On the Security of the WinRAR Encryption Method
In this paper, we present several attacks on the WinRAR encryption method. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. No matter how securely designed each primitive is, using them especially in associa...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 416 |
|---|---|
| container_issue | |
| container_start_page | 402 |
| container_title | |
| container_volume | |
| creator | Yeo, Gary S. -W. Phan, Raphael C. -W. |
| description | In this paper, we present several attacks on the WinRAR encryption method. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. No matter how securely designed each primitive is, using them especially in association with other primitives does not guarantee secure systems. Instead, time and again such a practice has resulted in flawed systems. Our results, compared to recent attacks on WinZip, show that WinRAR appears to offer slightly better security features. |
| doi_str_mv | 10.1007/11556992_29 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_17182445</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>17182445</sourcerecordid><originalsourceid>FETCH-LOGICAL-p219t-60016cb063cb4bdfd6be577dca29a5ded460abdcc4297df227be75d41b54f62e3</originalsourceid><addsrcrecordid>eNpNkEtLw1AQha8vsNSu_APZuHARO3OfvctSWhUqhaq4vNxXbLQmITcu8u-NVsTZHIbzMXM4hFwi3CCAmiIKIbWmhuojMtFqxgQHhpqBPCYjlIg5Y1yf_HlUA-DslIyAAc214uycTFJ6g2EYzqgUIzLdVFm3i9lj9J9t2fVZXfzsL2W1nW-zZeXbvunKusoeYrerwwU5K-w-xcmvjsnzavm0uMvXm9v7xXydNxR1l8vhs_QOJPOOu1AE6aJQKnhLtRUhBi7BuuA9p1qFglLlohKBoxO8kDSyMbk63G1s8nZftLbyZTJNW37Ytjeohvyci4G7PnBpsKrX2BpX1-_JIJjv0sy_0tgXAJVXxA</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>On the Security of the WinRAR Encryption Method</title><source>Springer Books</source><creator>Yeo, Gary S. -W. ; Phan, Raphael C. -W.</creator><contributor>Bao, Feng ; Deng, Robert H. ; Lopez, Javier ; Zhou, Jianying</contributor><creatorcontrib>Yeo, Gary S. -W. ; Phan, Raphael C. -W. ; Bao, Feng ; Deng, Robert H. ; Lopez, Javier ; Zhou, Jianying</creatorcontrib><description>In this paper, we present several attacks on the WinRAR encryption method. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. No matter how securely designed each primitive is, using them especially in association with other primitives does not guarantee secure systems. Instead, time and again such a practice has resulted in flawed systems. Our results, compared to recent attacks on WinZip, show that WinRAR appears to offer slightly better security features.</description><edition>1st ed</edition><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 9783540290018</identifier><identifier>ISBN: 354029001X</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 9783540319306</identifier><identifier>EISBN: 3540319301</identifier><identifier>DOI: 10.1007/11556992_29</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Attack Scenario ; Compression Method ; Computer science; control theory; systems ; Computer systems and distributed systems. User interface ; Encryption Method ; Exact sciences and technology ; Header Type ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Plaintext Attack ; Software</subject><ispartof>Information Security, 2005, p.402-416</ispartof><rights>Springer-Verlag Berlin Heidelberg 2005</rights><rights>2005 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11556992_29$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11556992_29$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,775,776,780,785,786,789,4036,4037,27902,38232,41418,42487</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=17182445$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Bao, Feng</contributor><contributor>Deng, Robert H.</contributor><contributor>Lopez, Javier</contributor><contributor>Zhou, Jianying</contributor><creatorcontrib>Yeo, Gary S. -W.</creatorcontrib><creatorcontrib>Phan, Raphael C. -W.</creatorcontrib><title>On the Security of the WinRAR Encryption Method</title><title>Information Security</title><description>In this paper, we present several attacks on the WinRAR encryption method. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. No matter how securely designed each primitive is, using them especially in association with other primitives does not guarantee secure systems. Instead, time and again such a practice has resulted in flawed systems. Our results, compared to recent attacks on WinZip, show that WinRAR appears to offer slightly better security features.