This page is about how to send confidential information to a non-technical recipient with the default ZIP utility, that is well-known and widely supported. This is an alternative to PGP and encryption keys, which require more technical skills and are less well-known nor supported.

What is ZIP?

ZIP is a compression and file packaging utility for FreeBSD, UNIX, Linux, Windows and MacOS operating systems. It comes with optional password encryption for compressing, packaging and protecting confidential information and documents.

Be aware, that the encryption method in ZIP is not safe against motivated and competent attacks. It is just meant to be assumed as a moderate protection like a door lock. A more secure method is used in 7-ZIP, which also produce ZIP files, but could be less widely supported.

Prepare confidential information.

Prepare the confidential message or document. In this example, it is a plain text file, but it could be a PDF document or any other type of document. Make sure, that the name of the file does not contain confidential information. It will not be protected.

$ cat confidential.txt
Dear Lightman, your password on the WOPR server has expired and has been changed to Pencil.

Encrypt and password protect confidential information with ZIP.

The confidential message is then encrypted with a password by the default compression and file packaging utility ZIP.

$ zip -e confidential confidential.txt

ZIP will create a ZIP file, that has been encrypted with the given password. It can only be decrypted by a recipient, who has the password.

$ ls confidential.*
confidential.txt
confidential.zip

Send password protected ZIP file.

You can now send the encrypted ZIP file via email or other insecure transmission method. You can also give a short instruction in how to open the ZIP file and that the password will be sent via another communication channel.

Share ZIP password via another communication channel.

You should send the password via another communication channel to the recipient.

Open and decrypt password protected ZIP file.

The recipient can now open and decrypt the ZIP file by entering the shared password. This is done with the companion UNZIP utility or a similar built-in utility.

$ unzip confidential.zip
Archive: confidential.zip
extracting: confidential.txt
Enter password:
$ cat confidential.txt
Dear Lightman, your password on the WOPR server has expired and has been changed to Pencil.

More about ZIP.

  • ZIP on FreshPorts.
  • 7-Zip, also known as 7Z, on FreshPorts.

Published by Micski

Micski lives in Copenhagen, which is the capitol city of Denmark, where he's a system administrator of information technology and a semi-professional poker player.