Embed Size (px)
Citation preview
PGP Zip Self-Decrypting Archive (SDA)
5/29/2012 Version 1.1
Table of Contents
1 Self Decrypting Archives (SDA) ...................................... 1-2
2 Setting Windows to Display File Extensions .................... 2-3
3 Creating PGP Zip SDA ................................................... 3-4
4 Create a passphrase ....................................................... 4-7
5 Creating a Strong Passphrase ........................................ 5-8
6 Send the Encrypted SDA via Email ............................... 6-11
7 Opening a PGP ZIP SDA .............................................. 7-12
8 Tables ........................................................................... 8-14
1 Self Decrypting Archives (SDA) If sensitive Xerox or client data is going to be sent in an email (via the internet) or copied onto some other media such as a CD; it must be encrypted to protect it. PGP Desktop disk encryption software allows employees to create Self Decrypting Archives (SDAs) which do not require the recipient to have PGP Desktop to decrypt and read the file. Follow the steps herein to create encrypted files that you can then attach in an email or transfer to another media such as a CD or DVD. You must have PGP Desktop disk encryption software installed on your computer to create SDAs.
Note: PGP encrypts and compresses the file size of the SDA. Do not Win Zip or otherwise attempt to compress the SDA wit h another program. • Requires that your recipients are using Windows computers. • Requires that you reveal the passphrase to your recipients. • Does not require that your recipients have PGP Desktop software installed on their computers. • Does not require you to have any of your recipients’ public keys. A PGP Self-Decrypting Archive (SDA) is a PGP Zip Archive that can be opened on any Windows computer, even those that do not have PGP Desktop installed. SDA files are standard Windows executable (.exe) files that you can open simply by double-clicking them. SDA files are slightly larger than regular PGP Zip Archives because the SDA self decrypting “mechanism” requires a certain amount of extra space (usually about 100 K). Once you have created your PGP Zip SDA, you can send it to your recipients however you choose. Anyone who has the file and the passphrase can open the resulting PGP Zip Archive file, and everyone sees the same items. If you need to have different recipients see different items, you must create separate PGP Zip Archive files for each Caution: Take every possible precaution to ensure t hat the passphrase to your PGP Zip SDA is revealed to no one but the file recipients. If the passphrase is revealed to unauthorized persons, you can create a new PGP Zip SDA with a different passphrase, but you ca n do nothing to resecure the original archive file and whatever it contains.
2 Setting Windows to Display File Extensions Windows needs to be set to show file extensions.
Note: This only needs to be done once.
To show file extensions:
1. Double click on your My Computer icon.
2. Go to the Tools menu and select Folder Options.
3. Click on the View tab.
4. Uncheck the box for “Hide extensions for known f ile types” (Figure 1); then
click OK.
3 Creating PGP Zip SDA Note: Advanced Users can visit the Encryptions Services site for the Using PGP
SDA Quick Guide.
Go to Start / All Programs / PGP / PGPDesktop.
Select File, New PGP Zip from the Menu Bar
Click the Add files icon to select files
Navigate to the files you want to add, Click the file(s) you want to encrypt Click Open
The file(s) you selected will appear in the New PGP Zip window, Click Next
Click PGP Self-Decrypting Archive in the Encrypt window, Click Next
4 Create a passphrase The Create a passphrase window appears
Type a passphrase in the Passphrase field. It must be at least eight characters. Type the passphrase again in the Confirm field. Click Next If you would like your password to be visible to you as you type it, click the Show Keystrokes checkbox.
5 Creating a Strong Passphrase
The stronger your passphrase is, the more secure your files are. You can fill the Passphrase Quality bar by: • Typing a longer rather than a shorter passphrase • Avoiding words found in the dictionary • Using mixed-case in a non-standard way (“dKmPgp” instead of “dkmPGP”) • Including numerals in your passphrase • Including symbols in your passphrase • Including spaces in your passphrase
Confirm that the PGP Zip SDA is being saved in the desired location and with the filename you prefer. Click Next.
Encrypting a single file - you will not see the file name here. By default, the SDA will be named the same as the original file and the file will be saved to the folder where it resides.
Encrypting multiple files and folders - PGP will automatically name the archive by the first file in the list and display it in the Save Location path name and, by default, save it to the folder where the files reside.
Click Finish
A file in the format of Filename.exe will be created
Locate the newly created SDA file
Right click on the file name and select Rename .
Change the .exe extension on the end of the filename to exz. The new file name is now Filename.exz .
Note: For security reasons, the transmission .exe f iles are not permitted. When sending SDA files, be sure to change the exten sion file name to exz.
6 Send the Encrypted SDA via Email
You can send the secure Self Decrypting Archive (SDA) as you would any other file. You can attach it in an email or you can copy it to a CD or other media. The recipient with the passphrase will be the only one that can open and read the file contents. Note: Do not include the passphrase you set up for the SDA in the same communication as the SDA. It must be sent in a sepa rate communication. To send a SDA via email 1. Launch your email program and open a new email message. 2. Locate and attach the archive you want to send. 3. Type the following instructions for the recipient in a message: Please follow the instructions below to save and de crypt the attached SDA file. 1. Save the file to your Desktop. 2. Right click on the file name and select Rename. 3. Change the .exz file extension to .exe. The new file name is now Filename.exe . 4. Double click on the filename to open the file. Click Send , to send the email. Remember to send the passphrase in a separate email. Note: Do not Win Zip or otherwise attempt to compre ss the SDA with another program.
7 Opening a PGP ZIP SDA Locate the and Double click. (It should have an extension of .exe.) The PGP Self Decrypting Archive - Enter Passphrase screen displays Confirm that the output is going into the desired location. If not, select the Save in : drop down menu to select correct the location. Click Save.
Note: If you direct the decrypted files from the PG P Zip SDA into the same location from which they originally came, the origi nal files are overwritten. To prevent this, for each file, you are prompted to se lect a different location. You can also type a different filename. If you if y ou click Save without doing this, a warning dialog box displays. If you bypass it, the file from the PGP Zip SDA overwrites the original The file will be decrypted and placed in the location you selected
8 Tables
