Try It Out
In the individual exercises, you will explore how to encrypt both text and files using AES-256 encryption. There are various ways to accomplish this. Find the way that works best in your environment and implement it consistently.
Make sure to use a secure password generator and to protect sharing that password with end to end encryption tool (e.g. Signal).
#1 - Text Encryption
You can use a variety of text encryption solutions. These are ideal for text/email messages you might send on your smartphone, as well as via a computer.
Tool: Paranoia Text Encryption
#2 - File Encryption
#2 - File Encryption
Encrypting files with AES-256 can be done with a variety of tools. Here are a few you can use that are free. A few tools include:
7zip for Windows - This is a zip/7zip compression program that combines multiple files into one. Works great with a wide variety of files. Think of it as putting a folder of files into ONE file that is compressed for space and encrypted for security.
Keka Zip for Macs - This is the same thing as 7zip but for Mac computers.
Paranoia's Secure Space Encryptor (SSE) - Here is (what I think) is the best cross-platform encryption tool available. It works on the most platforms (e.g. Android, Mac, Windows). One of the features is that it can take a folder of files and encrypt them all into ONE file.
AESCrypt.org - Here is another, well-established cross-platform tool you can use.
#3- Encrypt and Decrypt Text
Part 1 - Decrypt Text
To facilitate decryption, open the Paranoia Text Encryption Online tool (via the web browser on your device, including smartphones) and paste in the text that appears below. Use the password - kQgWbQhc58wc - and send it to "mguhlin@tcea.org" via email. Obviously, this password would not be shared on a web page for anyone to access. It is shared here for demonstration purposes.
==Begin Encrypted Text Below (only copy encrypted content, not anything with == in front of it)
fIqoBFlGIJibGhbYnHhdKkrpjQs2a]DKvDuxGOIEosjfgk)bHvqKB693PuPdSGCbtT9rS]KB3PFNo0MVKm95B)yF06rj)]KrLJnPfpogU1yIT]DgCzbsw8PlqxSZ]ndqcefwocfLOX9)q3tDSWtNg9WPw85yMyI47H6t8y1)LESw3P3roKKx3)3QscDPifOOTPhwOzmMkvl5ZgzvkzIbX8gQrcXrXJR2O9r5axA63]L6Ja9L6UeVt1Q810oZlDkLD2RIu0RS6ilV8aIR)TIrs66MxYYOqgh2HQ1UgSuI33EMuV8jGENDYxjxGA)5K]g6YJekzBGr5iWGYymUTP)UQvRIU2TSfmkIYzpAIozEMcBsrZ9KBzfchP1LdkB7oOH6ZSnFIrDskFwgx31AjCGeOEjy8bhkvF9gx2UkCDr28rMfR6DIPUGX7vjZY5fuDR])blioTUqE1I66ltMkJ9lMHTjntNQhu1rED232iV727yBPuNHJWu1qfNDgQLNsxngWIuxu7Y2Wt3jH1ql3IpePG3w1sjicGwmfzsj]1lW)1MoXzkFuLI8fC5556Q8FSG6R44XS)Sy5z5Xq412u6XPPU4M3HanQrIb1SGGTcjf1QDStWTREzQQKeT9G5blz499O8YxWqq9Q4Q1poQYFqDXYBPZjV9i93AiP9W4JStyShTU)ezjqBWpQmEy4UVCPD7yR]QLBcSUZT7OshQ)Ow6lxZm)lU6A!
==End Encrypted Text Below (only copy encrypted content above)
Part 2 - Encrypt Text
To encrypt text, type your own message in the Paranoia Text Encryption Online tool and then send the encrypted text to "mguhlin@tcea.org" with subject line of "Encrypted Text." Use the password - T5ecaJiMepSU - to encrypt. Or, if you prefer, use a different password.
#4- Encrypt and Decrypt Files
Part 1 - Encrypt File(s)
Get Secure Space Encryption (SSE) tool, 7zip (Windows) or Keka (Mac). Set it up on your computer.
Find a file or folder (avoid folders with hundreds of files for this activity...a folder with 2-5 files is sufficient).
Encrypt the file/folder with your preferred tool using AES-256 encryption protocol. Use this password: M9pXYbENF5mp
Send the file as an attachment to Miguel at "mguhlin@tcea.org" with Subject: Encrypted File
Part 2 - Decrypt File(s)
Save the file available online and decrypt it. A copy of the encrypted file is available in ZIP (*.zip) or SSE (*.enc) encrypted format.
Open the files successfully on your device.
Final Step
Make sure to shred/wipe the ORIGINAL decrypted files/folder(s) when "at rest." Of course, first check that your decryption password works.
Dragging items to the Trash/Recycle Bin is insufficient since they can be recovered using a free tool like Recuva on Windows or your hard drive accessed on a GNU/Linux system then files recovered.
File Shredder (Windows)
Bleachbit (Windows/GNU-Linux)
Secure Space Encryptor (SSE):
7zip Encryption:
#5 - OpenGPG Tools (free)
Option #1: GPG 4 Windows
Gpg4win is the official GnuPG distribution for Windows and provides the high cryptographic standards of the GNU Privacy Guard. GnuPG follows the recommendations regarding algorithms and key length of the German Federal Office for Information Security (BSI).
To create OpenPGP and X.509 certificates Gpg4win uses a key length of 2048bit by default. The default algorithm for signing and encrypting is RSA.
Sign single files or complete folders directly from the Windows Explorer with GpgEX or Kleopatra. You can select multiple files and folders to sign and encrypt them recursively into a gpgtar archive.
The provided Outlook plugin GpgOL allows to sign and encrypt emails directly in Microsoft Outlook. Attachments can be encrypted as well, in one go with the email body. Verifying signatures and decrypting messages is done directly in Outlook too.
A step-by-step installation guide is provided as part of the Gpg4win Compendium.
Option #2: GoAnywhere OpenPGP Tool
Open PGP (free), also known as GPG, is a popular encryption standard that protects the privacy and integrity of sensitive files. Open PGP implements asymmetric (public key) cryptography to provide strong security and repudiation of files. GoAnywhere MFT provides robust support for PGP, allowing you to:
Encrypt files with one or more Public Keys
Decrypt files with Private Keys
Sign files with Private Keys
Verify digital signatures in files using Public Keys
Generate full audit logs of all PGP encryption and decryption processes
Open PGP software is used by banks, financial institutions, healthcare organizations and other highly regulated industries to protect their most sensitive files. (Source)