Jump to content



Photo

Simple program(s) to encrypt files, exchange from Windows to Mac

encrypt windows

  • Please log in to reply
19 replies to this topic

#1 Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 06 February 2013 - 01:48

Looking for a simple way to encrypt mostly text files, to exchange by email w/ some of my "non technical" Mac user friends. Something that uses decent encryption & is easy to use. 7-Zip for Windows is perfect, but I've not found any maintained, up to date GUI prgms for Mac that can read / write 7-Zip format.

Keka (for Macs) is maintained & will do 7-zip, but ONLY uses "Zip 2.0 legacy" encryption. http://forum.kekaosx...7907ac911711d10

Don't necessarily need compression, but these type prgms would be really easy to use for non techies.
I use TrueCrypt, that also runs on Mac, but it might be a bit cumbersome for encrypting a file to attach to email.

I don't think these particular friends could / would master setting up Thunderbird to use signing & encryption certificates & deal w/ using public / private keys.
Maybe, but something simpler would probably be better for them.

Any suggestion for other easy to use Mac encryption prgms (for one file at a time), & a Windows counterpart, both able to read / write in same format?


#2 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 06 February 2013 - 13:45

Truecrypt is not really designed for 1 file..

7z can encrypt something that you compress, etc. Not really the right tool for what your wanting to do..

Why don't you just use gnupg? its FREE and runs on pretty much any OS out there.. Simple easy gui interface if you want it, etc.

http://www.gnupg.org/

Project Gpg4win provides a Windows version of GnuPG. It is nicely integrated into an installer and features several frontends as well as English and German manuals.

Project GPGTools provides a Mac OS X version of GnuPG. It is nicely integrated into an installer and features all required tools.

edit: Seems the shell extensions don't work on 64 bit.. Use to be able to just rightclick a file and encrypt to juts a password without using keys.. I was going give a screenshot but gpg works just fine from command line.. But that might be a bit over the top for users..

http://runtime-era.b...es-w-gnupg.html

edit2: Ok found a simple to use gui tool for your window users that are not bright enough for anything else ;)

easyinterface1.png

You open file you want -- see my example contact file, it creates a encrypted copy with just a password if you don't want to use keys and then you can send that file be it email, be it cloudshare, ftp, usb disk, whatever and if they know the password they can decrypt. Using keys is MUCH easier and better option to be honest - with keys you never need to exchange a password and you can encrypt files back and forth and only the key encrypted too can decrypt.

Notice the dates on my keys.. Been working with this stuff for quite some time so if you have any questions - just ask. Those are not even the oldest, but the oldest I have continued to use over the years of decent strength, older keys were not as strong so stopped using them, etc.

#3 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 06 February 2013 - 18:51

Thanks BudMan,
It's the Mac users that "aren't bright enough." Either way, maybe should call them "not computing tech - inclined." I'm the Windows user & would have no problem, if decided to use GPG. I'd love for the Mac users to master using it.
1) I looked at several of the tutorials & some vids on using GPGTools. I take it you use either their own email app, or it's a plugin for AppleMail? I missed the part about actually sending the encrypted file via email.

With ANY plugin, comes inevitable compatibility issues / bugs, as changes are made in the main program the plugin is made to use.

2) In GPG4Win, to actually email the encrypted files, it uses a plugin for Outlook? Does Outlook even exist anymore?
I haven't used Outlook Express (Mail / Live Mail) - in decades. Looks like a GPG front end / plugin for Tbird is the popular Enigmail (assume for either Win or Mac). Many of my Mac friends actually use Tbird.

The method of public / private keys would work well, once the less technical mastered it & especially if sending a lot of encrypted email. The concept of public / private keys & using Gnupg may be simple for you (& me - once I started), but it isn't for those not into technical aspects of computing. I agree, Gnupg would solve encrypted communication issue between Win & Mac. But for some, simple - it's not.

7-zip: for encrypting one file, once in a while & attaching to email, I'm not sure anything could be simpler than 7-zip. Don't have to use compression, but if attaching graphics, large files, is useful. But maintained front ends for command line port of 7-Zip, that runs on Mac (p7zip - that uses AES 256) are hard to find. Only one I've found, maintained on semi regular basis is EZ 7z. Some sites list as shareware. TechSpot (at least) lists as freeware http://www.techspot....7z-for-mac.html

#4 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 06 February 2013 - 20:24

https://www.gpgtools...ices/index.html

It pretty clear that it supports file encryption
Overview

GPGServices is a plugin for the global OS X Services menu, which adds the ability to almost any application (e.g. Safari, Finder, or TextEdit) to use OpenPGP functionalities. In a nutshell:
  • Any folder: sign and encrypt.
  • Any file: verify, sign, import, encrypt, and decrypt.
  • Any text selection: verify and import.
  • Any text field: verify, sign, import, export, encrypt, and decrypt.
You can also assign keyboard shortcuts to each operation.

