What is the impact of the reported weak IV in 7 Zip?












7















It has been reported that 7 Zip generates IVs in the weak manner.



What is the actual impact of this? I'm asking about historical Zip files that I've sent. I've no plans to use 7 Zip going forward until this is fixed.



If I understand correctly, 7 Zip uses AES-CBC and this would not have a major impact. Even if a user repeatedly used the same password, the small amount of randomness in the IV would be enough to prevent cryptographic attacks.






aes cbc 7zip







share|improve this question


















  • 2





    Can we get a definition of "IV" so people can look it up and research?

    – JPhi1618
    2 hours ago






  • 1





    @JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

    – Jacob Krall
    2 hours ago






  • 2





    IV stands for Initialization Vector

    – Captain Hypertext
    1 hour ago
















7















It has been reported that 7 Zip generates IVs in the weak manner.



What is the actual impact of this? I'm asking about historical Zip files that I've sent. I've no plans to use 7 Zip going forward until this is fixed.



If I understand correctly, 7 Zip uses AES-CBC and this would not have a major impact. Even if a user repeatedly used the same password, the small amount of randomness in the IV would be enough to prevent cryptographic attacks.






aes cbc 7zip







share|improve this question


















  • 2





    Can we get a definition of "IV" so people can look it up and research?

    – JPhi1618
    2 hours ago






  • 1





    @JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

    – Jacob Krall
    2 hours ago






  • 2





    IV stands for Initialization Vector

    – Captain Hypertext
    1 hour ago














7












7








7


1






It has been reported that 7 Zip generates IVs in the weak manner.



What is the actual impact of this? I'm asking about historical Zip files that I've sent. I've no plans to use 7 Zip going forward until this is fixed.



If I understand correctly, 7 Zip uses AES-CBC and this would not have a major impact. Even if a user repeatedly used the same password, the small amount of randomness in the IV would be enough to prevent cryptographic attacks.






aes cbc 7zip







share|improve this question














It has been reported that 7 Zip generates IVs in the weak manner.



What is the actual impact of this? I'm asking about historical Zip files that I've sent. I've no plans to use 7 Zip going forward until this is fixed.



If I understand correctly, 7 Zip uses AES-CBC and this would not have a major impact. Even if a user repeatedly used the same password, the small amount of randomness in the IV would be enough to prevent cryptographic attacks.






aes cbc 7zip




aes cbc 7zip






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked 8 hours ago









paj28paj28

26.5k372104




26.5k372104








  • 2





    Can we get a definition of "IV" so people can look it up and research?

    – JPhi1618
    2 hours ago






  • 1





    @JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

    – Jacob Krall
    2 hours ago






  • 2





    IV stands for Initialization Vector

    – Captain Hypertext
    1 hour ago














  • 2





    Can we get a definition of "IV" so people can look it up and research?

    – JPhi1618
    2 hours ago






  • 1





    @JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

    – Jacob Krall
    2 hours ago






  • 2





    IV stands for Initialization Vector

    – Captain Hypertext
    1 hour ago








2




2





Can we get a definition of "IV" so people can look it up and research?

– JPhi1618
2 hours ago





Can we get a definition of "IV" so people can look it up and research?

– JPhi1618
2 hours ago




1




1





@JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

– Jacob Krall
2 hours ago





@JPhi1618: when discussing ciphers, IV stands for Initialization Vector.

– Jacob Krall
2 hours ago




2




2





IV stands for Initialization Vector

– Captain Hypertext
1 hour ago





IV stands for Initialization Vector

– Captain Hypertext
1 hour ago










1 Answer
1






active

oldest

votes


















10














In CBC mode, the IV have to meet two properties:




  • uniqueness: here the IV is very likely unique since because of time(NULL) and gettimeofday() which are the basically the current time of your system. It's even more likely on Windows platform since the CPU cycle is involved ;

  • unpredictability: this property is mandatory if the user can choose the message to encrypt, which is not the case here.


The IV generation is definitely not good (mostly for the size of the IV), but the reaction of OP is exaggerated, the impact isn't that big. It's actually pretty small.



