If you need to safely backup some of your confidential files (email, financial info, marketing info, source code,…), you can use 7-Zip (aka 7z) to compress and encrypt your archive with AES-256 as well as hide the name of the files. This should give you the level of security used by the (in-)famous insurance file (insurance.aes256) released by Wikileaks last year (if it indeed has been encrypted with AES-256).
7-Zip is available for Windows, Linux (multiple architectures) and Mac OS. Since 7-Zip source code is open, it can theoretically be ported to any platform.
The first thing I did was to use a Password Generator to get a 256-bit key such as DFF61FFB56B26158718457E5E47F3511080130C855C8E6F689A3A7664EBE2C9A.
In this example, I backup “My Documents” directory in Windows, but the same command line (just different paths) could be used in Linux as well:
C:\>"c:\Program Files\7-Zip\7z" a -t7z mydoc_backup_22022011.7z "C:\Documents and Settings\Jean-Luc\My Documents" -xr!*BitTorrent*\ -xr!*Cache*\ -pDFF61FFB56B26158718457E5E47F3511080130C855C8E6F689A3A7664EBE2C9A -mhe -v4480m -mx9
Here’s the description of the parameters in the command line:
- a – Used to Add files to archive
- -t7z – Sets the type of archive to 7z
- mydoc_backup_22022011.7z – File name of the archive
- “C:\Documents and Settings\Jean-Luc\My Documents” – Folder to backup
- -xr!*BitTorrent*\ -xr!*Cache*\ – -xr! is used to exclude directories. In that case, I excluded BitTorrent downloads and all cache directories.
- -pDFF61FFB56B26158718457E5E47F3511080130C855C8E6F689A3A7664EBE2C9A – Instructs 7z to use the password after -p
- -mhe – Encrypts archive header (This will hide the file names inside the archive)
- -v4480m – Split to volumes of 4480 Megabytes to save to DVD.
- -mx9 – Ultra Compression (Optional here, ignore this settings if you have a slow computer or many files).
For further options, have a look at 7-Zip manpage.
Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011.
2 Replies to “AES-256 Encryption and File names encryption with 7-Zip (7z)”
Perfect, exactly *that* specific command i was looking for!
Their docs are really not very that nice to read… They should ask you to copy your stuff and make it their docs 🙂
Uhm.. I think you missunderstood something.
7zip does only encrypt its archive header with AES-256, but your data will be compressed with the 7z format which uses by default LZMA(2) compression like xz. That’s not AES!