DOCSLIB.ORG

Improved Forensic Recovery of PKZIP Stream Cipher Passwords

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Improved Forensic Recovery of PKZIP Stream Cipher Passwords Sein Coray, Iwen Coisel and Ignacio Sanchez European Commission, Joint Research Centre (DG JRC) - Via Enrico Fermi 2749, 21027 Ispra (VA), Italy Keywords: Stream Cipher, High Performance Computing, Forensics, Passwords, Cybersecurity, Cryptanalysis. Abstract: Data archives are often compressed following the PKZIP format and can optionally be encrypted with either the PKZIP stream cipher or the AES block cipher. In this article, we present new implementations of two attacks against the PKZIP stream cipher. To our knowledge, this is the first time those attacks have been demonstrated on Graphical Processing Unit (GPU). Our first implementation is retrieving archive passwords using the internal state of the PKZIP stream cipher obtained through the known-plaintext attack of Biham and Kocher. Passwords up to length 14 can be recovered within a month considering a single Nvidia 1080 Ti GPU. If one hundred of those cards are available, passwords up to length 15 would be recovered in less than 27 days. The second implementation is a more direct attack designed to retrieve an archive’s password without requiring any additional knowledge than the ciphertext. Experimental results show that our two implementations are at least ten times faster than the state of the art. This is an undeniable asset for investigators who may be particularly interested in further deepening their forensic analysis on an encrypted archive. 1 INTRODUCTION internal state of the cipher using the knowledge of at least 12 bytes of the plaintext. The PKZIP standard Digital forensic investigations often come across the supports nowadays AES encryption, yet, an analy- need to access content protected by a password based sis of the main ZIP encryption software available in authentication mechanism. Forensic investigators the market reveals that in up to 50% of the cases, the have a variety of techniques at their disposal to ac- PKZIP stream cipher remains the default encryption cess such content, usually by retrieving the associated method for ZIP archives. There is no statistics avail- password. The most common password guessing ap- able about the usage of one encryption method or the proaches are an exhaustive search trying all possible other, however, we assume that in those tools where it combinations of characters from a specific alphabet is set as a default method, the original PKZIP stream (e.g. all numbers, letter and special characters) or a cipher encryption is still heavily used. more targeted search exploring most common pass- In this paper, we present a new implementation words with or without classical modification (e.g. dic- of the known-plaintext attack of Biham and Kocher tionary attack with mangling rules). The available (Biham and Kocher, 1994) that takes advantage of computational power as well as the speed of the algo- Graphical Processing Units (GPUs) hardware allow- rithm used to test password candidates heavily limit ing the retrieval of even long passwords (up to 15 the success rate of those attacks. Therefore only short characters depending on the available hardware re- passwords or predictable ones are generally recovered sources) of ZIP archives encrypted using the PKZIP in practice. If the algorithm used by the target of the stream cipher. Furthermore, we also present a novel forensic analysis has a known weakness or vulnera- GPU implementation that can recover the PKZIP bility, it can be sometimes exploited to recover the stream cipher password when no plaintext is known. target’s password in a more efficient way than an ex- It is the first time that such attacks against the haustive search over all possible candidates. PKZIP steam cipher are implemented for GPU hard- The PKZIP standard falls into such category of ware. The obtained benchmark results invalidate vulnerable algorithms as Biham and Kocher (Biham the existing hypothesis1 that GPU implementations and Kocher, 1994) have exhibit a known-plaintext at- tack against the PKZIP stream cipher used to encrypt 1As discussed in https://hashcat.net/forum/ the compressed archive. Such attack can retrieve the thread-5709.html and https://github.com/magnumripper/ JohnTheRipper/issues/718 328 Coray, S., Coisel, I. and Sanchez, I. Improved Forensic Recovery of PKZIP Stream Cipher Passwords. DOI: 10.5220/0007360503280335 In Proceedings of the 5th International Conference on Information Systems Security and Privacy (ICISSP 2019), pages 328-335 ISBN: 978-989-758-359-9 Copyright c 2019 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved Improved Forensic Recovery of PKZIP Stream Cipher Passwords would not make a meaningful performance difference prepended bytes). ⊕ is the exclusive or, j the inclu- compared to existing CPU implementations due to the sive or, >> is a right shift and LSB and MSB