</description><subject>Applied sciences</subject><subject>Attack Scenario</subject><subject>Compression Method</subject><subject>Computer science; control theory; systems</subject><subject>Computer systems and distributed systems. User interface</subject><subject>Encryption Method</subject><subject>Exact sciences and technology</subject><subject>Header Type</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Plaintext Attack</subject><subject>Software</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>9783540290018</isbn><isbn>354029001X</isbn><isbn>9783540319306</isbn><isbn>3540319301</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2005</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpNkEtLw1AQha8vsNSu_APZuHARO3OfvctSWhUqhaq4vNxXbLQmITcu8u-NVsTZHIbzMXM4hFwi3CCAmiIKIbWmhuojMtFqxgQHhpqBPCYjlIg5Y1yf_HlUA-DslIyAAc214uycTFJ6g2EYzqgUIzLdVFm3i9lj9J9t2fVZXfzsL2W1nW-zZeXbvunKusoeYrerwwU5K-w-xcmvjsnzavm0uMvXm9v7xXydNxR1l8vhs_QOJPOOu1AE6aJQKnhLtRUhBi7BuuA9p1qFglLlohKBoxO8kDSyMbk63G1s8nZftLbyZTJNW37Ytjeohvyci4G7PnBpsKrX2BpX1-_JIJjv0sy_0tgXAJVXxA</recordid><startdate>2005</startdate><enddate>2005</enddate><creator>Yeo, Gary S. -W.</creator><creator>Phan, Raphael C. -W.</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2005</creationdate><title>On the Security of the WinRAR Encryption Method</title><author>Yeo, Gary S. -W. ; Phan, Raphael C. -W.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p219t-60016cb063cb4bdfd6be577dca29a5ded460abdcc4297df227be75d41b54f62e3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2005</creationdate><topic>Applied sciences</topic><topic>Attack Scenario</topic><topic>Compression Method</topic><topic>Computer science; control theory; systems</topic><topic>Computer systems and distributed systems. User interface</topic><topic>Encryption Method</topic><topic>Exact sciences and technology</topic><topic>Header Type</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Plaintext Attack</topic><topic>Software</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Yeo, Gary S. -W.</creatorcontrib><creatorcontrib>Phan, Raphael C. -W.</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Yeo, Gary S. -W.</au><au>Phan, Raphael C. -W.</au><au>Bao, Feng</au><au>Deng, Robert H.</au><au>Lopez, Javier</au><au>Zhou, Jianying</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>On the Security of the WinRAR Encryption Method</atitle><btitle>Information Security</btitle><date>2005</date><risdate>2005</risdate><spage>402</spage><epage>416</epage><pages>402-416</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>9783540290018</isbn><isbn>354029001X</isbn><eisbn>9783540319306</eisbn><eisbn>3540319301</eisbn><abstract>In this paper, we present several attacks on the WinRAR encryption method. These attacks are possible due to the subtlety in developing security software based on the integration of multiple cryptographic primitives. No matter how securely designed each primitive is, using them especially in association with other primitives does not guarantee secure systems. Instead, time and again such a practice has resulted in flawed systems. Our results, compared to recent attacks on WinZip, show that WinRAR appears to offer slightly better security features.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11556992_29</doi><tpages>15</tpages><edition>1st ed</edition></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0302-9743 |
| ispartof | Information Security, 2005, p.402-416 |
| issn | 0302-9743 1611-3349 |
| language | eng |
| recordid | cdi_pascalfrancis_primary_17182445 |
| source | Springer Books |
| subjects | Applied sciences Attack Scenario Compression Method Computer science control theory systems Computer systems and distributed systems. User interface Encryption Method Exact sciences and technology Header Type Memory and file management (including protection and security) Memory organisation. Data processing Plaintext Attack Software |
| title | On the Security of the WinRAR Encryption Method |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-28T19%3A20%3A40IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=On%20the%20Security%20of%20the%20WinRAR%20Encryption%20Method&rft.btitle=Information%20Security&rft.au=Yeo,%20Gary%20S.%20-W.&rft.date=2005&rft.spage=402&rft.epage=416&rft.pages=402-416&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=9783540290018&rft.isbn_list=354029001X&rft_id=info:doi/10.1007/11556992_29&rft_dat=%3Cpascalfrancis_sprin%3E17182445%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=9783540319306&rft.eisbn_list=3540319301&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |