"corrupt" zip-file instead of password protecting

Question

I develop android application that receives password-protected zip-file from the network. The idea is to protect content in these zip-files from extracting and copying. But there is an issue - extracting password-protected takes long time (~30 sec) on handheld devices. I use zip4j library - the only library I found for extracting password-protected archives.

I have an idea. The idea is to transmit "corrupted" archive, where several bytes in the middle of file will be reversed, for example. Before extracting these bytes will be reversed again, and I will be able to extract archive quickly.

The question: can my data inside the archive be protected this way?

Answer 1

Depending on what the data inside the zip file is, a different approach may be possible for you. Have you considered encrypting the file differently.

For example, I did a project in which I was displaying small snippets of information. The collection of snippets took time to collate and as such had some value and I didn't want anyone simply taking the info. Each snippet was a line of text. Rather than password protect the whole file, I encrypted each line in the file. The de-cription of each line was quick and invisible to the user.

Also, consider that the zip file password protection is not secure. There are zip file cracking tools available on-line which will have a good go at opening the file.

Answer 2

By changing random bytes in middle of Zip, you'll probably make one file in Zip to get crc errors during decompressing (thus become "corrupted"), but other files may be readable, or even all files would be readable, at least partially. You may consider to somehow "encrypt" Zip directory, which is stored at end of Zip file. Anyway, Zip file has another per-file header blocks which may be "fixed" by some zip fix tools, so you'd have to encrypt also these. Consider to find a better Zip library for reading valid AES encrypted Zip files.