Authors:
Sein Coray
;
Iwen Coisel
and
Ignacio Sanchez
Affiliation:
European Commission, Joint Research Centre (DG JRC) - Via Enrico Fermi 2749, 21027 Ispra (VA) and Italy
Keyword(s):
Stream Cipher, High Performance Computing, Forensics, Passwords, Cybersecurity, Cryptanalysis.
Related
Ontology
Subjects/Areas/Topics:
Computer-Supported Education
;
Enterprise Information Systems
;
Information Systems Analysis and Specification
;
Information Technologies Supporting Learning
;
Security
;
Security and Privacy
Abstract:
Data archives are often compressed following the PKZIP format and can optionally be encrypted with either the PKZIP stream cipher or the AES block cipher. In this article, we present new implementations of two attacks against the PKZIP stream cipher. To our knowledge, this is the first time those attacks have been demonstrated on Graphical Processing Unit (GPU). Our first implementation is retrieving archive passwords using the internal state of the PKZIP stream cipher obtained through the known-plaintext attack of Biham and Kocher. Passwords up to length 14 can be recovered within a month considering a single Nvidia 1080 Ti GPU. If one hundred of those cards are available, passwords up to length 15 would be recovered in less than 27 days. The second implementation is a more direct attack designed to retrieve an archive’s password without requiring any additional knowledge than the ciphertext. Experimental results show that our two implementations are at least ten times faster than t
he state of the art. This is an undeniable asset for investigators who may be particularly interested in further deepening their forensic analysis on an encrypted archive.
(More)