Sep 142011
 

TrueZIP 7.3 and later supports the WinZip AES encryption and authentication scheme. This post shows you if and how to use it.

Disclaimer

Before I show you how to use the WinZip AES scheme with TrueZIP 7.3+, I need to tell you that the security level of the WinZip AES scheme is contended: In 2004, Tadayoshi Kohno wrote an excellent paper named “Attacking and Repairing the WinZip Encryption Scheme” which provides you with all the details if you want. I’m not going into these details here, but it should suffice to say that the most important weakness is that the WinZip AES scheme encrypts and authenticates entry contents only while all meta data is left unencrypted and unauthenticated! This opens the door to many attacks: For example, an attacker could read the central directory or replace any entry without notice. Unfortunately, this was never fixed by WinZip Inc. But to be fair with them, I need to say it would be hard to fix this without breaking binary compatibility – they might as well invent something new.

Use Case

So why bother with this scheme at all? Well, WinZip AES is popular, so you might not have a choice and need to read or update this file format. Or you might need to append encrypted and authenticated entries to an existing ZIP file, which is not possible with the alternative RAES scheme in the module TrueZIP Driver ZIP.RAES (TZP). Of course, appending would only make sense if the existing ZIP file solely contains WinZip AES entries, i.e. ZIP entries which have their content encrypted and authenticated according to the WinZip AES scheme.

In any other case, I’ld recommend to use the RAES scheme in the module TrueZIP Driver ZIP.RAES (TZP). The RAES scheme is a wrapper file format which encrypts and authenticates it’s entire pay load using AES-256 with HMac/SHA-256 according to PKCS #12 as its PBKDF (if this doesn’t make much sense to you, never mind – just try it).

Using the File* API

First, for comparison, let’s recap how to write an encrypted and authenticated entry to a ZIP.RAES file by copying the file named "file" to the entry named "entry" within the ZIP.RAES file named "archive.tzp" with the API of the client module TrueZIP File*:

TFile src = new TFile("file");
TFile dst = new TFile("archive.tzp/entry"); // detect ZIP.RAES file name with .tzp extension
src.cp(dst); // copy entry to JAR file with RAES encryption and authentication

As you can see, it’s dead simple: By declaring the object dst to refer to the path "archive.tzp/entry", TrueZIP detects that you want this entry to be located in a ZIP.RAES file. The following call to the copy method cp() then writes the new entry to the archive file. Mind that this example presumes that the JARs of the driver modules TrueZIP Driver FILE and TrueZIP Driver ZIP.RAES (TZP) are present on the run time class path.

With the WinZip AES scheme however, you are writing to a regular ZIP file and hence you need to tell the API that you want entries to get encrypted and authenticated when writing them:

TFile src = new TFile("file");
TFile dst = new TFile("archive.zip/entry"); // detect ZIP file name with .zip extension
TConfig config = TConfig.get();
config.setOutputPreferences(config.getOutputPreferences().set(FsOutputOption.ENCRYPT));
src.cp(dst); // copy entry to ZIP file with WinZip AES encryption and authentication

Similar to the previous example, by declaring the object dst to refer to the path "archive.zip/entry", TrueZIP detects that you want this entry to be located in a ZIP file. In order to tell the ZIP driver to encrypt and authenticate the entry according to the WinZip AES scheme however, you have to obtain the TConfig object which represents the current configuration by calling TConfig.get() and change it so that the FsOutputOption.ENCRYPT is set before you actually write the ZIP entry by using the cp() method again. Mind that this example presumes that the JARs of the driver modules TrueZIP Driver FILE and TrueZIP Driver ZIP are present on the run time class path.

Note that the TConfig object obtained by calling TConfig.get() always refers to the current configuration. By default, this TConfig object is also identical to the global configuration, which is shared by all threads. In most cases however, you don’t want your changes to affect any other threads. As an alternative, you can make the current configuration inheritable thread local like this:

TFile src = new TFile("file");
TFile dst = new TFile("archive.zip/entry"); // detect ZIP file name with .zip extension
TConfig config = TConfig.push();
try {
    config.setOutputPreferences(config.getOutputPreferences().set(FsOutputOption.ENCRYPT));
    src.cp(dst); // copy entry to ZIP file with WinZip AES encryption and authentication
} finally {
    config.close();
}

The call to TConfig.push() copies the current configuration and pushes it as a new element on the inheritable thread local stack of configurations. Accordingly, once done, the call to TConfig.close() pops this copy off the stack again.

Using the try-with-resources statement in Java 7, you could even shorten this to:

TFile src = new TFile("file");
TFile dst = new TFile("archive.zip/entry"); // detect ZIP file name with .zip extension
try (TConfig config = TConfig.push()) {
    config.setOutputPreferences(config.getOutputPreferences().set(FsOutputOption.ENCRYPT));
    src.cp(dst); // copy entry to ZIP file with WinZip AES encryption and authentication
}

Key Management

When you run these examples, you should see a Swing dialog prompting you for a password for the archive files “archive.tzp” or “archive.zip” respectively. This is how it looks in English:

And this is how it looks in German:

If the JVM is running headless, you will see a console prompt instead. If the console is not available too, you should get an exception.

Typically, you will want to implement your own password/key management. For the WinZip AES scheme, you can do so by following the instructions in this article: http://truezip.java.net/truezip-driver/truezip-driver-zip/key-management.html. For the RAES scheme, you can do so by following the instructions in this article: http://truezip.java.net/truezip-driver/truezip-driver-tzp/key-management.html.

That’s it – enjoy TrueZIP!

  3 Responses to “How to use WinZip AES encryption”

  1. Is it possible to encypt directory, and not to be able to go into directory and see file list?

    • One weakness of the WinZip AES encryption scheme is that it does not encrypt or authenticate the meta data, i.e. the directory structure. If you need this, then you should use TrueZIP Driver ZIP.RAES instead of TrueZIP Driver ZIP. ZIP.RAES (alias TZP) wraps the entire ZIP file into an encryption and authentication file format.

  2. […] post: How to use WinZip AES encryption » The TrueZIP Blog Categories: Uncategorized Tags: aes, all-meta, entry-contents, important-weakness, […]

Sorry, the comment form is closed at this time.