archive file formats

7 replies [Last post]
muhammed
Offline
Joined: 04/13/2013

Wikipedia says that the zip file format was released into the public domain. Does that mean that it's free?

How does zip compare to other archiving formats? Does the answer change depending on the archive material size (eg 5mb, 500mb, 50gb)?

Zip seems like a good option for a workplace, partly because the big proprietary operating systems support it. If you think that this reasoning is wrong, please tell me.

I also have to password protect the archive. If I password my zip file, will Archive Manager encrypt the contents of the archive reliably (like how I assume GPG would)?

onpon4
Offline
Joined: 05/30/2012

Zip uses the same algorithm as Gzip, DEFLATE. The main difference is Zip uses it individually on each file, whereas Gzip uses it on the entire archive collectively, making Gzip better. I don't think there's really a good reason to use Zip, except to give something to a Windows user (since Windows only supports Zip archives out-of-the-box).

For password protection, as far as I know the best choice is 7-zip. Install the p7zip package to get full support for that format. The 7-zip format encrypts archives with the strongest form of AES, which from my understanding is OK (the U.S. government trusts it for top-secret stuff, for instance).

Michał Masłowski

I am a member!

I am a translator!

Offline
Joined: 05/15/2010

ZIP is free and has popular free implementations. Recent software
handles big archives (see ZIP64). 7z produce smaller files at slower
compression and bigger memory usage: decide what's important if you can
install software there.

On Unix-like systems tar archives compressed by gzip (same compression
as ZIP) or XZ (LZMA, like in 7z) are more popular. They compress all
files at once, unlike ZIP where each file is compressed separately (so
ZIP cannot use redundancy between different files in an archive, while
gzip can if the files are nearby). I don't know how well ZIP handles
archives, tar has useful features for backups.

There are better formats for some special cases, e.g. initramfs
compressed with a less efficient method with a very fast decompressor is
better.

onpon4
Offline
Joined: 05/30/2012

By the way, here's a rundown of the formats I'd recommend:

tar.gz: Quick, basic compression. Best choice for small files, since the extra compression of other formats doesn't help much.

tar.xz or tar.lzma: Slower, much better compression. A good choice for really big files.

7z: Basically the same type of compression as tar.xz (LZMA), but has some additional features: it prevents redundant files from increasing the file size, offers encryption (password protection), and offers splitting one archive into multiple files.

tar.bz2 used to be a useful format for large files, but LZMA (tar.xz) makes it so bz2 is now only ever useful if some software handling the archive is incompatible with LZMA. It's pretty much in between tar.gz and tar.xz.

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

My recommendations would differ: GZIP if speed matters (it may even be faster than copying the original files), XZ if only size matters... and speed usually matters when the archive is GB large (you do not want to spend hours compressing).

leny2010

I am a member!

I am a translator!

Offline
Joined: 09/15/2011

Most workplaces install a third party compression utility on top of W$. All those I know of and Apple stuff understand GZIPed TAR named .tgz. If yours haven't get the admins to install 7-zip which AIUI is free software.

Otherwise you'll probably run into problems with some older machines still having the 4GB zip boundary problem. .tar.gz is a better format for all and doesn't have the4GB problem. If they've got 7-Zip you can also use .tar.xz for even higher compression.

My personal preference for encrypting archives is to use GPG. Then you've got more control over who can open it than just a password. Plus, as you can tell from Internet Banking routinely requiring you use a token if you want to be able to transfer noticeable amounts of money, a password alone is not great security.

Domestic users generally value convenience too much for strong security measures which really need admin time to do it properly, e.g. how many of the people here check their logs for signs of intrusion? With the reputation of China's security services being they're actively interested in industrial espionage over the Internet and with so many intrusions reported publicly in goverment reports each year I wouldn't advise any workplace to rely on just passwords for any data at all.

lembas
Offline
Joined: 05/13/2010

There seems to be package fcrackzip included in Trisquel. It's a Free/Fast Zip Password Cracker. Its man page includes:

*** ZIP PASSWORD BASICS ***
Have you ever mis-typed a password for unzip? Unzip reacted pretty fast with 'incorrect password', without decrypting the whole file. While the encryption algorithm used by zip is relatively secure, PK made cracking easy by providing hooks for very fast password-checking, directly in the zip file.

(PK is the original maker of ZIP)

I personally wouldn't trust anything else besides GPG, that's pretty much what Snowden said.

muhammed
Offline
Joined: 04/13/2013

Thanks a lot guys