Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Advantage of PGP zip over winzip

Created: 27 Aug 2013 | 8 comments
Rinoa21's picture

What is the advantage of PGP zip over winzip AES

Operating Systems:

Comments 8 CommentsJump to latest comment

James007's picture

hope this artical will help you.

 

Encrypt or Decrypt Files and Folders with PGP Zip (Windows)

 

Article:TECH148865  |  Created: 2006-02-17  |  Updated: 2012-08-17  |  Article URL http://www.symantec.com/docs/TECH148865

 

Tom Mc's picture

I tried Google for finding a comparison.  This might be helpful:

http://crypto.stackexchange.com/questions/8289/win...

What immediately comes to mind for me is that PGP Zip offers public key encryption and its advantages in exchanging encrypted files with others.  I consider public key encryption potentially more secure, since it's decryption requires possession of both the required private key and it's passphrase; while conventional encryption requires only the passphrase for decryption.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Tom Mc's picture

Do you have further questions/concerns on this?

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Rinoa21's picture

Thanks for the info Tom Mc,

 

In addition to that I found this:

 

For AES and PGP comparison,

 

  • AES is a symmetric key encryption algorithm, which essentially means that the same key is used for the encryption and decryption of the data.
  • If the data needs to be decrypted, the program processes it again with the same key and is able to reproduce the clear text.
  • When you need to share sensitive information with trading partners or transfer information across networks, using AES has one downside when it comes to security: You would have to share your encryption key with your trading partners. Sure, they’d be able to decrypt the information you sent them, but they would also be able to decrypt anything else encrypted with that key, and if the key itself became compromised anyone in possession of it could decrypt your data.

 

  • PGP uses symmetric and  asymmetric keys to encrypt data being transferred across networks. To encrypt data, PGP generates a symmetric key to encrypt data which is protected by the asymmetric key.
  • Asymmetric encryption uses two different keys for the encryption and decryption processes of sensitive information. Both keys are derived from one another and created at the same time. They are divided into and referred to as a public and a private key, which makes up the key pair.
  • Data is only encrypted with a public key and thus can only be decrypted with the matching private key.
  • The encryption PGP offers is just as strong as that of AES, but it adds the additional security that prevents anyone with just the public key from being able to decrypt data that was previously encrypted with it.
  • Another benefit of asymmetric encryption is that it allows for authentication. After you have exchanged public keys with your trading partners, the private keys can be used to digitally sign the encrypted content, allowing the decryptor to verify the authenticity of the sender.

 

 

Tom Mc's picture

The above is really a discussion of symmetric encryption (first part of above) and asymmetric encryption (the latter part).  While AES may be considered the best symmetric algorithm for symmetric encryption, there are other good ones that can be used, so that info is not complete.  The asymmetric discussion above is also not fully correct.  With asymmetric encryption used in PGP, the data is actually symmetrically encrypted (PGP defaults to using AES).  It is then the randomly generated AES symmetric key used for the data encryption that is encrypted to a public key of the recipient.  The recipient uses his/her private key to decrypt the AES key, and the AES key is then used to decrypt the data.  So, in either case, symmetric encryption is used (because it is so much faster than asymmetric encryption.  And the public key encryption is used as a secure way of transmitting the symmetric (in this case, AES) key.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Tom Mc's picture

I probably should have also clarified that PGP Zip can be used for either just symmetric encryption (encryption to just a passphrase; often called conventional encryption) or public key encryption.

Would you like further assistance with this?  If you consider your concern resolved, please use the Mark As Solution option on the most helpful response.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

dfinkelstein's picture

One big advantage is that PGP is an IETF standard (RFC 4880).  The use of AES in WinZIP is completely proprietary.

--------

David Finkelstein

Symantec R&D

Tom Mc's picture

Do you have further concern with this?

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &