How key_derivation and key_verification functions are implemented of a 7-zip archive's encryption mechanism?

About

Asked 18/9, 2012 at 4:28 Answered 18/9, 2012 at 8:47

Solved encryption cryptography 7zip password-recovery cryptanalysis

I am curious about how password recovery works for password protected files. And I want to know the exact flow of the 7-zip encryption mechanism.

7-zip uses AES-256 encryption algorithm in CBC mode, to encrypt files or a folder. The key is generated from user supplied pass-phrase based on SHA-256 hash function. The SHA-256 is executed 2¹⁹ (524,288) times to increase the cost of exhaustive search. Also, to help reduce the risk of dictionary attacks, salt is appended to original pass-phrase before generating hash.

My First question is how does key_derivation function work to generate a 256-bit key ? What is importance of IV for AES CBC mode and how it is generated?

My second and most important question is how key is verified to decrypt the 7-zip archive ? I mean how does its key_verification function work ?

Sixtyfourmo answered 18/9, 2012 at 4:28 Comment(2)

Have you tried to contact one of the authors? Documentation about 7zip is very (very) sparse, and the source code is - for lack of a better word - shit. – Targum 18/9, 2012 at 8:49

@ owlstead, Sir, I did not try to contact any authors. Just few days back i started to googled it, but i am not founding any technical documents relevant to 7-zip encryption. – Sixtyfourmo 18/9, 2012 at 9:4

The key derivation function is in the source of file 7zAes.cpp, it's called:

void CKeyInfo::CalculateDigest()

and it creates the key using a proprietary (rather dull) mechanism.

I haven't been able to find the key_verification method yet, if it exists. I'll let you know if I do find it.

Targum answered 18/9, 2012 at 8:47 Comment(4)

Documentation - including the specifications of the 7zip container format - seems to be missing in action. I even haven't had the pleasure to find a single source code comment in the crypto libs. – Targum 18/9, 2012 at 8:48

I agree with you, I went through the same code to know how key is generated. But two things i didn't get actually. First, since numRounds is calculated using "NumCyclesPower" which is initiated to zero. Then how this "for (UInt64 round = 0; round < numRounds; round++) " loop is supposed to run 2^19 times ? – Sixtyfourmo 18/9, 2012 at 8:52

Second, pass-phrase is appended without any encoding (i.e. UTF-16) mechanism. Does it means 7-zip does not using any encoding mechanism to generate a long string input message for SHA-256? – Sixtyfourmo 18/9, 2012 at 9:0

The inputs for the Sha256_Update is all bytes, Password seems to be a CByteArray, but I cannot directly see where it is set, and with this code base I would not know where to look for that either. – Targum 18/9, 2012 at 12:28

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags