Hi,

today I have a question concerning cracking password protected archives.
If I want to crack a protected zip file by dictionary attack most programs work at a speed of 200,000 - 300,000 passwords a second.
Usually I had the same speed when I was cracking rar archives.
But now the best I can get is 2 passwords a second!!!
First I thought the problem might have been the cracking software but it doesn't seem to be the case.
I have downloaded a different one and still the same speed.
Does anybody what the reason for that might be?
Does WinRar use some kind of protection against brute force attacks?
I don't think so but now I am not quite sure.
Hopefully someone can help me.

tbs

Hey, maybe the rar file is big?

No it is a really small one (4kb) and I use Windows XP.
I have also tried it on my other XP PC and this one can crack it at a speed of 12 passwords a second.
That is really sad.

I know that Rar since version 2.96 or something use much better algorithm. I get brute force speed about 10-12 per sec. on them.
If you try ARPR (advanced rar password recovery) tool you'll see that they say that brute-forcing new rars is useless.

I think so too. My speed is 26 p/s for brute force and 23 p/s for dictionary attack

That are really bad news.

Yes, since winrar 3, the encryption scheme was changed to make the archives more secure and brute forcing alot harder.

How do they actually do it? Do they use a very difficult to compute encryption (something that takes a lot of time to see whether it's right or wrong, like 100 md5 one over the other) or what?

--------------------------
WinRar 3.0
Encryption algorithm is changed to AES (Advanced Encryption Standard) with 128 bit key length.
--------------------------
But I have no idea why this makes brute forcing taking so much longer.
I guess there might be some kind of loop or "ticket" that has to be calculated to make the whole thing take a little longer.