whats better than winrar?(not much it seems)

Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reason to
use any crypto
software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, and coul
d
be broken
by several apps provided on the net.
How does the present algo used by Winzip compare though?
However, Winrar 3.11 claims: "RAR archives are encrypted by the much stronge
r
AES-128 standard." [same as in Winzip 9.0]
It does make smaller files than winzip, and does not reveal files until
password is entered unline Winzip.
Is there anything better than Winrar's compression that has password
protection, creates self-extract exe?

On 14 Nov 2004 21:20:43 GMT, developwebsites@aol.comBATSPAM (Developwebsites
) wrote:

}Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reason t
o
}use any crypto
}software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, and cou
ld
}be broken
}by several apps provided on the net.
}How does the present algo used by Winzip compare though?
}However, Winrar 3.11 claims: "RAR archives are encrypted by the much strong
er
}AES-128 standard." [same as in Winzip 9.0]
}It does make smaller files than winzip, and does not reveal files until
}password is entered unline Winzip.
}Is there anything better than Winrar's compression that has password
}protection, creates self-extract exe?

Winace.com

it utilizes a 160bit Blowfish encryption, which is almost as powerful as 168
bit Tripel-DES
encryption, which, as far as we know, has not been hacked yet.

this is taken off their "FAQ"

It's good idea to a have WinRAR & WinACE together on your sys.

CAB is oldy but still compresses just as better as the best of them today bu
t it is slower
and you'll have to find an app that can utilize encryption with it. It's out
 there just
use google and make sure it uses encryption / CAB because some apps do not. 
Like I have
Powerarchiver and it has the password greyed out when I want to use it on a 
CAB formation

Hi,

Checkout WinRK. It provides some of the best compression ratios
available, SFX archives, and a choice of encryption algorithms.

See http://www.msoftware.co.nz.

Malcolm


Developwebsites wrote:
> Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reason 
to
> use any crypto
> software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, and co
uld
> be broken
> by several apps provided on the net.
> How does the present algo used by Winzip compare though?
> However, Winrar 3.11 claims: "RAR archives are encrypted by the much stron
ger
> AES-128 standard." [same as in Winzip 9.0]
> It does make smaller files than winzip, and does not reveal files until
> password is entered unline Winzip.
> Is there anything better than Winrar's compression that has password
> protection, creates self-extract exe?
>

On Mon, 15 Nov 2004 15:19:30 +1300, Malcolm Taylor <me@me.com> wrote:

~~Hi,
~~
~~Checkout WinRK. It provides some of the best compression ratios
~~available, SFX archives, and a choice of encryption algorithms.

JC, It would be nice to dl the thing instead of having to provide my whole l
ife story in
to start a download. I'll pass, thank U.

~~
~~See http://www.msoftware.co.nz.
~~
~~Malcolm
~~
~~
~~Developwebsites wrote:
~~> Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reaso
n to
~~> use any crypto
~~> software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, and 
could
~~> be broken
~~> by several apps provided on the net.
~~> How does the present algo used by Winzip compare though?
~~> However, Winrar 3.11 claims: "RAR archives are encrypted by the much str
onger
~~> AES-128 standard." [same as in Winzip 9.0]
~~> It does make smaller files than winzip, and does not reveal files until
~~> password is entered unline Winzip.
~~> Is there anything better than Winrar's compression that has password
~~> protection, creates self-extract exe?
~~>

In my view, if you are really looking for very good cryptography with good
compression options, then PKZip (SecureZip) is a better option than WinZip
9.0. Just because WinZip uses AES, it doesn't mean that everything is hunky
dory. Merely using a certain crypto algorithm doesn't guarantee tight
security at all. What is important is how the crypto algorithm is applied.
PKZip worked closely with security professionals on their encryption (RSA
security) whereas WinZip created more of a homegrown solution. The result is
that the latest Win/Zip, even with AES encryption, has been exposed as
cryptographically weak (see
http://www-cse.ucsd.edu/users/tkohno/papers/WinZip/).

In addition, PKZIP can encrypt the central directory, thereby hiding the
contents of the Zip file which makes it even more secure (local dir entries
are set to 0 in this case).

Also don't forget that SecureZip is the only zipper that uses digital
certificates (as far as I am aware) which provides a greater level of
security than password-based encryption.

