How secure Is downloading encrypted WinRar files?

if you were to download a file which is encrypted with the common WinRar program can the content of the file be revealed through transit with deep packet inspection? Reason why I ask this is because in transit the file is broken down into smaller pieces or I guess another name would be Packets, is every individual piece of the file encrypted?

 

If, let's say, a piece of malware is encrypted inside a WinRar archive or any other encryption software:

The AV will not detect anything, neither during nor after the download.
But once you open the archive with the correct pwd (hence decrypting it's content) the AV scans the decrypted files on the fly and will spot the malware right away.

So, it is safe to download encrypted files no matter what is inside.

 

With some encrypted archives (ZIP), the filenames can be visible but not the contents of the files. This may be the case with RAR also. Would file name exposure be an issue for you?

 

You can choose to "encrypt filesnames too" before the encryption process.

 

I'd recommend 7-Zip over WinRAR; it's free. ;-)

You can open RAR files with 7-Zip, you just cannot make them.

7-Zip supports AES-256.

 

Bump.

well of course AV's won't detect anything, it doesn't operate with deep packet inspection.

I was more along the lines of if say for example some one at an ISP was performing deep packet inspection on your traffic. Now to encrypt a say 1 gig
winrar file it only takes like 2 seconds. This indicates to me that the only protection it provides is that you cannot open the file without the password. however when you are downloading the winrar file it is broken down into smaller separate pieces ie packets during the downloading process. Therefore
some one at an ISP who is performing Deep Packet Inspection would be able to see the actual contents of the file.

Does any one get what I am trying to say here?

 

DPI from an ISP cannot read truly encrypted packets - in any way. They may be in bits and pieces as they are downloaded, but they are still like pieces of a scrambled puzzle that can only be put back together with the decryption key.

 

I second that, the only way for your ISP to read those files is by decrypting them first, deep packet inspection does not decrypt anything. It does not matter if the files are split into pieces or not, it is still encrypted data with a different file size.

At the same time your antivirus will not be able to detect any virus until you have decrypted the file.

My only concern would be the .rar file name, your ISP will log the file name and location of download, as well as size (e.g. 20MB).

For example URL rapidshare.com/buildanuke.rar would be logged, the encrypted content does not have to necessarily be buildanuke, but it would not look too good on you.