#63 ABOUT 7-ZIP CRYPTO

[Anonymous]

How does crypto stuff work in 7z archives?
Does it use the password to derive the crypto key, or to
encode a random session key (like PGP)?
And, if there is a PW encoded session key (it seems
more secure), is there one for encrypting all elements of
the archive (single files or single solid blocks, headers),
or are there more session keys (one for each file/solid
block)?
Why doesn't 7-zip "follow the masses", and implement a
(faster) 128-bit AES key?

[Igor Pavlov]

Logged In: YES
user_id=65083

http://www.7-zip.org/7z.html
7-Zip also supports encryption with AES-256 algorithm. This
algorithm uses cipher key with length of 256 bits. To create
that key 7-Zip uses derivation function based on SHA-256
hash algorithm. A key derivation function produces a derived
key from text password defined by user. For increasing the
cost of exhaustive search for passwords 7-Zip uses big
number of iterations to produce cipher key from text
password.

Each solid block can have its own key. But now it uses same
key. Protection from dictionary attack (mixing password with
random data) is supported but it's still disabled in 7-zip.

> Why doesn't 7-zip "follow the masses", and implement a
(faster) 128-bit AES key?

256-bit AES key is also pretty fast. At least it's faster than
compressing.

[Nobody/Anonymous]

Logged In: NO

if you need encryption
you wouldn't care about speed.
you'ed care about security