Ways to Encrypt a File


There has been a lot of interest in the state of cryptography lately. The NSA documents that Edward Snowden leaked are still being released to the public, and we are not happy. Now even those that are not partaking in illegal activites are interested in encrypting their digital documents. I have started researching different ways to encrypt files using a GNU/Linux OS. Here are my findings.

Encrypting with zip

Using the encryption function with the zip command might not be the strongest way to encrypt a file, but it is better than no encryption at all. Here's the command to do it:

zip -e myencryptedfile.zip myregularfile

This will compress and encrypt the file called "myregularfile". You can compress and encrypt a folder using -er. Note: zip's manual says "[...] where security is truly important, use strong encryption such as Pretty Good Privacy instead of the relatively weak standard encryption provided by zipfile utilties." -- so encrypting with this method is probably not the first choice if you have others available.

Encrypting with bcrypt

bcrypt encrypts and decrypts files using the blowfish algorithm and appears to be more secure than zip's standard encryption. You can encrypt a file with bcrypt using this command:

bcrypt myregularfile

This will create a file called "myregularfile.bfe" that can be decrypted using this command:

bcrypt myregularfile.bfe

bcrypt's manual says "By default, bcrypt will compress input files before encryption, remove input files after they are processed (assuming they are processed successfully) and overwrite input files with random data to prevent data recovery." So on that front, it compresses files like zip, but securely overwrites the location of the former unencrypted file.

Encrypting with gpg

gpg, or GNU Privacy Guard encrypts files using a symmetric cipher and a passphrase. You can even select alternative cipher algorithms for gpg to use. To encrypt a file with gpg use this command:

gpg -c myregularfile

Then gpg will ask for your passphrase. Notice that gpg leaves the unencrypted file behind, so make sure to take care of that.

Encrypting with TrueCrypt

TrueCrypt is a program that can create encrypted virtual drives or encrypt an entire physical drive. This is a great way for users that want non-command line interfaces. To use TrueCrypt, simply install it for your OS (GNU/Linux, Mac OS, or Windows) and follow the interface directions after opening the program, which are very intuitive. You can get a copy of TrueCrypt on the offical website: TrueCrypt Official Site.