BETA: PowerArchiver 2023 - 22.10.02

spwolf

for maximum security use pae, for convenience use zip or 7zip aes.

AES is unbroken standard… it was selected among various different codecs as the best.

Socrates

So PAE’s AES is stronger than ZIPX’s and 7ZIP’s?

I infer, then, I just completely misunderstood the difference: PAE is more than just an encryption wrapper and ZIPX and 7ZIP do not encrypt through and through (the interior of the archive).

One last question. Will PAE be changing in 2013?

FYI. I did find this:
http://www.theregister.co.uk/2011/08/19/aes_crypto_attack/

spwolf

It’s impressive work but there’s no better cipher to use than AES for now.

:-)

If you use proper password (different characers, +10), it is impossible to break AES.

Encryption is always an wrapper, so in that sense, it is the same… for PAE there is no tools that brute force it, and we have made it on purpose very slow to check the password.

For AES encryption, only possible way to crack it is to brute force the password - which means trying every possible combination. So making it slower to check if password is correct, means less combinations can be tried at the same time.

Most important part is the password, something like greece3 is bad, while 9E:,a?_ is much better.

It does depend on what are you trying to encrypt… if it is nothing that some spy agency will want, then it might be better to use some “normal” password or else you might forget it and then damage is ever bigger.

For instance, we have received countless emails from students that encrypted their papers and forgot the password… sorry guys!

Socrates

THANKS.

Remembering complex PW is tough. Years ago I tried RoboForm to help remember hundreds of of complex passwords. But I didn’t care for it. So I tried CP-labs Password Manager XP, and have used it since. (I do not work for them or get a kick back from them.)

You can secure the database with multiple cyphers . . . including more than one at the same time. But some things I have been reading claim that multiple encryption formats at the same time might actually make it easier to break the encryption.

BTW, I did notice PAE was quite slow relative to other forms. Would speeding it up a bit still make it more secure without the loss of time?

spwolf

@Socrates:

THANKS.

Remembering complex PW is tough. Years ago I tried RoboForm to help remember hundreds of of complex passwords. But I didn’t care for it. So I tried CP-labs Password Manager XP, and have used it since. (I do not work for them or get a kick back from them.)

You can secure the database with multiple cyphers . . . including more than one at the same time. But some things I have been reading claim that multiple encryption formats at the same time might actually make it easier to break the encryption.

BTW, I did notice PAE was quite slow relative to other forms. Would speeding it up a bit still make it more secure without the loss of time?

new version will be faster, while keeping all the advantages.

Keep in mind that AES itself is a standard, so it is same in every program (or it should be), it is everything else thats different and that may make the difference in speed or cracking or speed of cracking i guess :-).

I think for vast majority of population who simply dont want their docs easily available, some relatively simple yet unassuming password is fine… just dont use dates and names, because thats how dictionary attacks are done and are used for faster crack of the password.

Socrates

I had read (and, of course, we should be skeptical of what we read) indicates that the National Security Agency reviewed a number of AES 256 cyphers, and chose the Rijndeal cypher as the best – and therefore, set it as THEIR standard.

So at least when the process began early this decade, it seems that no all AES 256 cyphers were the same.

I gather from your comment, that the losing candidates just disappeared. Right? A bit surprising, I must confess. But certainly possible.

If not – if there are still some cypher want-to-be’s – , does PA use the Rijndeal 256 cypher in all functions, PAE, and, when selected, for ZIP and 7 ZIP?

spwolf

@Socrates:

I had read (and, of course, we should be skeptical of what we read) indicates that the National Security Agency reviewed a number of AES 256 cyphers, and chose the Rijndeal cypher as the best – and therefore, set it as THEIR standard.

So at least when the process began early this decade, it seems that no all AES 256 cyphers were the same.

I gather from your comment, that the losing candidates just disappeared. Right? A bit surprising, I must confess. But certainly possible.

If not – if there are still some cypher want-to-be’s – , does PA use the Rijndeal 256 cypher in all functions, PAE, and, when selected, for ZIP and 7 ZIP?

there were several ciphers submitted to become AES standard… Rijndael won, so Rijndael is AES… no other candidates were called AES at any point in time. So whenever you see AES, it is Rijndael cipher.

Socrates

I just wanted to be sure.

I was thrown off a bit by the fact that some of your encryption drop down options include “Rijndeal” and some didn’t. So I wondered if you were using two different cyphers. Just wanted to make certain.

Sorry to be a pest about this.

spwolf

@Socrates:

I just wanted to be sure.

I was thrown off a bit by the fact that some of your encryption drop down options include “Rijndeal” and some didn’t. So I wondered if you were using two different cyphers. Just wanted to make certain.

Sorry to be a pest about this.

they were added at the time when Rijndael was proposed candidate, so everyone was asking about which one it is… however after all this time, now most people dont know what Rijndael is and they just recognize AES… back then, i think maybe 8-9 years ago, it was important to clarify that it is Rijndael.

Socrates

Given that, you might want to just use “Rijndeal” in all instances . . . or none at all. The fact that PA has it listed differently could be confusing.