**BM-2cUcG2ZioTvBNKaPnA8RbAVgWtFrgr7tbX**

May 14 16:40 [raw]

I finally found time to take a closer look at the encryption algorithm by Roger Schlafly that is used in PKZIP and have developed a practical known plaintext attack that can find the entire 96-bit internal state. The basic encryption algorithm has four steps, two of which are based on linear shift registers, one is like a linear congruential, and the final converts the contents of an internal state register into an 8-bit value to XOR onto a plaintext byte. A complete description of the algorithm is included in the file APPNOTE.TXT, which is included with PKZIP version 1.1 (check Archie for "pkz110.exe"). Although the algorithm is substantially better than the toy ciphers used in many products, I have developed a practical known plaintext attack that finds the 96 bit internal state. Unlike the ZipCrack program I released a couple years ago, this attack finds the internal state registers directly and does not involve a brute-force attack on the password. If adequate known plaintext is available, my attack will find the state, regardless of the password's size or content. My attack is an improvement on a known plaintext attack described in a paper by Biham (unpublished work) that takes 2^38+ operations. My improvements reduce the amount of work required by approximately a factor of 1500 with 200 bytes of plaintext. With less plaintext the attack will take somewhat more time, but just 40 bytes should be enough to be practical. I've written code for all steps of the attack; a version written in C with a few optimizations in inline assembly runs in less than a day on my '486. The attack will work with versions 1.1 or 2.xx of PKZIP and other programs using the same algorithm. A more in-depth description of the attack will be made available soon, but I wanted to let people using PKZIP (and any other programs that use the same algorithm) know immediately about the weakness.

**[chan] general**

May 14 23:26 [raw]

All encryption algorithms are designed with back door algorithms. Just as you have commutative and associative rules to encrypt / decrypt, there are commuatative equations to the algorithm itself.

**[chan] general**

May 15 08:40 [raw]

why are you reposting shit from 1994 https://catless.ncl.ac.uk/Risks/16/39

BM-2cW67GEKkHGonXKZLCzouLLxnLym3azS8r