de- nature of the encryption algorithm. Our experimental notes respectively the least and the most significant results show that our two implementations are at least byte of a value. The CRC32 used in this algorithm ten times faster than the current implementations. is the classical cyclic redundancy check code used in The rest of the paper is structured as follows. In this specific case with the reversed polynomial repre- Section 2, we describe the PKZIP stream cipher and sentations 0xEDB88320. review the existing attacks and respective implemen- Algorithm 1: Encryption(P, pwd). tations. Our GPU based implementation to retrieve the PKZIP stream cipher password from a known in- initialize internal state(pwd); for p 2 P do ternal state is described in Section 3. In Section 4, we i c = p ⊕ k ; describe our more generic attack to retrieve the en- i i i key(i+1) = CRC (key(i); p ) cryption password without any plaintext knowledge. 0 32 0 i ; (i+1) (i) (i+1) Finally, we present our conclusions in Section 5. key1 = (key1 + LSB(key0 )) ∗0x08088405 + 1; (i+1) (i) (i+1) key2 = CRC32(key2 ;MSB(key1 )); temp = key(i+1)j3; 2 BACKGROUND 2 k(i+1) = LSB(temp ∗ (temp ⊕ 1) >> 8); PKZIP is a data compression program designed in The initialization phase corresponds to the deriva- 1989 by Phil Katz and his company PKWARE mostly tion of the password into the initial state. The three famous for the introduction of the .zip format. In keys key0, key1, and key2 are respectively set to 1993, PKZIP v2.X was released with the introduction 0x12345678, 0x23456789 and 0x34567890. The in- of the DEFLATE algorithm, an efficient lossless data ternal state is then updated with each byte of the pass- compression algorithm. Whereas the main objective word as it is done with each plaintext byte except of the software is to archive file(s) in a compressed that the keystream byte is not computed. We denote manner, the archive can optionally be encrypted to (1) (1) (1) (key ;key ;key ) the obtained initial internal state secure the data at rest. As mentioned earlier, several 0 1 2 considered to be the secret key of the stream cipher. encryption algorithms are available, yet in this paper we will only focus on the PKZIP stream cipher that is described in what follows. 2.2 Related Attacks Biham and Kocher (Biham and Kocher, 1994) have 2.1 PKZIP Encryption Format designed a known plaintext attack aiming at retrieving the secret key of the stream cipher. Once in posses- The PKZIP stream cipher is a symmetric encryption sion of the internal state, the encrypted archive can be scheme, where the secret key is required for both en- fully decrypted, as well as any other archive encrypted cryption and decryption. This key is used to produce with the same password. It requires the knowledge of a keystream of bytes for the one-time pad algorithm. some consecutive bytes, at least twelve, of the plain- The stream cipher has a 96-bit internal state split text that is encrypted in the archive. into three 32-bit values denoted key0, key1 and key2. This strong requirement is not that inconceivable This internal state is updated every round using a in practice. The filenames contained in the archive are plaintext byte to produce a single byte of keystream. always accessible even when the archive is encrypted. Twelve bytes, denoted p1;:::; p12, are prepended to If headers of known file types can be extracted or if the plaintext in a matter of randomization of the pro- known files (e.g. system files) are included into the duced keystream. The last (or two lasts for some ver- archive, this knowledge can be used to perform the sions of PKZIP) of those bytes, called the checksum attack. Michael Stay later on softened this knowledge byte(s), are dependent of the plaintext and are used as requirement in his article (Stay, 2001) at a price of control bytes to detect wrong decryption (e.g. decryp- a higher complexity of the attack and/or a minimum tion process carried out with an incorrect password). number of files. Jeong et al (Jeong et al., 2011) have The algorithm producing the keystream byte is de- also exploited the presence of several files to reduce scribed in Algorithm 1. The notations used in this the complexity of the attack of Biham and Kocher. algorithm are the following. pi and ci denote re- In all cases, the retrieved internal state does not al- spectively a byte of plaintext and a byte of cipher- low the direct recovery of the password that was used text. P is the complete plaintext (including the twelve to encrypt the archive. An additional process needs to 329 ICISSP 2019 - 5th International Conference on Information Systems Security and Privacy be undertaken to retrieve this password with a com- edge of the plaintext and exploiting the linearity of plexity of 28(l−6) where l is the length of the pass- most of the functions used in the key update.
Recommended publications
  • Red Hat Enterprise Linux 8 Installing, Managing, and Removing User-Space Components