PKZip has more compression methods, which can compete with the compression
ratios of WinRar, ie by using bzip2. WinRar like to compare their best
compression method with PKZip's worst (deflate), which is intellectually
dishonest in my view.

The big problem with the non-Zip formats is that they are not ubiquitous
like the zip format, which means that the receiver has to have the same
program to read your archives which is unlikely in many cases. The
alternative of providing SFX files is not practical in many cases as
corporate firewalls often prevent these files from passing through.

Of course,if you only need to create zip files for yourself, then most of
the above won't apply.

regards
Mike


"Developwebsites" <developwebsites@aol.comBATSPAM> wrote in message
news:20041114162043.09736.00000243@mb-m20.aol.com...
> Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reason
to
> use any crypto
> software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, and
could
> be broken
> by several apps provided on the net.
> How does the present algo used by Winzip compare though?
> However, Winrar 3.11 claims: "RAR archives are encrypted by the much
stronger
> AES-128 standard." [same as in Winzip 9.0]
> It does make smaller files than winzip, and does not reveal files until
> password is entered unline Winzip.
> Is there anything better than Winrar's compression that has password
> protection, creates self-extract exe?
>

"Michael Brindley" <mbrindley@wol.co.za> wrote in message news:<cna1hg$53$1@ctb-nnrp2.saix.
net>...
> The big problem with the non-Zip formats is that they are not ubiquitous
> like the zip format, which means that the receiver has to have the same
> program to read your archives which is unlikely in many cases.

Whoa, please slow down your spin cycle.  The only ubiquitous zip
format is the older, deflate-based, non-AES, non-RSA-consulted format
circa 1990.  If you give me one of your newer-format .zip files, I
guarantee I'll need to download a new program to read your archive
even though I already have several programs that read .zip.

Besides, the point is moot in the context of the OP:  He wants to make
a self-extracting archive, so the universal compatibility option is
irrelevant as 1. he's extracting only, and 2. the archiver will be
tacked onto the archive.

> Besides, the point is moot in the context of the OP:  He wants to make
> a self-extracting archive, so the universal compatibility option is
> irrelevant as 1. he's extracting only, and 2. the archiver will be
> tacked onto the archive.

Perhaps we understand the original question differently.

The first part reads:

>Now that Winzip 9.0 uses 128- and 256-bit AES encryption, I see no reason t
o
>use any crypto software such as PGP, Kremlin, Puffer.  Winzip's old algo was weak, 
and >could be broken by several apps provided on the net. 

As I understand it, the poster has been concerned about the vulnerability of
 traditionally encrypted zip files and has either used additional encryption
 software or used WinRar which has so-called strong encryption. WinRar have 
never made their specification public, so it is not known how strong their e
ncryption techniques actually are. If the poster believes that WinZip 9.0 pr
oduces strongly encrypted SFX files, then he is mistaken as this version of 
WinZip is still only able to produce SFX's that are encrypted with the tradi
tional encryption algorithm and not the newer AES methods. Therefore the poi
nt is not moot, as you put it.

>The only ubiquitous zip format is the older, deflate-based, non-AES, non-RSA-consul
ted >format circa 1990.  If you give me one of your newer-format .zip files, I guara
ntee I'll need to >download a new program to read your archive even though I already
 have several programs >that read .zip.

Yes, this is probably the case at the moment, but this is set to change as b
oth WinZip and PKZIP have been offering strong encryption for some time now.
 And considering that these two probably account for the majority of Zip use
rs, and they now both support each other's AES extraction methods, this shou
ld encourage much greater use of strongly encrypted archives. Also, PKZIP of
fers a free zip reader that handles all encryption methods offered by both W
inZip and PKZip including digital certificates.

> Whoa, please slow down your spin cycle.
Spin cycle? You must be American mate!

regards
Mike

"Mike B" <mbrindley@wol.co.za> wrote in message news:<cnb543$nu9$1@ctb-nnrp2.saix.net>...[c
olor=darkred]
> Perhaps we understand the original question differently.
>
> The first part reads:[/color]

Yes, but the second part mentions self-extracting.
 
> Spin cycle? You must be American mate!

Is it that obvious?  :-)

Me personally, I would use an open, universal format coupled with
universal, open tools.  For best results, I would use either plain
.zip or .tar.gz coupled with PGP.  Just my $0.02.