Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!samsung!munnari.oz.au!comp.vuw.ac.nz!am.dsir.govt.nz!marcamd!mercury!kcbbs!kc
From: Peter_Gutmann@kcbbs.gen.nz (Peter Gutmann)
Newsgroups: comp.compression
Subject: Re: Security of PKZIP's encryption
Message-ID: <1991Mar28.111130.1092@kcbbs>
Date: 28 Mar 91 11:11:30 GMT
Lines: 15
Organisation: Kappa Crucis Unix BBS, Auckland, New Zealand

I've used the technique you mentioned in your article in my own arithmetic 
compressor, but like you don't really know how secure it is (hmmm, email 
from Moscow...I've been trying to mail someone there for over a month 
with no success).  Anyway, about the PKZIP encryption:  From memory 
this encrypts some short checksum using the CRC tables, which is then 
decrypted to check that the supplied password is correct.  IMHO this 
is a major flaw, since it does away with the need for any sort of fancy 
attack on the encryption security (eg known plaintext).  All you need 
to do is use the (very fast) encryption technique to do a brute-force 
attack on the checksum until the password drops out.

Disclaimer:  The details of the ZIP encryption are somewhat hazy at 
the moment...

Peter.