    Red Hat Enterprise Linux 8 Installing, Managing, and Removing User-Space Components

    Red Hat Enterprise Linux 8 Installing, managing, and removing user-space components An introduction to AppStream and BaseOS in Red Hat Enterprise Linux 8 Last Updated: 2021-06-25 Red Hat Enterprise Linux 8 Installing, managing, and removing user-space components An introduction to AppStream and BaseOS in Red Hat Enterprise Linux 8 Legal Notice Copyright © 2021 Red Hat, Inc. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/ . In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. Linux ® is the registered trademark of Linus Torvalds in the United States and other countries. Java ® is a registered trademark of Oracle and/or its affiliates. XFS ® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL ® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
  • List of Open Source Components Used by Intel® Deployment Assistant

    List of Open Source Components Used by Intel® Deployment Assistant

    List of open source components used by Intel® Deployment Assistant S. No Component Link for additional info 1 ALFS 6.1 (Gerard Beekmans) http://www.linuxfromscratch.org/ 2 autoconf-2.59.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 3 automake-1.9.6.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 4 bash-3.1.tar.gz ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 5 bash-3.1-fixes-8.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 6 binutils-2.16.1.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 7 bison-2.2.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 8 bzip2-1.0.3.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 9 coreutils-6.3.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 10 coreutils-6.3-i18n-1.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 11 coreutils-6.3- suppress_uptime_kill_su-1.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 12 coreutils-6.3-uname-1.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 13 dejagnu-1.4.4.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 14 diffutils-2.8.1.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 15 diffutils-2.8.1-i18n-1.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 16 e2fsprogs-1.39.tar.gz ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 17 expect-5.43.0.tar.bz2 ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/ 18 expect-5.43.0-spawn-1.patch ftp://anduin.linuxfromscratch.org/LFS/lfs-packages/6.2/
  • PKZIP MVS User's Guide

    PKZIP MVS User's Guide

    PKZIP for MVS MVS/ESA, OS/390, & z/OS User’s Guide PKMU-V5R5000 PKWARE, Inc. PKWARE, Inc. 9009 Springboro Pike Miamisburg, Ohio 45342 Sales: 937-847-2374 Support: 937-847-2687 Fax: 937-847-2375 Web Site: http://www.pkzip.com Sales - E-Mail: [email protected] Support - http://www.pkzip.com/support 5.5 Edition (2003) PKZIP for MVS™, PKZIP for OS/400™, PKZIP for VSE™, PKZIP for UNIX™, and PKZIP for Windows™ are just a few of the many members in the PKZIP® family. PKWARE, Inc. would like to thank all the individuals and companies -- including our customers, resellers, distributors, and technology partners -- who have helped make PKZIP® the industry standard for Trusted ZIP solutions. PKZIP® enables our customers to efficiently and securely transmit and store information across systems of all sizes, ranging from desktops to mainframes. This edition applies to the following PKWARE of Ohio, Inc. licensed program: PKZIP for MVS™ (Version 5, Release 5, 2003) PKZIP(R) is a registered trademark of PKWARE(R) Inc. Other product names mentioned in this manual may be a trademark or registered trademarks of their respective companies and are hereby acknowledged. Any reference to licensed programs or other material, belonging to any company, is not intended to state or imply that such programs or material are available or may be used. The copyright in this work is owned by PKWARE of Ohio, Inc., and the document is issued in confidence for the purpose only for which it is supplied. It must not be reproduced in whole or in part or used for tendering purposes except under an agreement or with the consent in writing of PKWARE of Ohio, Inc., and then only on condition that this notice is included in any such reproduction.
  • Implementing Compression on Distributed Time Series Database

