WINZIP Encryption - detect encrypt type

Posted on 2008-11-18
Medium Priority
Last Modified: 2012-05-05
I'm looking for a way to determine which encryption method was actually used.  As far as I can tell, WINZIP has 3 options.  The "2.0"  method, the AES 128 bit method and the AES 256 method.

A programmatic solution would be ideal, maybe something involving .NET, but I'de settle for any way of detecting it on a zip file that is already created.

The only indicator of encryption that I see is a asterisk next to the filename in the winzip dialog.  I just don't know how to determine which encryption method was used.

The reason I want to know is because I don't want anything to be encryped with the "2.0" method.

The first solution that came to mind was to use infozip to try and decrypt the file and if that worked, then I know that "2.0" was used because infozip doesn't support AES encryption, but that method isn't really a good sollution for me.
Question by:Jeff Darling
  • 3
  • 2
LVL 13

Author Comment

by:Jeff Darling
ID: 22985968
I think I just found the answer, but I'll leave this question open to the experts for a while to see if they agree or have anything to add.


LVL 13

Accepted Solution

Kelvin_King earned 2000 total points
ID: 22985987
Most likely you'll have to dig deep into the WinZip header formats.

I personally haven't done this before (detecting the encryption type used). But this is where I would start, and I believe is the correct direction (although extremely tedious).


The WiKi

Hope that helps
- Kelvin
LVL 13

Expert Comment

ID: 22986040
I found this quite useful in explaining the encryption process and some of the header content.

LVL 13

Expert Comment

ID: 22986054
>> I think I just found the answer, but I'll leave this question open to the experts for a while to see if they >> agree or have anything to add.

Yep. Agreed : )
LVL 13

Author Closing Comment

by:Jeff Darling
ID: 31517902
thanks for the response.  

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question