool Shed: File encryption made easy

This was first published in March 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: