Is 7z encryption safe?
7-zip (or any other similar utilities) encryption is designed to protect archived files. So, as long as the tool designers did their job well, you are safe for the second case (somebody getting his hand on the encrypted file and trying to crack it).
Strength of 7Zip AES Encryption
7Zip uses AES 256-bit encryption, the strongest version of AES. This means that a file encrypted is considered unbreakable without the encryption key, and guessing the key through brute force attacks will be equally impossible unless a particular scheme is discovered to crack AES keys.
"7z Cracker is an opensource cracking tool which can extract any password protected 7zip file". I also found this answer in this forum that talks about John The Ripper: "John The Ripper can crack these AES-256 encrypted archives."
The 7z format
Open architecture. High compression ratio. Strong AES-256 encryption. Ability to use any compression, conversion, or encryption method.
7-Zip is an open source software used to compress or zip files secured with encryption. When you send or transfer files that contain Personal Identifiable Information (PII) or other confidential and sensitive data, the files must be encrypted to ensure they are protected from unauthorized disclosure.
Filed under CVE-2022-29072, the vulnerability is using the included 7-Zip Help file, 7-zip. chm, for the exploit. Attackers need to drag and drop files with the 7z extension on to the Help > Contents area in the 7-Zip interface.
7-Zip is located in Novosibirsk, Novosibirsk, Russian Federation .
7z archive. From my own calculations (using a password cracker) a 1-12char passworded . ZIP file can be brute forced in only 5-6 days on today's PCs. And if you use WinZip 8.0 or previous (they fixed it in 8.1) your password can be cracked in under 7mins.
Zip files can be password-protected, but the standard Zip encryption scheme is extremely weak. If your operating system has a built-in way to encrypt zip files, you probably shouldn't use it. To gain the actual benefits of encryption, you should use AES-256 encryption.
The answer is simple: it's because you can do so much more with WinZip and you can do it faster, better and with ongoing support for even more productivity and convenience features. WinZip vs 7-Zip is no match: WinZip is a more versatile, powerful, and simpler alternative to 7-Zip.
Should I use 7-Zip?
While 7-Zip provides support for ZIP files, you get better results using the software's own 7z format, which uses advanced LZMA and LZMA2 compression algorithms for superior file-squashing. The brains behind 7-Zip suggest that 7z is typically between 30% and 70% more efficient than the old ZIP format.
Final verdict. 7-Zip is a strong free option for a file compression utility, with wide support for various file formats, and it's generally easy-to-use – although diving deep into the menus might be intimidating for the less tech-savvy.
Zip files can be password-protected, but the standard Zip encryption scheme is extremely weak. If your operating system has a built-in way to encrypt zip files, you probably shouldn't use it. To gain the actual benefits of encryption, you should use AES-256 encryption.
Veracrypt was cracked with an updated version of the Elcomsoft Forensic Disk Decryptor. The utility helps “experts to extract on-the-fly encryption keys from the computer's RAM to instantly mount or decrypt VeraCrypt-protected disks without running password attacks and bypassing the associated complexity altogether.”
7za.exe is an executable file of 7-zip used mainly for the purpose of zipping multiple files in a bulk. Usually located in C:\Program Files, it becomes malicious when spammers tamper and mimic the original file type. It is one of the most powerful viruses that can spread in the computer and corrupt all the files.