The bigger impact would be that an attacker would be able to recognize two ciphertext encrypting the same plaintext only if they've been encrypted within the same microsecond, using the same key. Even in this conditions, on a Windows platform, the CPU cycle are very unlikely the same, so the IV will be different.



To give answer your concerns: no, this vulnerability doesn't have a big impact in this particular case.






share|improve this answer





















  • 1





    "with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

    – A. Hersean
    5 hours ago











  • You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

    – Faulst
    5 hours ago








  • 1





    time(NULL) provides a value to the second, not microsecond.

    – Random832
    4 hours ago






  • 1





    Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

    – Faulst
    3 hours ago











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f202185%2fwhat-is-the-impact-of-the-reported-weak-iv-in-7-zip%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









10














In CBC mode, the IV have to meet two properties:




  • uniqueness: here the IV is very likely unique since because of time(NULL) and gettimeofday() which are the basically the current time of your system. It's even more likely on Windows platform since the CPU cycle is involved ;

  • unpredictability: this property is mandatory if the user can choose the message to encrypt, which is not the case here.


The IV generation is definitely not good (mostly for the size of the IV), but the reaction of OP is exaggerated, the impact isn't that big. It's actually pretty small.



The bigger impact would be that an attacker would be able to recognize two ciphertext encrypting the same plaintext only if they've been encrypted within the same microsecond, using the same key. Even in this conditions, on a Windows platform, the CPU cycle are very unlikely the same, so the IV will be different.



To give answer your concerns: no, this vulnerability doesn't have a big impact in this particular case.






share|improve this answer





















  • 1





    "with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

    – A. Hersean
    5 hours ago











  • You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

    – Faulst
    5 hours ago








  • 1





    time(NULL) provides a value to the second, not microsecond.

    – Random832
    4 hours ago






  • 1





    Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

    – Faulst
    3 hours ago
















10














In CBC mode, the IV have to meet two properties:




  • uniqueness: here the IV is very likely unique since because of time(NULL) and gettimeofday() which are the basically the current time of your system. It's even more likely on Windows platform since the CPU cycle is involved ;

  • unpredictability: this property is mandatory if the user can choose the message to encrypt, which is not the case here.


The IV generation is definitely not good (mostly for the size of the IV), but the reaction of OP is exaggerated, the impact isn't that big. It's actually pretty small.



The bigger impact would be that an attacker would be able to recognize two ciphertext encrypting the same plaintext only if they've been encrypted within the same microsecond, using the same key. Even in this conditions, on a Windows platform, the CPU cycle are very unlikely the same, so the IV will be different.



To give answer your concerns: no, this vulnerability doesn't have a big impact in this particular case.






share|improve this answer





















  • 1





    "with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

    – A. Hersean
    5 hours ago











  • You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

    – Faulst
    5 hours ago








  • 1





    time(NULL) provides a value to the second, not microsecond.

    – Random832
    4 hours ago






  • 1





    Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

    – Faulst
    3 hours ago














10












10








10







In CBC mode, the IV have to meet two properties:




  • uniqueness: here the IV is very likely unique since because of time(NULL) and gettimeofday() which are the basically the current time of your system. It's even more likely on Windows platform since the CPU cycle is involved ;

  • unpredictability: this property is mandatory if the user can choose the message to encrypt, which is not the case here.


The IV generation is definitely not good (mostly for the size of the IV), but the reaction of OP is exaggerated, the impact isn't that big. It's actually pretty small.



The bigger impact would be that an attacker would be able to recognize two ciphertext encrypting the same plaintext only if they've been encrypted within the same microsecond, using the same key. Even in this conditions, on a Windows platform, the CPU cycle are very unlikely the same, so the IV will be different.



To give answer your concerns: no, this vulnerability doesn't have a big impact in this particular case.






share|improve this answer















In CBC mode, the IV have to meet two properties:




  • uniqueness: here the IV is very likely unique since because of time(NULL) and gettimeofday() which are the basically the current time of your system. It's even more likely on Windows platform since the CPU cycle is involved ;

  • unpredictability: this property is mandatory if the user can choose the message to encrypt, which is not the case here.


