6

I am looking to encrypt files on a flash drive (for backup) just in case it gets stolen or lost. I don't want to install any extra software like TrueCrypt but instead just use what's already there on most computers.

1) I can think of using 7z/zip which uses AES-256 (apparently good) and just password protect and archive the files.

According to [1], it's safe (I guess?).

But according to [2], apparently "It isn't that hard to decrypt a password protected ZIP file. There's plenty of apps out there to either figure out the password or just remove the password."

So, is this true? Is encrypted 7z/zip safe? How safe is it?

2) Are there any alternatives for encryption that you don't have to install any new programs to use?

3) Which is better to use? 7z or zip?

-

[1] Can password-protected zip files be broken without brute force?

[2] How secure is a Windows password protected zip file?

Marcel
  • 3,494
  • 1
  • 18
  • 35
T t
  • 61
  • 2
  • I'm not sure about this(-> no references + no answer), but I remind reading some time ago, that zip uses RC4 or something similarly broken and that it would be easy to crack it. And I remind further that the 7z format improved on that, maybe changed the symmetric algorithm and maybe added some PBKDF. To your question 3: I'd say 7z is more secure as it's a lot newer and not bound by compability as .zip is. – SEJPM May 03 '15 at 15:10
  • In the OP you said that you wanted to encrypt your backups in case they are lost or stolen. If you genuinely believe that the data is worth stealing, or that the contents are worth encrypting in the first place then you are using the wrong tool. I don't understand why you are averse to installing and using a proper tool either. That's like shooting yourself in the foot. Also, your backups should not be travelling around anyway, they should be in a well-defined location -- where they can't get lost. If that place happens to be your home (or office) then any risk of data theft should be supersed –  May 04 '15 at 20:09
  • If the archive is encrypted, removing the password is not hard but I remember having seen some software that do not encrypt the archive, but ask user for a password before continuing in the UI. There, removing the password (or using another software without the "password" feature) is enough to read the archive. AFAIR, 7zip doesn't do that and really encrypt the archive. But some other obscure zip tools might. – Xenos Jun 26 '18 at 12:46

2 Answers2

4

There's plenty of apps out there to [...] figure out the password.

Well, yeah, those are dictionary attacks. It doesn't matter if you're using AES-256 or FOOBAR-1024, if you choose a weak password it can be broken easily. The only thing that helps slightly against dictionary attacks is using an expensive key derivation function. From a comment on the question below, it appears that 7z uses 2^19 hashing operations to derive the key, probably giving some protection:

https://stackoverflow.com/questions/12470378/how-key-derivation-and-key-verification-functions-are-implemented-of-a-7-zip-arc

Is encrypted 7z/zip safe? How safe is it?

I haven't reviewed their code myself, but I would hope they are as strong as the underlying cryptographic primitives (e.g., 256 bits of security for AES-256). If a tool is so broken that it is not clear from its interface or documentation which cipher is being used at which bit strength, then don't use it.

256 bits of security is plenty safe; in fact, your password will almost certainly have fewer bits of real entropy than 256 unless you are very hard core.

Are there any alternatives for encryption that you don't have to install any new programs to use?

Depending on your definition of "install", you can use a custom LiveCD or virtual machine to run programs without "installing" them.

Which is better to use? 7z or zip?

zip, assuming WinZip AE-1 or AE-2 format is used for actual encryption. It uses standard protocols like PBKDF for key derivation, and others have probably written compatible software, so any discrepancies would've been noticed by now. 7z is just not in the same league.

OTOH, if you're using a random zip tool's "password protect archive" feature that doesn't mention AES-256 or PBKDF, it could be god-knows-what.

Atsby
  • 1,098
  • 7
  • 6
  • I didn't found the encryption algorithm in `man zip`. But instead I found "And where security is truly important, use strong encryption such as Pretty Good Privacy instead of the relatively weak standard encryption provided by zipfile utilities." – user285259 Oct 04 '18 at 08:17
2

For USB, SDcard, and other one-off external filesystems, I typically prefer using GPG in symmetric (-c ) mode. The GnuPG code is well designed for this purpose.

For Operating systems, in particular Windows, Linux/BSD, and OS X -- I am very careful to use a SED instead of (or in addition to) software-based filesystems and secure-boot protections. Mobile devices are much more suspect, although a well-configured iOS device (especially when it's powered off) does fairly well -- even when compared to the full desktop OSes.

When managing secure file sharing or messaging, I prefer a solution setup for success such as SendSafely, although iOS can leverage Signal. I feel there are rigorous individuals who are experts at both appsec and encryption behind both of these projects.

atdre
  • 18,885
  • 6
  • 58
  • 107