Link to home
Start Free TrialLog in
Avatar of curiouswebster
curiouswebsterFlag for United States of America

asked on

Any good free Public Key encryption?

I'm having trouble running PGP on my virtual private server and need something else.

Are there any good free downloads available?  I'd like the high security of public key/private key, but would settle for less if there's nothing free.

thanks,
newbieweb
ASKER CERTIFIED SOLUTION
Avatar of dworlton
dworlton
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of curiouswebster

ASKER

I DO want a Windows version.  But I don't want Outlook.  And I don't want Whole Disk encryption either.

I would be satisfied with an encrypted ZIP file or a Virtual Disk, like PGP.  They have a disk you can open from a file and it mounts itself in Windows.

Does GPG have either (or both) of the ZIP file or the Virtual Disk?



thanks,
newbieweb
I'll try to rephrase what I am understanding here:
- We are NOT talking about email or other form of communication.
- You just want to encrypt some files, mounted as a virtual disk.
OK, some facts:
- PKI (public/private key systems as you call it) are not used to encrypt anything of size. The reason is that assymetric encryption is sloooow. So symmetric encryption is used for anything larger then e.g. a few sentences.
- The advantage of PKI-systems or asymmetric encryption is that it solves the key exchange problem. Since this is your own server, that should not be needed
- Security-wise PKI is not more secure then symmetric encryption. It all depends on the used cipher algorithm, keys, ...
And to answer your question: truecrypt (briefly mentioned by dworlton) is as goods as it gets:
- Proven solid symmetric encryption, can use AES-256 (FIPS approved, used for national security information ...)
- Open source and free
- Mounts a harddisk from an entire partition or creates a virtual encrypted disk within a file and mounts it as a real disk.
- www.truecrypt.org

J.
Ok. If you do want pgp encrypted email but don't want outlook, do you want any form of email?
gpg can do what amount to being encrypted zipfiles (ie, like pgp it will compress then encrypt) but if its just files on a single host, you will probably find pki is overkill - you can just use a compression program that does encrypted protection and get more portability and ease of use.

Personally, for password protected files I use a program called 7z - its free ( http://www.7-zip.org/ ), can handle normal compression formats too (rar and zip, for example) and in its native mode, password protection uses AES at 256 bit - a suitably high level of crypto.

for local storage, the poster child for on-the-fly (virtual drive) crypto in the open source world is  truecrypt ( http://www.truecrypt.org/ ) but again, this is password (not pki) encryption.

however, it may be worth remembering that windows from 2000 onwards has its own PKI based drive encryption called EFS - this is "free" in the sense that it is built into windows already, and uses 128 bit DESX for its encryption with windows handling the pki side of things for you. only real downside that that it *is* integrated into windows, so logging into your windows session opens the encrypted files, and the only way to close them again is to log out.
Dave, I would like to set one point straight: EFS does not use PKI for the encryption but only for the authentication part through the header. Could not be done, because of the slowness of PKI encryption AND the impossibility to add additional user having access to the same files.
And the symmetric cypher is DESX up to XP. Since XP SP1 the default is AES.

J.
 Hmm. Didn't know they had upgraded to AES, largely because I don't use xp, but I *do* know the EFS Windows 2000 version used a similar hybrid approach to s/mime and pgp - the files are symmetrically encrypted, but the session key used for that encryption is then itself encrypted using a asymmetric key.

  I would probably stick with DESX anyhow - for backwards compatability reasons.