The Weakness of WinRAR Encrypted Archives to Compression Side-channel Attacks

Get BibTex-formatted data

Download

PDF

Author

Kristine Arthur-Durett

Tech report number

CERIAS TR 2015-01

Entry type

mastersthesis

Abstract

This paper explores the security of WinRAR encrypted archives. Previous works concerning potential attacks against encrypted archives are studied and evaluated for practical implementation. These attacks include passive actions examining the effects of compression ratios of archives and the files contained, the study of temporary artifacts and active man-in-the-middle attacks on communication between individuals. An extensive overview of the WinRAR software and the functions implemented within it is presented to aid in understanding the intricacies of attacks against archives. Several attacks are chosen from the literature to execute on WinRAR v5.10. Select file types are identified through the examination of compression ratios. The appearance of a file in an archive is determined through both the appearance of substrings in the known area of an archive and the comparison of compression ratios. Finally, the author outlines a revised version of an attack that takes advantage of the independence between the compression and encryption algorithms. While a previous version of this attack only succeeded in removing the encryption from an archive, the revised version is capable of fully recovering an original document from a encrypted compressed archive. The advantages and shortcomings of these attacks are discussed and some countermeasures are briefly mentioned.

Download

PDF

Date

2015 – 1 – 1

Key alpha

Arthur-Durett

School

Purdue University

Publication Date

2015-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Mastersthesis{ Arthur-Durett,
	title = "The Weakness of WinRAR Encrypted Archives to Compression Side-channel Attacks",
	author = "Kristine Arthur-Durett",
	year = "2015",
	month = "1",
	school = "Purdue University",
	day = "1",
	abstract = "This paper explores the security of WinRAR encrypted archives.  Previous works concerning potential attacks against encrypted archives are studied and evaluated for practical implementation.  These attacks include passive actions examining the effects of compression ratios of archives and the files contained, the study of temporary artifacts and active man-in-the-middle attacks on communication between individuals.  An extensive overview of the WinRAR software and the functions implemented within it is presented to aid in understanding the intricacies of attacks against archives.
  
  Several attacks are chosen from the literature to execute on WinRAR v5.10.  Select file types are identified through the examination of compression ratios.  The appearance of a file in an archive is determined through both the appearance of substrings in the known area of an archive and the comparison of compression ratios.
  
  Finally, the author outlines a revised version of an attack that takes advantage of the independence between the compression and encryption algorithms.  While a previous version of this attack only succeeded in removing the encryption from an archive, the revised version is capable of fully recovering an original document from a encrypted compressed archive.  The advantages and shortcomings of these attacks are discussed and some countermeasures are briefly mentioned.",
}