SDA encryption for an exe zip file

[Wang191]

I have PGP desktop on my computer and it gives me the option to make zip archives that are encrpyted. They also have the option to have self extracting archives.

When using conventional encryption (because i dont want to use a shared key encryption method) it does not state what the encryption type is.

How secure is this encryption? it's not just a zip password right?

 

[phr0ze]

I may be ignorant on the way PGP is working these days but...

You don't want a public key system on a self executable. These are contradictory. The reason you want a self-executable is because you assume the person extracting the files does not have the required software. If they don't have PGP, then they don't have a compatable public/private key pair. That only leaves a shared key as the option.

This fact leads me to believe 'conventional encryption' is the standard zip file encryption.

 

[Wang191]

Let's assume for a second that this analysis is correct.
Is the standard zip encryption secure?

 

[bashPenguin]

Standard zip files employ a weak symmetric-key encryption algorithm, which has various attacks against it.

However, PGP does things differently. It zips the files, and then applies encryption to it that is not the same as the ZIP encryption. I believe they use AES or some other symmetric key algorithm (though it probably defaults to AES, better than DES, TripleDES). This creates a .zip.pgp file. When you open the file if it's self extracting, you have to enter the password it was encrypted with. AES is very strong at the 128-bit and 256-bit levels, the government allows 128-bit to be used for classfied level data, so if you're paranoid, you shouldn't be. Currently there are no known direct attacks against AES.

 

[Wang191]

Thanks for the info.

While making the pgp zip it does not state what encryption it's using. All other screens in pgp let you choose the encrpytion algorithm to use. That is the reason I feel unsure about this method. If i knew it was AES 128 or 256 I would be happy but it blocks out all options to choose the encryption when you choose sda self decrypting archive.