Summary: Windows GUI recommendation for USB disk

Ryan Malayter malayter at
Fri Nov 3 15:53:21 CET 2006

On 11/2/06, Henry Hertz Hobbit <hhhobbit at> wrote:
> 7-zip, like most zip programs encryption doesn't even come close
> to the level of protection that you are getting with GnuPG.  Even
> if you are using the lowest level cipher GnuPG provides, it is a
> quantum leap over the zip programs enciphering.  Quoting from
> the man page for zip (roughly comparable to 7-zip and probably
> uses the exact same code for enciphering):
>  (And  where  security  is  truly  important,  use strong
>  encryption such as Pretty Good Privacy  instead  of  the
>  relatively  weak encryption provided by standard zipfile
>  utilities.)

When encrypting to a *.7z file, 7-zip uses AES-256 in CBC mode, with a
passphrase-to-key function based on SHA-256. This is actually stronger
than most cipher preferences on OpenPGP keys. It is not the same as
the weak "winZip"-derived encryption. Of course, these files can only
be read by 7-zip, but it is free and open source. (It also compresses
a lot better than standard ZIP's DEFLATE algoritm, if more slowly).

All problems can be solved by diplomacy, but violence and treachery
are equally effective, and more fun.

More information about the Gnupg-users mailing list