This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author 大野隆弘
Recipients alanmcintyre, serhiy.storchaka, twouters, 大野隆弘
Date 2018-09-01.00:33:47
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Agree, we should not enhance weak encryption to the world.
But unfortunately, MS Windows supports only this type of encryption as far as I researched.

That is the my first motivation of Traditional PKWARE encryption(a.k.a  ZipCrypto/Standard Zip 2.0 encryption) support.
If this big platform supports AES, we don't have any reason to support. But unfortunately not.

On the other hand, encryption algorithm compromising happens forever.
I believe python developers must have ability to make decision of suitable algorithm because "We are all (consenting) adults here".(I love this phrase)

Also implementing other algo (including AES) support must affect to decryption of zipfile module. 
As we can imagine it should be big task and should be divided.

These are the background of my suggestion.

In summary, 
 1. We don't have to support "weak" encryption like DES/RC2 although they are on the document.
 2. But Traditional PKWare Encryption is special enough to support because of the circumstances.
 3. Other algo support in both decrypt/encrypt should be implemented sooner or later.

Any feedback is welcome.

FYI  : All candidate of Zip encryption
(Traditional PKWARE encryption)
0x6601 - DES
0x6602 - RC2 (version needed to extract < 5.2)
0x6603 - 3DES 168
0x6609 - 3DES 112
0x660E - AES 128 
0x660F - AES 192 
0x6610 - AES 256 
0x6702 - RC2 (version needed to extract >= 5.2)
0x6720 - Blowfish
0x6721 - Twofish
0x6801 - RC4 AlgId


FYI 2. Other languages/tools support

Perl : "Support Encryption" is in TODO

Go : Both (AES/Traditional) encryption is going to be integrated( discussion was suspended?)

Ruby : Supports as experimental

WinZip : Supports but not recommended.
Date User Action Args
2018-09-01 00:33:49大野隆弘setrecipients: + 大野隆弘, twouters, alanmcintyre, serhiy.storchaka
2018-09-01 00:33:49大野隆弘setmessageid: <>
2018-09-01 00:33:49大野隆弘linkissue34546 messages
2018-09-01 00:33:47大野隆弘create