I have been using gnupg to encrypt files for years and years - when was on windows 32 bit it was just click click and done. I would assume same thing if you turn on the OS X services stuff.

It really is simpler if you create keys - which is a one time setup... You would create, they would create and then you could send each other encrypted stuff without any need of having some password you have to send each other in other channels, etc.

As to 7zip on mac -- I don't normally use OS X, I have access to it and dabble with it, more on the command line stuff. But i would think 7z has a gui for it mac that is free as well. Will look into it.

here you go for OS X
http://www.kekaosx.com/en/

Keka is a free file archiver for Mac OS X
the main compression core is p7zip (7-zip port)
Compression formats supported:
7z, Zip, Tar, Gzip, Bzip2, DMG, ISO
Extraction formats supported:
RAR, 7z, Lzma, Zip, Tar, Gzip, Bzip2, ISO, EXE, CAB, PAX, ACE (PPC)

edit: side note figured out how to get the rightclick encrypt/decrypt back under 64bit windows.

Drive_Letter:\windows\syswow64\explorer.exe /separate

This runs a 32bit version of explorer that so that allows GpgEX to work and adds

encrypt64bit.jpg

#5 syobon999

syobon999

    Neowinian

  • Joined: 22-December 09

Posted 06 February 2013 - 20:27

Axcrypt

#6 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 06 February 2013 - 21:48

Axcrypt is Windows only.

BudMan, I never questioned encryption ability of gnupg / gptools.

One thing I did ask was, how sending an gnupg encrypted file via email worked. The gptools appears to have its own mail app or at least a plugin for Apple Mail.
But is it also possible just to encrypt a single file & attach to email, rather than using an email client plugin?

Keka, as I said, will do 7-zip, w/ encryption, but only uses "Zip 2.0 legacy" encryption. That's OK for prying eyes, but hardly secure. It's on Keka's to do list to add AES 256 bit encryption. Who knows when that'll happen.
Where as 7-zip (Win) or command line p7zip, both use AES 256.

Interesting - Latest Tbird versions have their OWN message encryption system, called S/MIME. That appears to be different than using Gnupg. Unless I'm wrong, public / private KEYS aren't used in Thunderbird's S/MIME system - but rather "signing" & "encryption" certificates. Not sure if they accomplish the same thing as Gnupg; or as easily; or as securely.

I played w/ Tbird 18 encryption system some, but there doesn't seem to be a detailed KB article on the S/MIME system. There is a "high lights" article on http://www.mozilla.o...get_recip_certs that's relatively recent, but not what I'd call a tutorial for non tech users. Almost all that I found in web searches for encrypting email in Tbird involved gnupg or Enigmail plugin (that uses Gnupg).

#7 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 06 February 2013 - 22:27

"I missed the part about actually sending the encrypted file via email."

This the part I took that you didn't think it encrypted files -- if these users don't know how to attach a file to email, then there is NOTHING going to be simple enough for them to use..

S/MIME is not tbirds own anything -- http://en.wikipedia.org/wiki/S/MIME

And yes your wrong you use public and private keys in S/MIME no matter what application is using it.

what exactly are you wanting to send that you need AES 256??

You do understand that if your encrypting a file with say 7zip -- your still only as secure as the password.. If you use P@55w0rd1 or something as your password - then its NOT very secure..

#8 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 07 February 2013 - 00:14

I realize other email clients use S/MIME. Should have said, "Tbird's native S/MIME signature / encryption. But, AFAICT - S/MIME & PGP don't work the same way. They have similarities. But I'm not well versed on either.

S/MIME seems to use a Signing & an Encrypting certificate. I haven't seen anything about "keys," in S/MIME articles, but that may just be semantics.
I don't know if S/MIME (in Tbird) is more / less / same in ease of setup & use for avg users.

We don't need 256 bit encryption, per se. For 7-zip - it only offers 256 bit. WinRAR / RAR has 128 bit, but again - can't find up to date RAR GUIs for Mac.
But Zip 2.0 legacy encryption is about strong enough to keep honest people out. And yes, PWs need to be long & random, just like in TrueCrypt (if not using keyfile) or other similar, strong encryption prgms. Those can be copy / pasted from flash drive, etc.

#9 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 07 February 2013 - 03:43

BudMan (or others),
Since Mozilla / Thunderbird is on a mad man release schedule, I read that Enigmail admits having trouble keeping up. Their # of releases will be reduced & NO updates w/o corresponding Tbird new release (unless there are serious bugs, making Enigmail unusable for MANY users).

