ZipXPS Benchmarks: Performance of the Zip Password Recovery Process

ZipXPS is a high-performance Zip archive unlocker – recovering your lost Zip passwords with tremendous speed. It does so by taking advantage of the latest progress in CPU technology and software development as well as by exploiting well-known design flaws in the underlying Zip encryption algorithms. On this page we depict some performance benchmarks illustrating the excellent speed characteristics of ZipXPS for the Zip password recovery process.

The performance benchmarks displayed on this page were generated with ZipXPS 1.0.0 x64 on a Lenovo ThinkPad X1 Carbon (2018) with an Intel i7-8550U 64-bit Quad-Core processor running Windows 10 x64. Please note that these values are just for demonstration purposes. They might be different for your particular system.

Exhaustive Search

ZipXPS implements multiple exhaustive search methods for recovering a lost Zip password. In exhaustive search, a given list of words is searched for a matching Zip password. ZipXPS supports word lists that are either dictionaries or are built from charset masks. While in the former case the checked words are supplied from disk files, in the latter case they are generated programmatically.

The following table shows the (average) throughput, i.e., the number of checked words per second, for the system given above. Values are provided both for PKZIP- and WinZip[1]-encrypted files. In each case, the encrypted files are Deflate‘d and have a compressed size of ca. 2kB.

MethodPKZIPWinZip
Dictionary3 × 1051 × 103
Mask2 × 1072 × 103
Throughputs (in words/sec.).

Known-Plaintext Method

ZipXPS implements a well-known, scientifically published known-plaintext method to recover the lost password of a PKZIP-encrypted file from a given Zip archive. This method – as the name known-plaintext implies – requires you to supply some bytes from the original, unencrypted file. With this data ZipXPS will then try to regain the so called cipher state which initiates the PKZIP en-/decryption process. The cipher state is – for all practical purposes – equivalent to the actual Zip password since each Zip password is first converted to its corresponding cipher state prior to any PKZIP en-/decryption process. If a valid cipher state was found, a matching Zip password can be determined by ZipXPS as well. Please see the description of this advanced and sophisticated Zip password recovery method for details.

Finding a valid Cipher State

The table below displays the maximum duration until a valid cipher state of a PKZIP-encrypted file is found. Since the actual cipher state will have been found before the check of all potential cipher states is completed, the shown values only represent upper limits. Note that the cipher state of a PKZIP-encrypted file at an arbitrary text position is all you really need to decrypt that file.

# Plaintext BytesMaximum Duration
1313h
5040min
2008min
150k20s
Maximum duration until the cipher state of a PKZIP-encrypted file is found.

Finding a matching Zip Password

After a valid cipher state of a given PKZIP-encrypted file is found, ZipXPS can be used to determine the actual Zip password of that file. For instance, if the found cipher state is

0xddb7d1e5,0x4901db9a,0xacb0efc0

a matching Zip password is

P@ssw0rd123

which can be “proofed” easily via ZipXPS’ Password → PKZIP cipher state function.

In order to find a matching Zip password to your cipher state, you need to specify the range of Zip passwords (in terms of word length and character set) where ZipXPS should look for your Zip password.

The following table displays the maximum duration to find a Zip password of a given maximum length if that Zip password only consists of printable ASCII characters.

Maximum Length of Zip Password (in Bytes)Maximum Duration
100
115s
129min
1312h
Maximum duration until a matching Zip password is found to a given cipher state.

Note from this table that a matching Zip password to a given cipher state will be found very quickly even if the Zip password in question has a considerable length. For instance, when being given the example cipher state from above (0xddb7d1e5,0x4901db9a,0xacb0efc0), ZipXPS will calculate the corresponding eleven character long Zip password (P@ssw0rd123) to this cipher state almost instantaneously on the employed system.


[1] While in our terminology, PKZIP means the traditional (and now outdated) encryption method originally introduced by PKWARE and still used in Zip archives, WinZip denotes the modern, AES-based alternative developed by Brian Gladman and made popular by the commercial Zip application WinZip (hence the name).