    Implementing Compression on Distributed Time Series Database

    Implementing compression on distributed time series database Michael Burman School of Science Thesis submitted for examination for the degree of Master of Science in Technology. Espoo 05.11.2017 Supervisor Prof. Kari Smolander Advisor Mgr. Jiri Kremser Aalto University, P.O. BOX 11000, 00076 AALTO www.aalto.fi Abstract of the master’s thesis Author Michael Burman Title Implementing compression on distributed time series database Degree programme Major Computer Science Code of major SCI3042 Supervisor Prof. Kari Smolander Advisor Mgr. Jiri Kremser Date 05.11.2017 Number of pages 70+4 Language English Abstract Rise of microservices and distributed applications in containerized deployments are putting increasing amount of burden to the monitoring systems. They push the storage requirements to provide suitable performance for large queries. In this paper we present the changes we made to our distributed time series database, Hawkular-Metrics, and how it stores data more effectively in the Cassandra. We show that using our methods provides significant space savings ranging from 50 to 95% reduction in storage usage, while reducing the query times by over 90% compared to the nominal approach when using Cassandra. We also provide our unique algorithm modified from Gorilla compression algorithm that we use in our solution, which provides almost three times the throughput in compression with equal compression ratio. Keywords timeseries compression performance storage Aalto-yliopisto, PL 11000, 00076 AALTO www.aalto.fi Diplomityön tiivistelmä Tekijä Michael Burman Työn nimi Pakkausmenetelmät hajautetussa aikasarjatietokannassa Koulutusohjelma Pääaine Computer Science Pääaineen koodi SCI3042 Työn valvoja ja ohjaaja Prof. Kari Smolander Päivämäärä 05.11.2017 Sivumäärä 70+4 Kieli Englanti Tiivistelmä Hajautettujen järjestelmien yleistyminen on aiheuttanut valvontajärjestelmissä tiedon määrän kasvua, sillä aikasarjojen määrä on kasvanut ja niihin talletetaan useammin tietoa.
  • Troubleshooting Guide

    Troubleshooting Guide

    Java Platform, Standard Edition Troubleshooting Guide Release 9 E61074-05 October 2017 Java Platform, Standard Edition Troubleshooting Guide, Release 9 E61074-05 Copyright © 1995, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency- specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
  • Zlib Home Site

    Zlib Home Site

    zlib Home Site http://zlib.net/ A Massively Spiffy Yet Delicately Unobtrusive Compression Library (Also Free, Not to Mention Unencumbered by Patents) (Not Related to the Linux zlibc Compressing File-I/O Library) Welcome to the zlib home page, web pages originally created by Greg Roelofs and maintained by Mark Adler . If this page seems suspiciously similar to the PNG Home Page , rest assured that the similarity is completely coincidental. No, really. zlib was written by Jean-loup Gailly (compression) and Mark Adler (decompression). Current release: zlib 1.2.6 January 29, 2012 Version 1.2.6 has many changes over 1.2.5, including these improvements: gzread() can now read a file that is being written concurrently gzgetc() is now a macro for increased speed Added a 'T' option to gzopen() for transparent writing (no compression) Added deflatePending() to return the amount of pending output Allow deflateSetDictionary() and inflateSetDictionary() at any time in raw mode deflatePrime() can now insert bits in the middle of the stream ./configure now creates a configure.log file with all of the results Added a ./configure --solo option to compile zlib with no dependency on any libraries Fixed a problem with large file support macros Fixed a bug in contrib/puff Many portability improvements You can also look at the complete Change Log . Version 1.2.5 fixes bugs in gzseek() and gzeof() that were present in version 1.2.4 (March 2010). All users are encouraged to upgrade immediately. Version 1.2.4 has many changes over 1.2.3, including these improvements:
  • PKZIP®/Securezip® for I5/OS® User's Guide

    PKZIP®/Securezip® for I5/OS® User's Guide

    PKZIP®/SecureZIP® ® for i5/OS User’s Guide SZIU- V10R05M02 PKWARE, Inc. PKWARE, Inc. 648 N Plankinton Avenue, Suite 220 Milwaukee, WI 53203 Main office: 888-4PKWARE (888-475-9273) Sales: 937-847-2374 (888-4PKWARE / 888-475-9273) Sales: Email: [email protected] Support: 937-847-2687 Support: http://www.pkware.com/support/system-i Fax: 414-289-9789 Web Site: http://www.pkware.com 10.0.5 Edition (2010) SecureZIP for z/OS, PKZIP for z/OS, SecureZIP for i5/OS®, PKZIP for i5/OS, SecureZIP for UNIX, and SecureZIP for Windows are just a few of the members of the PKZIP family. PKWARE Inc. would like to thank all the individuals and companies—including our customers, resellers, distributors, and technology partners—who have helped make PKZIP the industry standard for trusted ZIP solutions. PKZIP enables our customers to efficiently and securely transmit and store information across systems of all sizes, ranging from desktops to mainframes. This edition applies to the following PKWARE Inc. licensed programs: PKZIP for i5/OS (Version 10, Release 0.5, 2010) SecureZIP for i5/OS (Version 10, Release 0.5, 2010) SecureZIP Partner for i5/OS (Version 10, Release 0.5, 2010) PKWARE, PKZIP and SecureZIP are registered trademarks of PKWARE, Inc. z/OS, i5/OS, zSeries, and iSeries are registered trademarks of IBM Corporation. Other product names mentioned in this manual may be trademarks or registered trademarks of their respective companies and are hereby acknowledged. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/) Any reference to licensed programs or other material, belonging to any company, is not intended to state or imply that such programs or material are available or may be used.
  • Licensing Information User Manual Release 8.0 E65472-04

