Q

Encryption capabilities of PKZIP

One of our network people is telling me that PKZIP has an encryption routine in it. He claims that zipping the

file and using a password on it also encrypts it. When questioned about the key and how/what encryption it is, he could not answer for certain. Is this the case? My recollection of PKZIP is that it is a data compression tool and putting a password on it does NOT encrypt the data.


PKZIP does have an encryption feature, based on a proprietary algorithm, but they don't seem to talk about it much and readily admit that it's vulnerable to brute-force attack.

Security is based on a password of up to 255 characters which is used to encrypt the zipped files. But there are numerous tools available to crack the passwords, and few users seem to have any real faith in PKZIP security.

The company is believed to be working on a stronger version of the algorithm, but no word yet on details or a release date.

The product also has a digital signature feature for authentication.


For more information on this topic, visit these other resources on SearchSecurity.com:
Featured Topic: The encryption debate
Scheier's Security Product Roundup: PKI complexities, cost hold promising technology back
Strom's Security Tool Shed: File encryption made easy


This was first published in March 2002

Dig deeper on Disk Encryption and File Encryption

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close