If I have an original file and a WinRAR password protected .rar file containing that file, can I extract the password?
Asked
Active
Viewed 2,022 times
1 Answers
6
No, in general you cannot.
WinRAR uses AES (128 or 256 depending on version) for encryption, which does not allow key recovery even with know plaintext and ciphertext.
It also uses key stretching to derive the encryption key from a password. The algorithm used in newer versions is PBKDF2 with a version dependent iteration count. So a key-guessing attack is only possible for low entropy passwords. There is a verifier in the file format that allows checking password guesses, so knowing a plaintext and/or ciphertext does not give any advantage there either.
otus
- 32,462
- 5
- 75
- 167