The following is a description on how to encrypt files on your computer, using only free, open-source software.
Encryption is the act of locking something up so someone else may not view it without a password. This how-to will skip over the implications, technical explanations and history of the technologies being used, for the sake of simplicity.
The basic approach I put in place does this: You have a file you want to encrypt on a Windows computer. So you right-click on the file, and it is encrypted into the new file. When you want to access the file, you unencrypt it, namely by you right-clicking on it again. The program asks for a password. When you supply it, it produces an unencrypted duplicate of the file you encrypted.
Any kind of file can be encrypted in this approach.
In future installments, I’ll delve into how to do this from the Linux command line and how to share encrypted files across multiple computers, as well as sharing encrypted files with others.
* * *
For setting up a free encryption environment in a Windows environment, you’ll need two programs. One does all the behind-the-scenes work of encrypting and decrypting, as well as generating and managing keys. The second program acts as the front-end, which will allow you to apply these tools in an -easy-to-use way.
For the first task, I’ll use a collection of tools called the GNU Privacy Guard (GnuGP). (Here is the How-To). It is an open-source free application and encryption library from the Free Software Foundation. Yay! FSF.
Specifically, I downloaded a version of GnuGP for Windows here. I clicked on the program and it ran me through the installation process. By default it installed all its command-line driven programs (by default) into C:\Program Files\GNU\GnuPG\ folder. If the installer works correctly, all of GnuPG’s functions should be accessible from the command line.
Once this program are in place, you need to generate a key. GnuGP is a form of public key cryptography. A key is a series of digits, used (in this instance) in much the same way a password is
For purpose of this project, all you need to understand is that you need a key for unlocking your files once they are encrypted. To do this, you open the Windows Command Prompt (Go Start–>All Programs–>Accessories–>Command Prompt) and type in “gpg –gen-key” at the command line. Pick the encryption method and run through the other options. For personal encryption, the defaults are a safe bet. I picked DSA, 2048 bits, and a key that does not expire. Follow the instructions attentively.
In this key-generating process, the software asks you for a password. THIS IS THE PASSWORD YOU WILL USE TO UNENCRYPT YOUR FILES. Do not lose or forget this password, or you WILL be unable to access anything you’ve encrypted. That is a fact, Jack. Also, do not put it in a plain-text on the computer where the encrypted files are stored. Duh!
Once you’ve generated a key, you then need to find a program that could work within Microsoft Windows graphical interface that will use this key to encrypt and decrypt a program. Please note though, you could encrypt and decrypt from the command line using GnuPG. A nice graphical program does speed things along though.
The GnuPG site has links to a number of front-ends. For this example I’ll use the free GPGee. Again, download and follow the installation instructions.
You don’t start GPGee like a typical program. Instead, it integrates itself within the Windows Explorer file browser Once installation is complete, all you need to do is open the file browser (Start–>All programs–>Accessories–>Windows Explorer), right-click once on a file. You will see an option for GPGee menu. There you will have an option to encrypt or decrypt a file (either by PK or Symmetric. For this example, we’ll use PK).
Encrypting a file from Windows Explorer.
Should the GPGee program work correctly, after you right click on the file and choose the PK encrypt option, up will pop a small box, with a list of your keys. (GnuGP provided you with the KeyID when it was finished generating the key, but if this is new for you, there should only be one key available in GPGee anyway).
Choosing your key, in GPGee.
Check the one you just created and click O.K. Now, search in the same folder for a file with the identical name of the file you just created, but with .gpg extension, , i.e. the encrypted version of “test.doc” is named “test.doc.gpg” — see?
That .gpg file is the encrypted file. If it was a WordPad file, for instance, when you open it you will see only gibberish. That is because it is encrypted.
Please keep in mind that this process does not destroy the original file. It still remains in place. If you want the encrypted file to be the only copy, you’ll need to erase the original unencrypted file.
Unencrypting a file in this set-up is just as easy. Again, find the file in Windows Explorer, right click on the file, choose the GPGee mini-menu, choose verify/decrypt. It will then ask you for your password.
Enencrypting a file using GPGee.
Fill that in, and it unecrypts the original file, naming it as the original file. –Joab Jackson