How to Encrypt & Decrypt a File

The information age has led to large amounts of private information being stored on home computers. Protecting this information is vital to the security of anyone with an electronic presence. Something as innocent as selling your old computer online can result in your data becoming accessible to other people---even if you format your hard drive first. Fortunately, protecting against this danger is easy with the use of file encryption. Modern utilities make encryption quick and easy for home users.

...
Encryption software performs mathematical operations on the binary digits that compose your data.

Using TrueCrypt

Step

Install the appropriate version of TrueCrypt, a popular encryption utility. Although there are a number of other solutions out there, TrueCrypt is widely used, is considered to be highly secure and is available for free. Windows, Linux and Mac OS X versions are available.

Step

Create a TrueCrypt file container. This is a file that holds the files you wish to encrypt. To create a container, run TrueCrypt and select the "Create Volume" button. This will bring up a wizard to guide you through the process. Select the option to create an encrypted file container, click "Next" and then select the option to make a standard TrueCrypt volume. Next, specify the name of the container file. Click on the "Select File" button, select a location, name the file and click "Save." You may wish to give the file a discrete name to avoid drawing attention to it.

Step

TrueCrypt will ask you to select from a list of different encryption algorithms. If you are new to file encryption, don't worry about which algorithm to select---just press "Next."

Step

You will be prompted to enter a volume size. This needs to be big enough to accommodate all of the data you wish to secure. If you are just looking to encrypt a small file, 5 MB might be enough. However, if you need to encrypt large amounts of data, such as multimedia files, you will need much more space.

Step

Be sure to choose a strong password for your file container, as your password is the most important thing protecting your data. At the same time, however, make sure the password is something you will remember. Your data will be irrecoverable if you forget it.

Step

Finally, format the volume. You will want to move your mouse around randomly within the window to supply the computer with enough random data to make the encryption. Click "Format" after doing this for a few minutes.

Step

Mount the newly created TrueCrypt partition and drag files into it to encrypt your data. From the main TrueCrypt window, select a slot and then click on the "Select File" button. Browse to the container you created and select it. Next press "Mount." You will be prompted for the password you selected earlier. Once you input the proper password, the TrueCrypt volume will be accessible just like a regular disk. You can open it the same way and drag files into it using your operating system's file browser. When you are finished working with these files, click the "Dismount" button in TrueCrypt to protect them.

Step

Decrypting the data works the same way---mount the container file using TrueCrypt and access its files as if they were regular, unencrypted files.

Using GnuPG

Step

Download GnuPG, from either the GnuPG website or your favorite package repository. Like TrueCrypt, GnuPG is a popular free encryption utility. Although it is typically favored for encrypting documents such as emails, GnuPG has file encryption capabilities as well. You may prefer this particular utility if you prefer to use open source software.

Step

Generate a GnuPG key pair. Although different operating systems use different graphical user interfaces for GnuPG, the process is the same. In Linux, the interface is called Seahorse and involves selecting "File," "New," "PGP Key" and "Continue." The Windows version is called "Gnu Privacy Assistant" and will automatically prompt you to create a new key.

Step

Regardless of which version you use, you will be prompted for your full name and email address. Enter these and advance to the next prompt, using either the "Create" or "Forward" button, as your version dictates. Next, you will be prompted for a password. Select a strong password involving capital letters, lowercase letters, numbers and symbols. (Make sure you do not lose this password or you will not be able to decrypt your data.) Once you have done this, your key pair will be generated.

Step

Pull up a command prompt and navigate to the location of the file you would like to encrypt. On almost every system, this is achieved by using the "cd" command, followed by the directory of the file.

Step

Encrypting the file is achieved with the following command, where file.doc represents the name of your file, and email@example.org represents the email address associated with your key pair:

Step

gpg -ea -r email@example.org file.doc

Step

The encrypted document in the example above would be named file.doc.asc. Please note that the original file.doc remains unencrypted. Delete file.doc if you only want the encrypted version.

Step

To decrypt a file, use this command:

Step

gpg -d file.doc.asc >file.doc

Step

Enter the password you chose earlier. You will notice that a new file with the name "file.doc" has been created. This contains your decrypted data.

Password-Protected Archives

Step

Download an archive utility that can create ZIP or RAR files. Although these are not as secure as dedicated encryption tools, they have the advantage of being simple to use when you need encryption in a pinch.

Step

Move all of the data you wish to encrypt into a single folder. In addition to allowing you to encrypt the data more easily, this will allow you to find each file after decrypting and extracting it.

Step

Create an archive of the folder you created. Selecting a compression method to reduce the file size can add to security by helping you hide the data. Modern archiving software tends to have an option in the form of a check box, which allows you to require a password for the data. Select this option and choose a password to encrypt the data. To decrypt the data, extract the archive and enter the password when prompted.