[SOLVED] Encrypted rar inside encrypted rar

[Wolfinch]

Is it safe if I put encrypted rar inside encrypted rar? For example:

Encrypted Word.doc INSIDE Files.rar (pass: 567) INSIDE Files2.rar (pass 1234).

I do this to make extra security layer. So when people success bypass my first layer (1234), they still need to bypass second and third layer security.

Is it safe? Like can it corrupted in the future if I add/remove file inside that kind of archive?

Actually I've already do this at least 3 years without porblem at all.. but dunno why, I afraid now.

 

[USAFRet]

It is not 'unsafe'.

But also, this adds little if any 'security'.
If they can bypass the first layer, then the second or third should also be little problem.

Lastly, unless this is the plans for a working cold fusion reactor, no one cares about your word doc.

 

[Wolfinch]

It is not 'unsafe'.

But also, this adds little if any 'security'.
If they can bypass the first layer, then the second or third should also be little problem.

Lastly, unless this is the plans for a working cold fusion reactor, no one cares about your word doc.

Yes, of course people like hacker, etc can do that.. but i make this only for "user area". Like jerk people who want to mess my work.

They technically cant bypass encription, but they can unlock it because of "my mistake" like he stand behind me while I typing password.

It happen to me once though. He confused after I type 3 different @ 20 characters

 

[Grobe]

If they can bypass the first layer

Just for the sake of discussion. If I have an encrypted rar file (or any compressed+encrypted file format like zip or 7z) then let's assume I somehow manage to get a new file from the encrypted archive. The new file, may be a valid rar file or it may also be a bounch of useless data patterns that just so happens to have a header that make it looks like a rar archive.

To verify if an encrypted rar file is valid, one must have it's password.

My question therefore is - How can one know the difference between a collection of data that by chance have something that looks like a valid rar file and an actual rar encrypted file but don't have the password ?

Final note : I must assume that the file names, attributes and folder structure also are encrypted for this question to be valid (and of course that the file format actually sports that) . And - must of course be different password for the nested encrypted rar file.

 

[falcon291]

If you use 4 digits of password, and if you encrypt the files even 3 -4 times, not it will not be safe.

Give longer passwords, 12 digits numbers, letters (upper and lower case), symbols. Then it will be non-breakable.

 

[USAFRet]

Just for the sake of discussion. If I have an encrypted rar file (or any compressed+encrypted file format like zip or 7z) then let's assume I somehow manage to get a new file from the encrypted archive. The new file, may be a valid rar file or it may also be a bounch of useless data patterns that just so happens to have a header that make it looks like a rar archive.

To verify if an encrypted rar file is valid, one must have it's password.

My question therefore is - How can one know the difference between a collection of data that by chance have something that looks like a valid rar file and an actual rar encrypted file but don't have the password ?

Final note : I must assume that the file names, attributes and folder structure also are encrypted for this question to be valid (and of course that the file format actually sports that) . And - must of course be different password for the nested encrypted rar file.

Depends on how it was encrypted and the "file names".

Encrypted1.rar.
I figure out how to decrypt, resulting in a file of Encrypted2.rar, or some other collection of mostly valid files.
Knowing how #1 was done and I already cracked it, #2 would presumably be easy as well.

I can't unwrap the first layer without actually doing it. Any false/incorrect password or decryption won't result in any success.

Working cold fusion, here we come!

 

[Wolfinch]

If you use 4 digits of password, and if you encrypt the files even 3 -4 times, not it will not be safe.

Give longer passwords, 12 digits numbers, letters (upper and lower case), symbols. Then it will be non-breakable.

Thnaks for the knowledge, but that number password is just for example. My real password have 30-40 length with number, symbol, and word combination

Depends on how it was encrypted and the "file names".

Encrypted1.rar.
I figure out how to decrypt, resulting in a file of Encrypted2.rar, or some other collection of mostly valid files.
Knowing how #1 was done and I already cracked it, #2 would presumably be easy as well.

I can't unwrap the first layer without actually doing it. Any false/incorrect password or decryption won't result in any success.

Working cold fusion, here we come!

What if I put Encypted1.rar inside Encrypted2.7zip? What do you think?

 

[USAFRet]

What if I put Encypted1.rar inside Encrypted2.7zip? What do you think?

I think you're adding complexity for no gain in security.