[Cryptography] Best/simplest document encryption

Dave Howe davehowe.pentesting at gmail.com
Fri Mar 22 07:40:22 EDT 2019

On 21/03/2019 22:41, Tom Mitchell wrote:
> I do not think Zip encryption is worth looking at, but is worth a 
> comment.
> So for something not to do unless I am ill informed. 
> /how-to-use-7-zip-to-encrypt-files-and-folders/

As I understand it, the commerical WinZip and the free 7z both use a
decent implementation of AES256 - so are viable provided you pick (and
can communicate out of band) a decent password.  KDF on both is 1K
iterations (for compatibility) but it is worth noting 7z had a poor PRNG
for its IV generator prior to v19 (2019-02-22) so worth upgrading if older.

The original pkzip algo is worse than useless, of course :)

More information about the cryptography mailing list