In light of that, if you were going to use a PGP / Gnupg system / software, which ones do you prefer & why? You mentioned GPG4Win. For encrypting EMAIL MESSAGES, what do you use?
GPG4Win (or for another OS) & what? - the plugin for Outlook?; the included Claws email client; or something else entirely for encrypting email?

I'm not a big fan of Outlook / MS mail clients. I'd be concerned about the security of a small client like Claws (the client itself & being timely patched).
Thanks.

#10 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 07 February 2013 - 13:01

You don't need any tie into email to send encrypted messages or sign the message.. Just sign the text of the message or encrypt and sign it, and paste it into the message your sending.

Here I created a new key and encrypted and signed this message -- you would just paste into your email message

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78

hQEMA1nIeb39RdC7AQf+MMbl1bYLWcpvTBdRZszGtDO5JCYDKNHRJuRvkP92gcTV
GSiWPMq45ieV5JTZxlDfHjPSQKIYywusyO8FflPxv39+UTDxWILdB0+GnEvO7wx1
QFOnS2GRoe3baGX/FJMvWvJbEp3wnlz7i/S8YRfmQDR039VOL4RTtNVUhi8J+Fbh
ZE+yqFaVpK+ozum6tOfYcvyePZAA/9fP4f7zRZ5VU9JUKTQY5E87WWlkgQI7yOHH
qkKgGxT60EGbY+dCq9uiTg8qddDq3FQbj0OScEdAfNdFtwYjhVbZmYbs2tOJbw9H
b1sfYf2z1h7WqXM0mC10VJeaINr4knOX/aTXBM2Ie9LAzwEiB/a4D3IwvaGXlNXF
qsCaZ2yJYYR+Rt9EA+lVkWsVYYdKSsojEiY78Ea1nmR+FCQVrtN5kZXwHtmEn0sA
apgVJzJTdufRGweWsVw1cuqfGUXNjtTvugetWmlrty9g1uRVzvqwsynZXb1ZHV8c
yhXvafjs4qNOYwIlKhMROr36eg1/VD4bYK+Dsyfs8TV/TuRBDaSOckuPu4hOTM4t
8Xck4RYrz6csemCdyFFpUl4olAR8hcz91CzaIm0hjUDZaUxc9CnvYDApj1MYjju4
CwqEfcp6wL4xvwfRHzM9GNQRA9yxA84haa7q5bchkXG6ruGKx/V4h3fR6ZIGqsvl
JtoAUBE+Qaf/TOEeGN/HA25umurs1w/BP1Ok8r5qua58t6dDCFLVo6lxdkW9ltXG
ooN+Tv6GrrbgoG3oygXuT7A028sVUT0VEzGmf70OP7Z6wvamij0JsUU/henU0h32
mVuQO8tFzjXIKF9G6dqZI64Z/MeI0K4Y+Um2AHMJbh0B5TF0uz94wIMVzBq4OcsN
hg==
=PK7b
-----END PGP MESSAGE-----


#11 thunderrooster

thunderrooster

    Neowinian

  • Joined: 12-February 04

Posted 07 February 2013 - 16:31

Someone mentioned Axcrypt. AES Crypt work in Windows, Linux and Mac.

#12 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 07 February 2013 - 16:48

^ that looks to be what he is looking for - other than no real email integration at all. But simple enough, create your txt message of what you want to say. And then encrypt and send it in an email.

Its great that it uses AES, etc. But your still only as secure as the password - this password has to be agreed upon.. Do you change it every time you send something. Use a agreed upon pass for time period, forever?

If that password is compromised then all txt/files could be decrypted by anyone that has the file.. What is better about using public key and private key is you can exchange files and messages without every having to exchange any sort of password. You can verify you have the correct public key to use by exchanging the fingerprint info on the correct public key to use or exchanging the public key directly. There is no security issue with with loss of public key, other than someone could send you a encrypted file/message. They would still need the private side of that key to be able to sign that can be used for verification.

If your worried about security! Be it a steeper learning curve or not for the people involved - once trained it is MUCH easier to use, and more secure! If their key is compromised and their password to the private is loss as well - then just revoke the key so that you no any future files/messages using that compromised key are not valid!

But that aes crypt does look like a simple solution to just encryption of a file.

#13 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 07 February 2013 - 16:50

Interesting. You use PGP or Gnupg? You typed / saved the msg in some editor, then selected the file to encrypt using...???
Then what about when it reaches recipient?

Of course, they'd need the same encryption software (or capable of reading / decrypting that specific type msg). But in your example, what steps would the recipient go thru to decrypt the msg?
Open Gnupg, GPG4Win; then use menus to decrypt; or copy / paste the body of msg onto the encryption prgm's interface, or what?

