加密的zip文件有多安全？如果我们有解压缩形式的加密压缩文件怎么办？ [英] How safe are encrypted zip files? What if we have the unzipped form of an encrypted zipped file?

问题描述

（（（

我知道如果我们使用复杂的密码来存储超过8个字符的zip文件，那么它非常安全且无法轻易破解......

例如，对于一个8位数的复杂密码（包含ABC，abc，123，！@＃），超级计算机测试所有组合需要83.5天，9位数需要22年！ ！）

）））



但是在一个例子中，我们有一个包含多个文件的加密zip文件，我们提取了其中一个文件的形式



在这种情况下，如果有原始和压缩加密的文件，我们是否可以编写一个容易破解密码的程序......？不需要花费数月甚至数年才能破解？



这是可能的，会有问题;例如，一个zip文件可能包含thumbs.db或desktop.ini文件，它们在各处使用几乎相同的模式......而且更常见：每种文件格式都有自己的十六进制模式！ ！ （例如，EF BB BF用于UTF-8文本文件）...以及我们知道文本文件的一部分内容的情况......等等

(((
I know that if we use a complicated password for zip files that has more than 8 characters, it's quite safe and can't be cracked easily...
For example, for an 8-digits complicated password (containing ABC,abc,123,!@#), it takes 83.5 days for a supercomputer to test all combinations, and 22 years for a 9-digit!!!!)
)))

But in an example, we have an encrypted zip file that contains multiple files, and we have the extracted form of one of those files

In this case and with having the original and zipped-encrypted file, can we write a program that cracks the password easily...? Not by taking months or even years to crack?

It it's possible, there will be problems; for example, a zip file may contain ""thumbs.db"" or ""desktop.ini"" files, that use almost the same pattern everywhere... and more common: every file format has its own hex pattern too!!! (For example, EF BB BF for UTF-8 text files)... and situations that we know the contents of a part of a text file... etc.

推荐答案

没有什么能阻止您将其他ZIP文件打包在更大的ZIP文件中，所有ZIP文件都使用不同的密码加密。我不能说它有多大意义，但它解决了你的顾虑。

更严重的问题是另一个问题：你将如何自己提供密码？一种解决方案是ZIP不使用的公钥加密，但可以单独用于密钥分发，然后，使用基于公钥加密的秘密消息，您可以传输ZIP密码。

-SA

Nothing prevents you from packing other ZIP files in a bigger ZIP file, all encrypted with different passwords. I cannot say how much sense would it make, but it addresses your concern.
More serious problem is another one: how would you deliver the passwords themselves? One solution is the public-key cryptography which is not used by ZIP, but can be separately used just for key distribution, and then, using the secret message based on the public-key cryptography, you can transmit the ZIP passwords.

—SA

这篇关于加密的zip文件有多安全？如果我们有解压缩形式的加密压缩文件怎么办？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！