The next version of ZipGenius will focus on documents security, so we had to refresh the set of file hashing algorithms we were using.

MD5 and SHA-1 will be still used as a reference just because they are widely used across the Web but they are already fated to die.

In fact, MD5 has been cracked a long time ago by creating “collisions” with a common desktop computer. A collision is the generation process of a fake hash of a file that is perfectly identical to the hash of a totally different file. When this happens, the algorithm cannot be considered secure because it doesn’t guarante the genuinity and integrity of a file.

The same matter applies to SHA-1 (and SHA-256), even though only in a theoretical way because collisions were found during several studies but not proved on the field, yet.

The only solution is to find a better algorithm. This is a job for the NIST, the USA entity that studies cryptography and technology, which periodically runs a competition to find the best algorithm that will become a standard. In 2012 the Keccak algorithm has been designated as the best one and in August 2015 it became an official standard for files hashing.

One of the Keccak (SHA-3) developer is Guido Bertoni of STMicroelectronics, an italian engineer with a vast experience in cryptoanalysis and who already co-developed other major cryptographic algorithms.

Well, ZipGenius will adopt SHA-3 (and not only: also Tiger, Whirlpool and others) to generate the hashes of the currently open archive. The application will be also capable of exporting those values in a HTML table that could be eventually uploaded to a Web site in order to offer a reference for checking the genuinity and integrity of an archive being downloaded.

Support ZipGenius with a donation

You can support the development of useful tools and application through a donation. Choose how to donate.

Donate Ethereum 0xF930D3dD7e33b92b4F7b59C87655746e00cc2829

Donate with PayPal