I like the simplicity, but not sure how it'd work & haven't read about this technique. Does the recipient's encryption prgm "recognize" that the pasted message is something it can decrypt, or do you have to go thru a few menu steps?

Then, which prgm do you use to manage your / your contacts keys? The tools in - Gnupg, GPG4Win...?

I read a good bit on GPG4Win's & Enigmail's sites. Haven't read entire GPG4Win manual, but haven't come across the copy / paste method you describe.

Thanks thunderrooster, for mention of AES crypt. Hadn't seen that one.

#14 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 86
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 07 February 2013 - 16:58

You copy that text and then just use the decrypt/verify option of the front end your using.

So here I copied the text, opened up the clipboard editor in gpgshell

decryptverify.jpg

Once I click decrypt and verify it asked me for my password to my private key to decrypt and verified my signature I put on it

clearyandverified.jpg

See window below the now in the clear text that gives detail of verification.

edit: Can be used to just clear sign something as well, so for example

----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is something Budman Said

If it is edited in anyway - it will fail verification




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78

iQEcBAEBAgAGBQJRE94/AAoJEFnIeb39RdC7R/UH/1XAlMGkv7v5L71d8WB0pELC
lrr4PN+B2QNax2roKZAIv/oBFBMc7FOFer+V44kvoVmWQhcqCPWFcZK8yeYFP2YP
ZbX2CtrUHaMOGMQeqMEvIeDpvNmNJfXOiV8qGYA4yRGrCNTWCMG0qV/L6Y2u4Yyd
I4puf+IRY82y45fjh7NOpJlqm2CCubjkYDnQFMOYZ+7QrDqMfiBbbka2bZ4G6q0S
9JhJjh5x6nirqEtfSLewEGBxUB39wPlG1q9h/JqllozVWv4hbj+lko/zVKL5z9cf
F/sW/zw8jolPN5FsDuwrvgOzmqpbxP+MwaJhP7EJq6F0T4cb4jy1mn+ZaMDIQtU=
=IAZN
-----END PGP SIGNATURE-----


here is my created today test public key you can use to verify that signature

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (MingW32) - GPGshell v3.78

mQENBFETpQIBCADDuewMxdvQvs1+fraX0bh9QMwmPBpP4jtAgy9lt4hFYQQLDIV2
yLdspircaRhNsnaygvj3FOrYtTt9CqgRJd7wdXxkrjCYsAxM4B9z/dkrnE/VPAtu
yZBXwwI7to0eUCZxDzastyZhpufkPYGnlxZrLm31A73+y/FGWBrgJVEiHwBnwBrN
zkKcfko5169ja0eJxQR791Px8fOXSdmReUb6bjSGsccC4HjHrSZHAp0/Btae2GQ9
xcR3dFl6uV46VOdchTV/Hstrf2WZv/HtqPb1YKsIpTawNBhnf9LLli+km0G2/is9
TCyRrOzM5yRs07kCG1KZrgO2BgUdzif//MF3ABEBAAG0GmJ1ZG1hbiA8YnVkbWFu
QGRvbWFpbi50bGQ+iQE+BBMBAgAoBQJRE6UCAhsPBQkDwq2eBgsJCAcDAgYVCAIJ
CgsEFgIDAQIeAQIXgAAKCRBZyHm9/UXQu1CKB/9GPW1QjRfyDCpz/Fi1Sj+wpScL
A/pqDvNopdZGJ5JJp4tYcnNyZBRwptClwJL1BtxzxMWXbKAP6f2N+YpzrE2oWUsV
PSgsFuwJ+o6CXJZffQmBbssey4dGLk2JIHg1dVf7p4P8YHFYj0E+Gn+a6kGqPGHY
fJ1F9o0VkqmK8tIIW25nUxlZDQyUvKcL3u1eipxMEa63iFZCNESZlIZHxEYkr5Y+
r4yYq1I/IRzscIbfl6VPsMWWTTauYUI6xvQryQoQckWAPXw+SylNhroISaqFfUeD
zd4tchsprH/r/HoJBJr7TgKlerVCMnxQaxY3Z+a6i99RVyMsEdiXQWKtGd7Z
=Ab7q
-----END PGP PUBLIC KEY BLOCK-----

edit2: so I edit the above a bit, then did a verify on it - and shows

badtext.jpg

So you can use that public above and send me a test message you post here and I can decrypt it.

#15 OP Cheryl_27

Cheryl_27

    Neowinian

  • Joined: 09-January 07

Posted 07 February 2013 - 18:26

Very nice - thanks for the screens.



Click here to login or here to register to remove this ad, it's free!