Tuesday, September 24, 2013

Encypt & compress files and send to Dropbox folder

Using the below details you can encypt and compress files and add to Dropbox folder using right-click "Send To" menu.

This is very handy when transferring sensitive / confidential information over cloud storage like Dropbox. Even though most of the cloud storage applications claim to store data in encrypted format, its always better to have your own added security. You never know if that data gets hacked or seen by the cloud storage employees.

I initially searched the net for a solution, which I thought would already exist as this requirement of mine seemed quite basic. Unfortunately, I did not come across any simple and elegant solutions.

What I required was this:
Right-click on a file/folder in Windows OS and click on 'Send to Drobox folder' on your PC. This should encrypt the file and then create a copy of the encrypted file in the Dropbox folder on the PC which would then sync up to the cloud storage (Dropbox).

What I tried first ... in vain:
My initial thought was to create an encrypted 7-zip archive file and then keep dumping files/folders into it using drag-drop. But, when I tried it, I learnt something more about 7-zip. Once a 7-zip archive file is encrypted you cannot use 7-zip to add more files into this archive with encryption. If you add files, they remain unencrypted. Maybe, 7-zip can add this as a feature to prompt for a password when adding files and folders to such encrypted archives and if the password provided matches the archive's encryption password, then encrypt and add files to the archive. I found this as one of the requests at the 7-zip forum.

My solution (works great):
I used windows batch commands (*.bat files) along with free open source 7-zip command line utility (for AES-256 encryption & 7z compression) to encrypt and compress files/folders and send to Dropbox local folder on my PC.

Steps:


Download and install the following software as per the information provided below.

1. Dropbox - Cloud storage application. You should also create/have a login. Dropbox provides 2 GB free storage to start with and with referrals and other mechanisms provides an opportunity to get around 16-20 GB of free storage. [Download Dropbox Windows application]
Assuming Dropbox install path to be: D:\Dropbox
Create local folder for sending encrypted files to: D:\Dropbox\common

2. 7-Zip - Free open source archiver which also provides strong AES-256 bit encryption. [Download 7za.exe standalone command line archiver]
Assuming 7za path to be: D:\Dropbox\7zip  (Note: You should just unzip the 7za920.zip file downloaded from my above link into this folder. Tip: If you share this 7zip folder over dropbox, you do not require to install 7za.exe on all your other computers. Dropbox will sync it automatically.)
3. Batch file to "Send to Dropbox common folder"
Copy below file to "D:\Private" folder (Note: Ensure that this folder is only on your PCs and not on cloud. This folder and more importantly the batch files should not be stored on cloud in an unencrypted format as it contains your password for encryption and decryption).
Filename: send_to_dropbox.bat

@ECHO OFF
REM send_to_dropbox.bat
REM Using 7-zip in commANd line mode to encrypt and send fILes and folders to dropbox

REM Set path to 7za.exe
SET zpath="D:\Dropbox\7zip\7za.exe"

REM Set path to Dropbox folder
SET dbpath="D:\Dropbox\common"

REM Set default password for encryption
SET keyphrase=
Enter_Your_Password_Here_Using_Alphabets_And_Digits_Only

REM ECHO %*

REM Parse input parameters
FOR %%A IN (%*) DO (
    REM echo item=%%A
   
    REM Use 7-zip
    REM a = Archive
    REM -t7z = SettiNg Type of archive to 7z
    REM -r = Recurse subdirectorIes
    REM -mx1 = Setting compression Method to 1 (fastest)
    REM -p{keyphrase} = Setting keyphrase
    REM -mhe=on = Enables archive header encryption
    %zpath% a -t7z -r -mx1 -p%keyphrase% -mhe=on %%A.7z %%A
   
    REM Move the *.7z fiLe to Dropbox folder
    MOVE %%A.7z %dbpath%
)

REM ECHO All done

REM PAUSE

4. Batch file to "Open from Dropbox common folder"
Copy below file to "D:\Private" folder (Note: This folder is only on your PCs and not on cloud. This folder and more importantly the batch files should not be stored on cloud in an unencrypted format as it contains your password for encryption and decryption).
Filename: open_from_dropbox.bat
@ECHO OFF
REM open_from_dropbox.bat
REM Using 7-zip in commANd line mode to decrypt and open fILes and folders from dropbox

REM Set path to 7za.exe
SET zpath="D:\Dropbox\7zip\7za.exe"

REM Set path to Dropbox folder
SET dbpath="D:\Dropbox\common"

REM Set path to output folder
SET outpath="C:\temp\dropboxout"

REM Set default password for decryption
SET keyphrase=Enter_Your_Password_Here_Using_Alphabets_And_Digits_Only

REM Create output folder. Will not overwrite if already exists.
mkdir %outpath% 2>nul

REM ECHO %*

REM Parse input parameters
FOR %%A IN (%*) DO (
    REM echo item=%%A
   
    REM Use 7-zip
    REM x = eXtract usiNg path
    REM -r = Recurse subdirectorIes
    REM -p{keyphrase} = Setting keyphrase
    REM -o{outpath} = Output directory
    %zpath% x -r -p%keyphrase% %%A -o%outpath%
)

