7-Zip Encrypted Archives

 

7-Zip is a free file compression program that gives users the option of also encrypting compressed archives using the AES256 algorithm.  You can download a copy of 7-Zip from http://www.7-zip.org. Once you download and install 7-Zip, you can access it by ‘right-clicking’ on files you want to compress, and encrypt.

 

To encrypt a file or folder using 7-Zip right click on it and choose ‘Add to archive…’ from the 7-Zip menu. From the next menu choose “7z” for your Archive Format, and select AES256 as the Encryption method. If you don’t want your file and folder names to be visible in you 7-Zip archive, check the “Encrypt file names” box. Enter a strong password and click “OK”. 7-Zip will now compress and encrypt your archive.

 



 

Anyone with a copy of 7-Zip and knowledge of the password protecting the encrypted archive can access its content. Thus 7-Zip is an excellent way of sharing files securely. If for some reason the recipient of the archive doesn’t have a copy of 7-Zip you can always create a self-extracting archive by choosing the “Create SFX archive” option. This creates an executable (.exe) file so there is no requirement to have 7-Zip installed to open the archive. Self-extracting archives are useful for storing back-ups of files and folders, but less useful for sharing information as many e-mail programs won’t allow you to send a .exe attachment, or will not allow a .exe attachment to be delivered. Still, if you are making archives available in some manner other than e-mail (such as through OnionShare, Dropbox, or Google Drive), self-extracting archives are still be a useful option.

 

With 7-Zip, you also have the option of choosing “Zip” for your archive format. The zip format will be compatible with most other file compression programs, and you still have the option of encrypting files and folders using this format. If choosing zip as your archive type you lose the option of encrypting file names and creating self-extracting archives. When using the zip archive format, I recommend that you first create an unencrypted inner archive. Name this inner archive something innocuous and then place this inner archive into an encrypted outer archive. In this way you protect the file and folder names from anyone who does not know the password to decrypt your outer archive. In most cases I recommend downloading and using 7-Zip, but in some business environments users may not be able to install programs like 7-Zip on their work computers. The zip archive format, using both an inner and outer archive, allows you to securely share files and folders, while protecting the file names, when the recipient does not have 7-Zip installed on his or her computer. 

 

You may note that when using the zip archive type, you have the option of selecting “ZipCrypto” as your encryption method. ZipCrypto is a weaker encryption algorithm than AES256 and is available for backwards compatibility with some file compression and encryption schemes. AES256 is the default encryption for most encryption today, so generally speaking you should never select the ZipCrypto option when creating a new archive.

 

On your personal computers, and on your business computers where allowed, I recommend that you download and install a copy of 7-Zip. This will provide you with an excellent file compression program, and will also give you a way of creating AES256 encrypted archives. If you store copies of your personal information in the Cloud, or perhaps burn files to CD/DVD and store them off-site, an AES256 encrypted archive is an excellent method of protecting that stored information.