    Licensing Information User Manual Release 8.0 E65472-04

    Oracle® Communications Calendar Server Licensing Information User Manual Release 8.0 E65472-04 March 2021 Copyright © 2000, 2021, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are “commercial computer software” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
  • ORDERINFO 3 Copy

    ORDERINFO 3 Copy

    ORDER info ORDER info Placing Your Order We will need to know the following information before your order can be quoted: PLEASE NOTE: Artwork with low resolution will project fuzzy and/or distorted and will not 1. Customer name and contact information. give the best appearance. Most web images are created at 72 dpi. Please do not try to resize an image taken from the Web from 72 dpi to a higher resolution. To receive the highest quality 2. The lighting instrument that will be projecting the gobo. image, we require artwork to be saved at a minimum resolution of 600 dpi with an image size 3. Quantity needed and gobo size (in millimeters). of at least 5 x 5 inches (127 x 127 mm). 4. Whether you intend to project the image on to a surface from the front or on to a screen ORDER from behind. Artwork received at lower resolutions will incur an additional (hourly) artwork fee. However, 5. Is the background of the image clear or black? the quality and detail of the gobo will still be determined by the original quality of the artwork. 6. When you need the order shipped. We also accept hard copies of artwork; such as photographs, slicks, or prints. Faxed images When placing orders, please e-mail the above information and attached artwork to are accepted, but usually do not reproduce well. Please submit a reasonably sized, clean copy info [email protected] . A quotation and proof will be generated and returned to you of your artwork. Additional (hourly) artwork fees may apply for poor quality artwork.
  • Zip Plugin 1.1 Read and Write Zip Archives with Hollywood

    Zip Plugin 1.1 Read and Write Zip Archives with Hollywood

    Zip Plugin 1.1 Read and write zip archives with Hollywood Andreas Falkenhahn i Table of Contents 1 General information::::::::::::::::::::::::::::: 1 1.1 Introduction :::::::::::::::::::::::::::::::::::::::::::::::::::: 1 1.2 Terms and conditions ::::::::::::::::::::::::::::::::::::::::::: 1 1.3 Requirements::::::::::::::::::::::::::::::::::::::::::::::::::: 2 1.4 Installation ::::::::::::::::::::::::::::::::::::::::::::::::::::: 2 2 About zip.hwp ::::::::::::::::::::::::::::::::::: 3 2.1 Credits ::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 3 2.2 Frequently asked questions:::::::::::::::::::::::::::::::::::::: 3 2.3 Known issues ::::::::::::::::::::::::::::::::::::::::::::::::::: 3 2.4 Future:::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 3 2.5 History ::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 3 3 Usage ::::::::::::::::::::::::::::::::::::::::::::: 5 3.1 Activating the plugin ::::::::::::::::::::::::::::::::::::::::::: 5 3.2 Zip archives as directories::::::::::::::::::::::::::::::::::::::: 5 3.3 Extracting files ::::::::::::::::::::::::::::::::::::::::::::::::: 6 3.4 Zip archive basics::::::::::::::::::::::::::::::::::::::::::::::: 6 3.5 Creating zip archives ::::::::::::::::::::::::::::::::::::::::::: 7 3.6 Linking files :::::::::::::::::::::::::::::::::::::::::::::::::::: 7 4 Function reference::::::::::::::::::::::::::::::: 9 4.1 zip.AddDirectory ::::::::::::::::::::::::::::::::::::::::::::::: 9 4.2 zip.AddFile::::::::::::::::::::::::::::::::::::::::::::::::::::: 9 4.3 zip.CloseArchive:::::::::::::::::::::::::::::::::::::::::::::::
  • Forcepoint DLP Supported File Formats and Size Limits

