Recently I was testing whether I could make 7-Zip archives more bruteforce-resistant. Both someone on Wikipedia and @kelalaka on this website make the following claim:
The 7z format supports encryption with the AES algorithm with a 256-bit key. The key is generated from a user-supplied passphrase using an algorithm based on the SHA-256 hash function. The SHA-256 is executed 218 (262144) times, which causes a significant delay on slow PCs before compression or extraction starts. This technique is called key stretching and is used to make a brute-force search for the passphrase more difficult. Current GPU-based, and custom hardware attacks limit the effectiveness of this particular method of key stretching, so it is still important to choose a strong password. The 7z format provides the option to encrypt the filenames of a 7z archive.
7zip uses 2^19-times iterated SHA256 to derive the AES-256 key from passwords.
The problem is that I cannot verify this claim. I grepped for various keywords and the closest I got was the following piece of code:
[20:19:36] d33tah@d33tah-pc:/tmp/p7zip-16.02+dfsg(0) > grep -A10 'static void DeriveKey2' CPP/7zip/Crypto/ZipStrong.cpp
static void DeriveKey2(const Byte *digest, Byte c, Byte *dest)
{
Byte buf[64];
memset(buf, c, 64);
for (unsigned i = 0; i < NSha1::kDigestSize; i++)
buf[i] ^= digest[i];
NSha1::CContext sha;
sha.Init();
sha.Update(buf, 64);
sha.Final(dest);
}
However, it's not SHA-1, but xor. Am I looking at the wrong place in the source code? Here's a GitHub repository I found for convenience (grepping was done on the result of apt-get source p7zip-full).
