Encrypted RAR inside Enceypted RAR

[Wfz234]

Is it safe if I put encrypted rar inside encrypted rar? For example:

 

Encrypted Word.doc INSIDE Files.rar (pass: 567) INSIDE Files2.rar (pass 1234).

 

I do this to make extra security layer. So when people success bypass my first layer (1234), they still need to bypass second and third layer security.

 

Is it safe? Like can it corrupted in the future if I add/remove file inside that kind of archive?

 

Actually I've already do this at least 3 years without porblem at all.. but dunno why, I afraid now.

 

UPDATE: Forgot to say that I use this method only to prevent common people. Not hacker, cracker, or other people that have bypassing knowledge

[Levent]

It is fine and all but it is dumb IMO. Why not use something like veracrypt container then put whatever in it instead?

[Wfz234]

Just now, Levent said:

It is fine and all but it is dumb IMO. Why not use something like veracrypt container then put whatever in it instead?

I have veracrypt and use it for another purpose..

 

I use Rar inside rar method only for small file like doc, and upload it to drive.  Too big if i upload and download veracrypt everytime I need to update the data.

 

Cant use auto backup method because internet connection problem

[mariushm]

Old RAR versions have bad encryption, with known tricks to recover passwords relatively fast.  Newer RAR versions have strong encryption.

 

But it would make more sense to stop using RAR and use 7z archives, the encryption is very good and 7-zip is free, open source etc.

 

Also ... using just numbers for passwords makes it super easy and fast for someone to guess the password using an automated tool. Add a few letters and symbols and you increase the difficulty significantly  ... for example instead of 1234 use Wolf12!XY34   ... and then Wolf56!XY7 

 

Another better password than just numbers would be something like  "!!!Stupid Word Document!!!"   - you have symbols, lowercase, uppercase, and enough characters to make it hard to do dictionary attacks and it's easy to remember

 

 

 

 

[AbydosOne]

24 minutes ago, Wolfinch said:

I do this to make extra security layer. So when people success bypass my first layer (1234), they still need to bypass second and third layer security.

If an actor can bypass one layer using technological means, nesting (the same type of encryption) makes no difference.

 

If an actor has unlimited resources, nesting will make no difference but buy time.

 

If an actor has no moral issues with torture, nesting will just prolong your suffering.

 

From my perspective, I just see a waste of effort and CPU cycles.

[Eigenvektor]

The biggest improvements to security you can make are: Use something with a strong encryption algorithm (e.g. 7-zip uses AES-256) and pair it with a strong password (password length being one of the most important factors). Using the same algorithm twice doesn't add much extra security, if any.

[dilpickle]

3 hours ago, Wolfinch said:

Is it safe if I put encrypted rar inside encrypted rar?

Is it safe? Yes

 

Is it providing extra security? No

[Wfz234]

14 hours ago, mariushm said:

Also ... using just numbers for passwords makes it super easy and fast for someone to guess the password using an automated tool. Add a few letters and symbols and you increase the difficulty significantly  ... for example instead of 1234 use Wolf12!XY34   ... and then Wolf56!XY7 

 

Another better password than just numbers would be something like  "!!!Stupid Word Document!!!"   - you have symbols, lowercase, uppercase, and enough characters to make it hard to do dictionary attacks and it's easy to remember

Thanks for the knowledge, but that number password is only for example. My real password is 30-40 length with combination of number, symbol, and words

14 hours ago, AbydosOne said:

If an actor can bypass one layer using technological means, nesting (the same type of encryption) makes no difference.

 

If an actor has unlimited resources, nesting will make no difference but buy time.

 

If an actor has no moral issues with torture, nesting will just prolong your suffering.

 

From my perspective, I just see a waste of effort and CPU cycles.

13 hours ago, Eigenvektor said:

The biggest improvements to security you can make are: Use something with a strong encryption algorithm (e.g. 7-zip uses AES-256) and pair it with a strong password (password length being one of the most important factors). Using the same algorithm twice doesn't add much extra security, if any.

Forgot to say that I make this method only to prevent common people, not to hacker, cracker, or other people that have knowledge to bypass something. Just like put a locker inside a locker to prevent "common" thief, but of course it cant prevent robbery with bomb, etc.

 

And what if I use encypted rar inside encrypted 7z? What do you think?

11 hours ago, dilpickle said:

Is it safe? Yes

 

Is it providing extra security? No

what if I use encypted rar inside encrypted 7z? What do you think?

[mariushm]

It makes no importance if it's rar or 7zip  or other archive format.  It's a locked box, inside a locked box.   If someone is clever enough to break the first lock, they can break the second lock, you're just extending the amount of time it takes to break the locks - eventually, they'll break the lock.

 

Most archive formats use well known encryption algorithms these days, similar to the ones browsers use when you access an encrypted website (the ones with https:// in front) . 

For example, this website uses TLS_AES_128_GCM_SHA256 , TLS 1.3 , AES-128 bits encryption  ... WinRAR uses AES-256, 7-zip  uses AES-256, WinZIP uses AES-128 or AES-256...

 

 

[Eigenvektor]

2 hours ago, Wolfinch said:

And what if I use encypted rar inside encrypted 7z? What do you think?

While technically more secure, it's not worth the effort, imho. AES-256 should be "unbreakable" for the foreseeable future.

 

The weakest link is your password. If your password is good, one should be enough. If your passwords are easy to guess, adding a second one makes little difference.

 

I would put my efforts into creating one secure password rather than two medium ones.