I was wondering how rar decryption works.
I know that when I enter a password to encrypt my rar file, my password is derived into a key that is used to encrypt the rar file.
But how does the decryption work? How does it know if the password I entered is the good one or not?
I guess it could work 2 different ways:
I enter a password to decrypt my file –> It derives a key from this password and tries to decrypt the file
The key that has been derived from my password is hashed and stored somewhere (but where?)? Then when I try to enter a password to decrypt the file, the password is derived into a key, the key is hashed and compared to the value that is stored somewhere?
I think this is more like the second way because if I use John the ripper, the utility john2zip seems to find the hash that is stored somewhere in the rar file, right?