The IV generation is definitely not good (mostly for the size of the IV), but the reaction of OP is exaggerated, the impact isn't that big. It's actually pretty small.



The bigger impact would be that an attacker would be able to recognize two ciphertext encrypting the same plaintext only if they've been encrypted within the same microsecond, using the same key. Even in this conditions, on a Windows platform, the CPU cycle are very unlikely the same, so the IV will be different.



To give answer your concerns: no, this vulnerability doesn't have a big impact in this particular case.







share|improve this answer














share|improve this answer



share|improve this answer








edited 3 hours ago

























answered 6 hours ago









FaulstFaulst

27414




27414








  • 1





    "with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

    – A. Hersean
    5 hours ago











  • You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

    – Faulst
    5 hours ago








  • 1





    time(NULL) provides a value to the second, not microsecond.

    – Random832
    4 hours ago






  • 1





    Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

    – Faulst
    3 hours ago














  • 1





    "with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

    – A. Hersean
    5 hours ago











  • You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

    – Faulst
    5 hours ago








  • 1





    time(NULL) provides a value to the second, not microsecond.

    – Random832
    4 hours ago






  • 1





    Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

    – Faulst
    3 hours ago








1




1





"with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

– A. Hersean
5 hours ago





"with a probability of 1-2⁻⁶⁴ with time(null)" That would be the case only if the calls to time(null) were uniformly randomly spread over a time period of 2⁶⁴ seconds.

– A. Hersean
5 hours ago













You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

– Faulst
5 hours ago







You are right, it's even less probable, since time(NULL) is basically the current time of the system. I have edited my answer.

– Faulst
5 hours ago






1




1





time(NULL) provides a value to the second, not microsecond.

– Random832
4 hours ago





time(NULL) provides a value to the second, not microsecond.

– Random832
4 hours ago




1




1





Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

– Faulst
3 hours ago





Yes but gettimeofday does, which is also used. I've edited the answer accordingly.

– Faulst
3 hours ago


















draft saved

draft discarded




















































Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f202185%2fwhat-is-the-impact-of-the-reported-weak-iv-in-7-zip%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Why is a white electrical wire connected to 2 black wires?

Image
1 I just opened my ceiling light to replace it with another mount. I see a white wire connected to 2 black wires, is that right? The middle switch controls this ceiling light. electrical ceiling light share | improve this question asked 4 hours ago konyak konyak 108 4 New contributor konyak is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct. ...
Read more

Waikiki

Image
Denne artikkelen kan ha godt av ein språkvask , som reinskar opp målføringa og/eller innfører same språkstilen overalt. Denne artikkelen kan ha godt av ei opprydding for å nå ein høgare standard og/eller for å verta i tråd med standardoppsettet. Sjå korleis du redigerer ei side og stilmanualen for hjelp. Waikiki Land   USA Stat Hawaii Stad Honolulu Wikimedia Commons: Waikiki Utsyn over Waikiki Waikīkī er ein bydel i Honolulu, sør på øya Oahu, som er ei av Hawaii-øyane. Waikīkīstranda er ein av dei meste berømte strendene i verda. Waikīkī strekkjer seg langs stillehavskysten og har ei rekkje velrenommerte hotell. Bydelen er Hawaii-turismens høyborg. På Waikīkī Beach står ei statue av den lokale sportsstjerna Duka Kahanamoku. Kjelder | Denne artikkelen bygger på «Waikiki» frå Wikipedia på bokmål, den 4. november 2018. Denne artikkelen manglar kjelder eller referansar . Hjelp Wikipedia med å finna truverdige kjelder...
Read more

What are all the squawk codes?

Image
2 $begingroup$ I love aviation and I love learning new things about it. I was wondering if anyone knew all of the squawk codes and in particular what squawk 7500 means. squawk-codes share | improve this question edited 15 mins ago Jamiec ♦ 14.8k 4 60 91 asked 5 hours ago Zac Callaghan Zac Callaghan 11 2 New contributor Zac Callaghan is a new co...
Read more