0

In a previous posting on Which is a safe way to transfer a copy of a sensitive document?, I have received suggestions to compress and encrypt an attachment file using the options of utilities such as zip, rar, 7zip and suchlike.

Although the specifics are not important here, the manual page of zip alerted me that there is much more to it than choosing a compression utility and send. Very seriously, the page zip is cautious to the point of hinting that you are not getting any serious encryption (emphasis added)

-P password --password password

Use password to encrypt zipfile entries (if any). THIS IS INSECURE! Many multi-user operating systems provide ways for any user to see the current command line of any other user; even on stand-alone systems there is always the threat of over-the-shoulder peeking. Storing the plaintext password as part of a command line in an automated script is even worse. Whenever possible, use the non-echoing, interactive prompt to enter passwords. (And where security is truly important, use strong encryption such as Pretty Good Privacy instead of the relatively weak standard encryption provided by zip‐ file utilities.)

Forewarned is forearmed. I have browsed/scanned several postings in this community such as

It is a lot of (interesting, well-presented) information, and the problem has many dimensions: compression utility, encryption algorithms, archive handler, perhaps many more. The drawback there is that I am a lay, moderately computer-savvy user, who faces the problem of choosing a compression utility that should have the following features:

  • be OS-agnostic. I am principally a Linux user, but I cannot afford making assumptions on which OS the mail recipient is using -- it'll probably be a Windows family member, although not necessarily -- I might wish to dual-boot on Windows one-off to bridge this gap;
  • produce an encrypted file that is archive-handler agnostic. Likewise, I don't know which archive handler the recipient is using -- it'll probably be a Windows Explorer of sorts, but not necessarily;
  • provide serious security; any perfunctory scrambling or placebo is obviously a waste of time;
  • produce a file that is relatively handy to decompress and decrypt; I cannot make assumptions on how lay and computer-savvy the recipient is. He/she might even be someone for whom installing a new program can be taxing, assuming that his/her employer permits this in the first place.

Apparently, I need some guideline to navigate this problem and choose what to do for an informed guess.

Is there any 'self-aid' wiki resource that you would recommend to find what one is heading for when using this or that utility? Any other suggestions ideas allaying these sorts of headache?

XavierStuvw
  • 965
  • 2
  • 8
  • 15
  • Could you use GPG on your choice of compressed file, or would GPG be difficult to use for the recipient. It can be a good idea to split out the compression and encryption. – jrtapsell Sep 24 '17 at 22:34
  • You misread the warning on Zip. It can be very secure. It's not the algorithm that is a problem. Can you articulate what specific use case you have that would require something more here? – Rory Alsop Sep 24 '17 at 22:38
  • @RoryAlsop The specific case is linked to at the very beginning of the post – XavierStuvw Sep 25 '17 at 07:34
  • That doesn't have anywhere near enough info. What is your threat model? Why do you think you need a different compression model or encryption algorithm, as this is not one of the security problems with zip in most use cases. – Rory Alsop Sep 25 '17 at 07:51
  • Thanks for following this up. No threat model. I am acting on generic, unspecified security concerns. In a metaphor I am wearing a safety belt without a scenario of what it will happen: I could just say that I wear it to hope to be better off in case of any/some accident. This is the most I can figure out at this stage, I am afraid. – XavierStuvw Sep 25 '17 at 07:58

2 Answers2

1

WinZip offers AES 256 and uses PBKDF2 to generate the key. It only uses 1,000 iterations, but with a sufficiently long password it should provide good security.

http://www.winzip.com/win/en/aes_info.html

To be honest, I think plain Zip with PGP would be better, but if you have non-technical people that you want to access this then passwords are easier.

Swashbuckler
  • 2,115
  • 8
  • 9
-1

Here's my decision matrix:

  1. If you know the recipient will only be using Unix-like systems (e.g. Linux, Mac) and won't install additional software, or if you want to preserve file owners, permissions, and other file attributes, then use tar.bz2 with gpg. Make sure you use the appropriate flags when creating the tarfile to preserve the metadata that you want to preserve. tar can preserve many metadata that other archive formats can't.

  2. If you don't know the OS the user's are using, but you expect that users to install additional software, use 7z format. The 7zip program is a cross platform, open source program; 7z is 7zip's native format, and is a very well designed file format, however 7zip program itself also supports all major compression format. Many moderately computer savvy people probably already have it installed.

  3. If you don't know the OS the recipient will be using, and you are going to assume that the recipient won't be installing additional software, then the only safe choice here is the zip format. Be cautioned though, that the original zip file format specification supports a weak, homemade encryption, which provides very little security. Newer zip file format also supports AES encryption, which is secure; unfortunately, older version of Windows Explorer (XP) doesn't support AES encrypted zip. If you are sure none of your users are using Windows XP or older systems, then make sure you use AES-encrypted zip (many recent programs still produce the old home made encryption by default, make sure you explicitly choose AES). Users with Windows XP or older can still use AES encrypted zip by installing additional software, such as 7zip.

Lie Ryan
  • 31,089
  • 6
  • 68
  • 93
  • You know that there is nothing preventing someone from using GPG, tar and gzip on Windows machineys, right ? Your initial criterion makes no sense: the decision for using GPG should be based on whether the recipient is able to securely use it or not. Your other suggestions are similar: you focus on (mostly imaginary) platform limitations instead of looking into the wider aspect of "how can I securely encrypt that in a way my recipient can easily decrypt it and still retain a reasonable level of security". – Stephane Sep 25 '17 at 05:35
  • @Stephane: I think you're missing my point. My primary criterion is based on what is usually pre installed. All non-minimal OS can extract zip without additional software, so it's the safest choice when you don't want to install anything. However, zip is not necessarily always the best format to use, hence the two additional cases where I'd suggest a different format. – Lie Ryan Sep 25 '17 at 15:06
  • There's nothing to prevent from installing tar and gzip in Windows, no, but it's quite tedious to install them individually, and they don't have a GUI front-end in Windows, so installing 7zip in Windows is IMO the most user friendly way to add all those popular formats to your tool belt. When you have 7zip installed, then using PGP for the archive encryption becomes much less favorable from usability perspective because 7z supports good encryption and no subtle traps like zip's old encryption. – Lie Ryan Sep 25 '17 at 15:20
  • You are missing mine (most likely because I haven't exposed it properly): your answer is lost in platform compatibility details (that are terribly dependent on context and therefore cannot provide a general answer) when you should focus on the bigger question raised by the OP: is there a way to transfer files securely, easily and in a way that is platform agnostic. The answer, of course, is either "no, there isn't" or close the question as a request for a product recommendation. I'm afraid that your answer just adds to the general confusion. – Stephane Sep 26 '17 at 14:00