minute workers
Subscribe to My Blog

WinZip (www.winzip.com) offers the ability to protect a zip archive with a password. The result is an encrypted zip archive that can only be opened if the correct password is entered. An encrypted zip archive provides confidentiality, it cannot be viewed by persons who don't have the password.

It is possible to encrypt files when they are added to the archive, but it's also possible to encrypt the whole archive at once. That's done by clicking 'Actions' in the menu and then choose 'Encrypt'.

winzip encrypt option

Encryption options in WinZip
Now a dialogue asks you to enter a password and choose a proper encryption algorithm.

winzip encrypt option

* The Zip 2.0 encryption format is known to be relatively weak, and cannot be expected to provide protection from individuals with access to specialized password recovery tools.
* AES is the Advanced Encryption Standard. This encryption method, also known as Rijndael, has been adopted by the U.S. Government's National Institute of Standards (NIST) as a Federal Information 
Processing Standard. WinZip supports AES encryption in two different strengths: 128 bit AES and 256 bit AES. These numbers refer to the size of the encryption keys that are used to encrypt the data. 256 bit AES is stronger than 128 bit AES, but both provide significantly greater security than the standard Zip 2.0 method. An advantage of 128 bit AES is that it is slightly faster than 256 bit AES, that is, it takes less time to encrypt or decrypt a file. Both 128- and 256-bits encryption are considered strong encryption by the security community.

Now click 'OK' and it's done.

Availability of zip AES decryption software is not standard
Not every zip program is able to decrypt an AES encrypted zip archive. The receiver needs to have a recent version of Winzip (or a compatible zip program) installed to open the document. However, WinZip is not standard software at the office and there are many free alternatives to create and open zip archives.
Encrypted zip files are blocked by e-mail scanners
Anti-virus scanners at e-mail gateways cannot scan the content of an encrypted file. Virus builders have abused this fact and distributed malware via password protected zip archives. This is the reason why many companies block e-mails containing encrypted zip files. As a result, it is unlikely that one can use encrypted zip files in order to exchange sensitive information between companies.