Don't forget about 0x40000 iterations of SHA-1 based hash for "password to decryption key" transformation - it's take about 0.1 sec per password on my machine (2.5GHz). If it's not joke - it's at least not simple bruteforce (but how bruteforce without decompression? you can't know even one byte from compressed stream)