Analysis of Encrypted ZIP Files
Posted by Paul Bobby on November 4, 2008
The following is a practical demonstration concerning the file structure of ZIP archives, specifically created by Winzip, and the possible identification of encryption involved.
- Sean McLinden – Overview of ZIP Encryption
- AES Encryption Information: Encryption Specification AE-1 and AE-2
- ZIP File Format Specification
For this I used Winzip9.0SR1, and created four separate ZIP files with a single file included in the archive. The first zip was unencrypted, the second used ZIP Encryption, the third 128bit AES and the fourth 256bit AES.
Is the ZIP file encrypted?
Bytes 7 and 8 are called the General Purpose Bit Flags. They are read little-endian, and if bit 0 is set to 1, then the contents of the ZIP file are encrypted.
With the General Purpose Bit Flag set to 1 and the Compression Method set to 99 (0×63), this ZIP file has been encrypted using AES.
Furthermore, the AES Header that is added to the file header for each file in the archive, contains data specific to the implementation of AES and the encryption of each file.
The AES Header signature (0×9901) is followed by the data size, vendor version and vendor ID values. Highlighted is the value of the Encryption Strength field:
- 0×01 = 128bit
- 0×02 = 192bit
- 0×03 = 256bit
And finally the Compression Method field contains the real value that would otherwise have been in the local and central headers of the archive (0×0800 is deflated).
In Winzip9.0, AES is the only strong algorithm implemented. Newer versions allow for encrypting of the filenames within the archive, as well as a variety of cryptographic algorithms.