Zip AES Encryption

English: Icon from Nuvola icon theme for KDE 3...

Encryption Key (Photo credit: Wikipedia)

We use computers and the Internet to make life easier, but at times the convenience can be overshadowed by privacy and security concerns. As computer owners and users, it is our job to make the computer provide the level of privacy and security we require.

For simple file sharing by email or online folder services, you can add reasonably strong encryption with the standard AES crypto feature of WinZip or 7-Zip. Two things to note: file names are *not* encrypted, and the encryption is only as strong as the password you choose. To encrypt or decrypt files with Zip AES, use the following documents as a guide:

WinZip is a shareware (for-purchase) Zip utility currently owned by Corel Corporation of Canada. 7-Zip is a popular free open source Zip utility. You can download these programs from the following sources:

Here are some Zip encryption security recommendations. Practices like these will make working with encrypted zip files easier and more predictable:

  • Do not use any sensitive names for your folders or files, these will be viewable by anyone without any need for your Zip-file password.
  • Zip & Encrypt once and *don’t add files later*. Once you’ve created an encrypted zip file, treat it like a sealed and locked package. Any change you make to it may result in some or all of the files being decrypted.
  • Decrypt & UnZip (Extract) files once and then only use the extracted files. It is too easy to lose or forget the zip password. Once you have received, decrypted & extracted your zip files & folders – plan to delete the locked zip file soon after, treat it like the damaged packaging, tape, and seals from a one-time use secure package.
  • Send the password a different way than you send the file (under separate cover). If someone gets the password then the file will no longer be private. For example: if you send the file using a shared FTP site, then send the password to the recipient over the phone or by email.

This technique is simple and provides a quick solution for a common technology problem – we want to send and receive files without any in-between people or systems accessing the content. Good luck with your zip encryption solutions!

Advertisements

About notesbytom

Keeping technology notes on WordPress.com to free up my mind to solve new problems rather than figuring out the same ones repeatedly :-).
This entry was posted in System Administration and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s