Positive Technologies cybersecurity researcher Arseniy Sharoglazov shared an experiment in which he created a password-protected ZIP file called “x.zip”.
For the ZIP file, Sharoglazov set a password that repeats the words of the famous song: “Nev1r-G0nna-G2ve-Y8u-Up-N5v1r-G1nna-Let-Y4u-D1wn-N8v4r-G5nna-D0sert-You”.
The expert demonstrated that when unpacking “x.zip” with a different password, he did not receive an error message. In fact, using a different password “pkH8a0AqNbHcdw8GrmSp” resulted in the successful extraction of the ZIP file with the original contents intact.
One of the Twitter users under the name “Unblvr” wrote why this is happening. According to him, when creating password-protected ZIP archives with AES-256 mode enabled, the ZIP format uses the PBKDF2 algorithm and hashes the password if it is too long (longer than 64 characters).
Instead of the entered password, the computed hash becomes the actual password for the file. When the user enters a password longer than 64 bytes while unpacking the archive, the entered data is again hashed by the ZIP application and compared with the correct password (which is now a hash itself). A match will result in successful extraction of the file.
The password “pkH8a0AqNbHcdw8GrmSp” is actually an ASCII representation of the SHA-1 hash of the original password “Nev1r-G0nna-G2ve…”. SHA-1 checksum “Nev1r-G0nna-G2ve-…” = 706b4838613041714e62486364773847726d5370. This checksum, when converted to ASCII, gives: “pkH8a0AqNbHcdw8GrmSp”.
But this fact is not a security vulnerability and will not allow a password-protected archive to be cracked, “because it is necessary to know the original password in order to generate a password hash.”