This is the mail archive of the
cygwin-talk
mailing list for the cygwin project.
RE: Password Protecting files
- From: "Dave Korn" <dave dot korn at artimi dot com>
- To: "'when cryptography is outlawed only outlaws will use rot-26'" <cygwin-talk at cygwin dot com>
- Date: Sun, 19 Aug 2007 12:24:57 +0100
- Subject: RE: Password Protecting files
- References: <Xns99917147CB10Czzappergmailcom@80.91.229.5>
- Reply-to: The Vulgar and Unprofessional Cygwin-Talk List <cygwin-talk at cygwin dot com>
On 19 August 2007 11:09, zzapper wrote:
> Hi,
> I would like to password protect a few of my files, and realise I know very
> little about security.
> From man zip I learn
>
> Encrypt the contents of the zip archive using a password which
> is entered on the terminal in response to a prompt (this will
> not be echoed; if standard error is not a tty, zip will exit
> with an error). The password prompt is repeated to save the
> user from typing errors. Note that this encrypts with standard
> pkzip encryption which is considered weak.
>
> I am not trying to protect state secrets so is pkzip encryption adequate?
Well, it's trivially defeated by lots of easily downloadable software, so
it's the kind of level of protection that would stop anyone casually browsing
through your file but wouldn't stop anyone who actually wanted to read it.
> What other choices do I have?
gpg seems like a good choice, since it's open source and there's a cygwin
port. Proper crypto done right. Choose a nice long high-entropy passphrase
for your keyfiles and it's as close to unbreakable as makes no odds.
cheers,
DaveK
--
Can't think of a witty .sigline today....