AES-256 Encryption and File names encryption with 7-Zip (7z)

If you need to safely backup some of your confidential files (email, financial info, marketing info, source code,…), you can use 7-Zip (aka 7z) to compress and encrypt your archive with AES-256 as well as hide the name of the files. This should give you the level of security used by the (in-)famous insurance file (insurance.aes256) released by Wikileaks last year (if it indeed has been encrypted with AES-256).

7-Zip is available for Windows, Linux (multiple architectures) and Mac OS. Since 7-Zip source code is open, it can theoretically be ported to any platform.

The first thing I did was to use a Password Generator to get a 256-bit key such as DFF61FFB56B26158718457E5E47F3511080130C855C8E6F689A3A7664EBE2C9A.

In this example, I backup “My Documents” directory in Windows, but the same command line (just different paths) could be used in Linux as well:

Here’s the description of the parameters in the command line:

  • a – Used to Add files to archive
  • -t7z – Sets the type of archive to 7z
  • mydoc_backup_22022011.7z – File name of the archive
  • “C:\Documents and Settings\Jean-Luc\My Documents” – Folder to backup
  • -xr!*BitTorrent*\ -xr!*Cache*\ – -xr! is used to exclude directories. In that case, I excluded BitTorrent downloads and all cache directories.
  • -pDFF61FFB56B26158718457E5E47F3511080130C855C8E6F689A3A7664EBE2C9A – Instructs 7z to use the password after -p
  • -mhe – Encrypts archive header (This will hide the file names inside the archive)
  • -v4480m – Split to volumes of 4480 Megabytes to save to DVD.
  • -mx9 – Ultra Compression (Optional here, ignore this settings if you have a slow computer or many files).

For further options, have a look at 7-Zip manpage.

Share this:

Support CNX Software! Donate via cryptocurrencies or become a Patron on Patreon

2 Replies to “AES-256 Encryption and File names encryption with 7-Zip (7z)”

  1. Perfect, exactly *that* specific command i was looking for!
    Their docs are really not very that nice to read… They should ask you to copy your stuff and make it their docs 🙂

  2. Uhm.. I think you missunderstood something.
    7zip does only encrypt its archive header with AES-256, but your data will be compressed with the 7z format which uses by default LZMA(2) compression like xz. That’s not AES!

Leave a Reply

Your email address will not be published. Required fields are marked *