Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Any good free Public Key encryption?

Posted on 2007-10-10
8
Medium Priority
?
238 Views
Last Modified: 2010-08-05
I'm having trouble running PGP on my virtual private server and need something else.

Are there any good free downloads available?  I'd like the high security of public key/private key, but would settle for less if there's nothing free.

thanks,
newbieweb
0
Comment
Question by:newbieweb
8 Comments
 
LVL 6

Accepted Solution

by:
dworlton earned 800 total points
ID: 20053720
Try a freeware PGP called GnuPG (or GPG): www.gnupg.org/
 
Another you might try is TrueCrypt: www.truecrypt.org/
0
 
LVL 18

Assisted Solution

by:PowerIT
PowerIT earned 600 total points
ID: 20054716
What do you want to encrypt? PGP has many options.
Is it email traffic? Or full disk? Or something else?

J.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 600 total points
ID: 20061960
Most PKI software is free :)

For files, the most famous one is of course pgp (or openpgp, the standard)
The GNU open source variant is gpg (as has been mentioned by dworlton) and is primarily aimed at unix / linux users - it is a command line tool.

However, it is fully supported under windows, and further there is a nice bundle package which will give you gpg, a gui interface and plugins for outlook available here:

http://www.gpg4win.org/

alternatively, the bulk of the world uses ssl - often in the form of OpenSSL (again, the freeware / open source version). While not as famous as pgp, it is the technology and system behind https websites, s/mime email (built into almost every email client that exists) and the current generation of vpn remote access solutions.

one of the easiest ways to create your own ssl certificates is using xca - http://sourceforge.net/projects/xca - which is a gui tool for creating and managing ssl keypairs.

if you give more specific details on what you want to achieve, what form/operating system you have on your server, and what environment you want to do your encryption from (eg, php or vbscript on a webserver) I may be able to give you further pointers towards a solution.
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

 

Author Comment

by:newbieweb
ID: 20062062
I DO want a Windows version.  But I don't want Outlook.  And I don't want Whole Disk encryption either.

I would be satisfied with an encrypted ZIP file or a Virtual Disk, like PGP.  They have a disk you can open from a file and it mounts itself in Windows.

Does GPG have either (or both) of the ZIP file or the Virtual Disk?



thanks,
newbieweb
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20063383
I'll try to rephrase what I am understanding here:
- We are NOT talking about email or other form of communication.
- You just want to encrypt some files, mounted as a virtual disk.
OK, some facts:
- PKI (public/private key systems as you call it) are not used to encrypt anything of size. The reason is that assymetric encryption is sloooow. So symmetric encryption is used for anything larger then e.g. a few sentences.
- The advantage of PKI-systems or asymmetric encryption is that it solves the key exchange problem. Since this is your own server, that should not be needed
- Security-wise PKI is not more secure then symmetric encryption. It all depends on the used cipher algorithm, keys, ...
And to answer your question: truecrypt (briefly mentioned by dworlton) is as goods as it gets:
- Proven solid symmetric encryption, can use AES-256 (FIPS approved, used for national security information ...)
- Open source and free
- Mounts a harddisk from an entire partition or creates a virtual encrypted disk within a file and mounts it as a real disk.
- www.truecrypt.org

J.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 20063438
Ok. If you do want pgp encrypted email but don't want outlook, do you want any form of email?
gpg can do what amount to being encrypted zipfiles (ie, like pgp it will compress then encrypt) but if its just files on a single host, you will probably find pki is overkill - you can just use a compression program that does encrypted protection and get more portability and ease of use.

Personally, for password protected files I use a program called 7z - its free ( http://www.7-zip.org/ ), can handle normal compression formats too (rar and zip, for example) and in its native mode, password protection uses AES at 256 bit - a suitably high level of crypto.

for local storage, the poster child for on-the-fly (virtual drive) crypto in the open source world is  truecrypt ( http://www.truecrypt.org/ ) but again, this is password (not pki) encryption.

however, it may be worth remembering that windows from 2000 onwards has its own PKI based drive encryption called EFS - this is "free" in the sense that it is built into windows already, and uses 128 bit DESX for its encryption with windows handling the pki side of things for you. only real downside that that it *is* integrated into windows, so logging into your windows session opens the encrypted files, and the only way to close them again is to log out.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20063538
Dave, I would like to set one point straight: EFS does not use PKI for the encryption but only for the authentication part through the header. Could not be done, because of the slowness of PKI encryption AND the impossibility to add additional user having access to the same files.
And the symmetric cypher is DESX up to XP. Since XP SP1 the default is AES.

J.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 20064525
 Hmm. Didn't know they had upgraded to AES, largely because I don't use xp, but I *do* know the EFS Windows 2000 version used a similar hybrid approach to s/mime and pgp - the files are symmetrically encrypted, but the session key used for that encryption is then itself encrypted using a asymmetric key.

  I would probably stick with DESX anyhow - for backwards compatability reasons.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
It’s a season to be thankful, and we’re thankful for users like you who engage on site, solve technology problems, and network with others in the industry. What tech are we most thankful for? Keep reading.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question