What's the most popular way to encrypt individual files or folders?
Ubuntu – tool to encrypt a file or directory
directoryencryptionfilessoftware-recommendation
Related Solutions
Cryptkeeper
WARNING: CryptKeeper has recently been reported that it has a universal password bug that puts your data at potential risk. This issue may not yet be fixed in Ubuntu, use this solution at your own risk.
Relevant bug information links:
Upstream bug: https://github.com/tomm/cryptkeeper/issues/23
Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852751
sudo apt-get install cryptkeeper
After installing, go to Applications –> System Tools –> Cryptkeeper.
Cryptkeeper will automatically attach itself to the top panel
To create an encrypted protected folder, click on Cryptkeeper applet and select ‘New encrypted folder’
Then type the folder name and where to save the folder and click ‘Forward’.
Type the password and click ‘Forward’.
The folder will be created and ready to be used.
To access all encrypted folder, click on Cryptkeeper applet on the panel and select each folder.
Type the password before it is mounted to be accessed.
Done
To delete a folder or change the password, right-click the folder in the panel-applet.
- TrueCrypt can create mountable encrypted disk images
You can access TrueCrypt volumes on all three major OS. This is a disk encryption tool rather than a file encryption tool, so the choice of file system inside the disk image is important if you want to be able to mount the file system inside - chose a file system that works on all platforms you intend to use. FAT32 is probably the safest choice.
Note that in order to install the TrueCrypt driver on Windows, you will need to be an Administrator user, or gain the cooperation of one, for every workstation you wish to access a TrueCrypt volume on. In addition, any process with access to the mounted file system will be able to read your files in the clear, so you must trust all systems on which you mount your encrypted volume.
- GnuPG can create individual encrypted files
If you can't use TrueCrypt, or don't like it's caveats, then you can encrypt individual files with GnuPG. Gpg4win provides easy to use Windows tools for GnuPG. While GnuPG will encrypt files at the simple "password" level, you may wish to read up a little on Public Key Cryptography.
Best Answer
GnuPG (GPG) can use asymmetric and symmetric encryption. Asymmetric crypto involves a two keys, a public key for encryption and a private key for decryption. See djeikyb answer on this page for asymmetric key usage.
For symmetric encryption, the encryption and decryption keys are equal. It is important to realize that most people are very bad at choosing strong passwords. Thus, an encryption scheme using passwords should use a key-derivation function that takes more resources (time, memory) to slow down brute-force attacks.
For a description of GnuPG's KDF, see this Crypto Stack Exchange post. Example usage of symmetric encryption:
Decryption:
Note that
gpgcaches the symkey by default (documented behavior). In order to avoid that, use--no-symkey-cacheoption as described in a related answer.Manual page of gpg.
old answer for users who are able to chose good keys, see note below
For single files,
opensslis very useful, especially when sending the file over an unsecured channel (e.g. e-mail). It's free (in money and in freedom), unlike Truecrypt, which is only free in money.NOTE: the password that you enter here will be processed by one MD5 iteration 1. If you chose a password "123456", then you will have very little security.
Encrypt:
You'll be asked for a password, which you have to input twice.
Decrypt:
Manual page for the enc program.
1
openssl encuses the digest function defined by the-mdoption (default md5) and invokes functionEVP_BytesToKey()with an iteration count of 1. This can be found in the openssl source atapps/enc.c.