    Forcepoint DLP Supported File Formats and Size Limits

    Forcepoint DLP Supported File Formats and Size Limits Supported File Formats and Size Limits | Forcepoint DLP | v8.8.1 This article provides a list of the file formats that can be analyzed by Forcepoint DLP, file formats from which content and meta data can be extracted, and the file size limits for network, endpoint, and discovery functions. See: ● Supported File Formats ● File Size Limits © 2021 Forcepoint LLC Supported File Formats Supported File Formats and Size Limits | Forcepoint DLP | v8.8.1 The following tables lists the file formats supported by Forcepoint DLP. File formats are in alphabetical order by format group. ● Archive For mats, page 3 ● Backup Formats, page 7 ● Business Intelligence (BI) and Analysis Formats, page 8 ● Computer-Aided Design Formats, page 9 ● Cryptography Formats, page 12 ● Database Formats, page 14 ● Desktop publishing formats, page 16 ● eBook/Audio book formats, page 17 ● Executable formats, page 18 ● Font formats, page 20 ● Graphics formats - general, page 21 ● Graphics formats - vector graphics, page 26 ● Library formats, page 29 ● Log formats, page 30 ● Mail formats, page 31 ● Multimedia formats, page 32 ● Object formats, page 37 ● Presentation formats, page 38 ● Project management formats, page 40 ● Spreadsheet formats, page 41 ● Text and markup formats, page 43 ● Word processing formats, page 45 ● Miscellaneous formats, page 53 Supported file formats are added and updated frequently. Key to support tables Symbol Description Y The format is supported N The format is not supported P Partial metadata
  • Data Compression and Archiving Software Implementation and Their Algorithm Comparison

    Data Compression and Archiving Software Implementation and Their Algorithm Comparison

    Calhoun: The NPS Institutional Archive Theses and Dissertations Thesis Collection 1992-03 Data compression and archiving software implementation and their algorithm comparison Jung, Young Je Monterey, California. Naval Postgraduate School http://hdl.handle.net/10945/26958 NAVAL POSTGRADUATE SCHOOL Monterey, California THESIS^** DATA COMPRESSION AND ARCHIVING SOFTWARE IMPLEMENTATION AND THEIR ALGORITHM COMPARISON by Young Je Jung March, 1992 Thesis Advisor: Chyan Yang Approved for public release; distribution is unlimited T25 46 4 I SECURITY CLASSIFICATION OF THIS PAGE REPORT DOCUMENTATION PAGE la REPORT SECURITY CLASSIFICATION 1b RESTRICTIVE MARKINGS UNCLASSIFIED 2a SECURITY CLASSIFICATION AUTHORITY 3 DISTRIBUTION/AVAILABILITY OF REPORT Approved for public release; distribution is unlimite 2b DECLASSIFICATION/DOWNGRADING SCHEDULE 4 PERFORMING ORGANIZATION REPORT NUMBER(S) 5 MONITORING ORGANIZATION REPORT NUMBER(S) 6a NAME OF PERFORMING ORGANIZATION 6b OFFICE SYMBOL 7a NAME OF MONITORING ORGANIZATION Naval Postgraduate School (If applicable) Naval Postgraduate School 32 6c ADDRESS {City, State, and ZIP Code) 7b ADDRESS (City, State, and ZIP Code) Monterey, CA 93943-5000 Monterey, CA 93943-5000 8a NAME OF FUNDING/SPONSORING 8b OFFICE SYMBOL 9 PROCUREMENT INSTRUMENT IDENTIFICATION NUMBER ORGANIZATION (If applicable) 8c ADDRESS (City, State, and ZIP Code) 10 SOURCE OF FUNDING NUMBERS Program Element No Project Nc Work Unit Accession Number 1 1 TITLE (Include Security Classification) DATA COMPRESSION AND ARCHIVING SOFTWARE IMPLEMENTATION AND THEIR ALGORITHM COMPARISON 12 PERSONAL AUTHOR(S) Young Je Jung 13a TYPE OF REPORT 13b TIME COVERED 1 4 DATE OF REPORT (year, month, day) 15 PAGE COUNT Master's Thesis From To March 1992 94 16 SUPPLEMENTARY NOTATION The views expressed in this thesis are those of the author and do not reflect the official policy or position of the Department of Defense or the U.S.