How to encrypt ZIP files securely using 7-Zip
A short introduction to Encryption
Encryption is a way of scrambling the data within your files to prevent a third party eavesdropping. Encryption can be symmetric, where the same password is used for encrypting and decrypting the data. Asymmetric encryption is the method using the concept of public and private keys eliminating the need to transfer a password between the 2 parties.
Encryption within Windows
Windows supports the use of ZIP or compressed folders, however it is hampered by the use of weak encryption, that can be brute-forced using a myriad of programs in minutes to hours with a modern PC. Winzip, WinRAR, 7-Zip and others offer the more secure AES standard. AES, like any encryption scheme, can be broken given time, but this is likely to run into hundreds if not thousands of years.
1. Download the most modern non-beta version from here.
2. Install using default options.
As default 7-Zip installs itself to with “explorer extensions” that allow you to right click on items on the desktop or in windows explorer to compress files. Z-Zip has its own file format 7z which is more efficient at compressing files than the standard zip extension, but this will mean the person you are sending the file to will also have to use 7zip. Using the zip format will enable people using other programs to de-compress the file.
1. Right click on the files or folder you wish to compress and encrypt.
2.Firstly change the Archive format to Zip (or use 7z if both you and your intended recipient use 7zip), then change the encryption method to the robust AES-256, thirdly enter your password. Then click OK. The rest of the options can be left as default.
Simply right-click on the file, select extract then enter the password when requested.
Your data will still be vulnerable to a “dictionary attack” where an attacker cycles through common passwords such as “Love”, “Password” etc. To protect from this simply make your password a mixture of numbers and letters rather than simply a single English word. One way to protect from this would be to use a random generated password or use asymmetric encryption.