REM Open output foLder
START "title" %outpath%

REM ECHO All done

REM PAUSE

5. Send To menu
  • Create shortcuts to each of the *.bat files by right-clicking on the file and using "Send To" > "Desktop (create shortcut)"
  • Rename the shortcuts to "Send to Dropbox" and "Open from Dropbox" respectively.
  • Change the icons of the batch file shortcuts as per your preference to indicate "Send to Dropbox" and "Open from Dropbox". You can search download *.ico files using Google).
  • Right-click on Windows Start button Windows Start Button
  • Click on "Explore" which should open up "Start Menu" in Explorer.
  • On the left side, in the Folders section, you should be able to see "SendTo" folder just above "Start Menu". Left-click on "SendTo" to open it in the right side.
  • Move the batch file shortcuts to "SendTo" folder and close the explorer window.
  • You will now be able to righ-click on any file, folder or multiple files/folders and then see the 2 options "Send to Dropbox" and "Open from Dropbox" in the "Send To" menu.
  • Click on "Send to Dropbox" after right-clicking the file to send a file to "D:\Dropbox\common" folder. The file will get compressed to 7z format and also get encrypted. This encrypted and compressed file will get copied to "D:\Dropbox\common" folder.
  • Follow all the above steps from another PC (possibly at work/home), and share the "D:\Dropbox\common" folder across the 2 (or more) PCs
  • Then on that computer, click on "Open from Dropbox" after right-clicking the *.7z file from "D:\Dropbox\common" folder and viola! ... the file gets uncompressed and decrypted and stored in "C:\temp\dropboxout" folder on your PC.
  • You can then open it / move it to any other folder. You can then also delete the *.7z file as required.
Folders used:
  1. D:\Dropbox
  2. D:\Dropbox\common
  3. D:\Dropbox\7zip
  4. %AppData%\Microsoft\Windows\SendTo
  5. C:\temp\dropboxout
Software used:
  1. Dropbox - [Download Dropbox Windows application
  2. 7-Zip - [Download 7za.exe standalone command line archiver]
  3. Windows Operating System
Why compression? or Why not just stick with encryption alone?
I have used compression (in the fastest mode) as I wanted to reduce the file-size wherever possible so that cloud synchronization would be faster. Also, I didn't want 7-zip to spend a lot of time compressing the files. You can use -mx0 if you want no compression and only storage along with encryption. Alternatively, you can use higher compression switches (-mx3 or -mx5) for better compression / smaller files to be uploaded... but, remember that it does impact speed. I had done some sample testing and then decided on -mx1 to be best suited for me. It is fast and gives me good compression. The switches -mx3, 5, 7 & 9 took more time and there was not a very huge difference in the compressed file size. But, YMMV.

Let me know your comments & suggestions on this topic. At the moment, I am quite happy with my solution. If you share any tips with me to improve this topic, I will try to incorporate it here.

PS 1: I came across "http://satyadeepk.in/dropbox-folder-sync/" when writing this blog. This ready-to-use software may be useful to  people reading this blog.

PS 2: After writing this post, I came across Boxcryptor which supports variety of cloud storage solutions.

PS 3: LifeHacker.com published my solution  :-)   [Link]

14 comments:

Anonymous said...

Wow, great job and post. Do you thinks this could be used in Google Drive as well?

Anil said...

I have not installed Google Drive on my PC. But, if the concept is similar to Dropbox (i.e. a folder on your PC gets synchronized automatically), then this will work.

Anonymous said...

Hey! Just to give you an update, it does work with Google Drive, tested it and work as the concept is similar as you mentioned. Again great Job!

Anil Avadhani said...

Great! Thanks for confirming this.

Tara Talks said...

Hi there, can you please share how it works with google drive? i really need it to work but am struggling

Anonymous said...

When you decompress a file, is there any way to preserve the original "Created" date that it had before it was compressed?

Anonymous said...

Never mind. I think this preserves the Created timestamp: -mtc=on

Naga Sudhir said...

Hello Anil...you have done a fabulous job on encryption..just wondering if you can help me on getting these same steps for MAC OS? That would be real help!!

Anil Avadhani said...

@Tara Talks - Hi, I have not installed Google Drive on my PC. Let me know where you are stuck so that I can help you. Provide some details.

As stated earlier, the concept is very similar. Instead of Dropbox folder you have to use Google Drive folder on your PC.

Anil Avadhani said...

@Naga Sudhir - Thanks for the compliment.

Unfortunately, I do not have access to any Mac machines and neither do I have a lot of experience on working with Mac OS.

If it is similar to Unix shell scripting, then its easy for me to write the scripts. Let me know.

Manuel said...

Very good the initiative!

I think that this is the beginning of the solution for this need.

It would be great to see something similar for Android, to close the circle.

Thanks.

Alice Ross said...

Thank you so much for sharing these steps! It is really very important that we protect ourselves from hackers and stalkers and by this we should use encryption for our protection. -www.sookasa.com

Anonymous said...

Thanks for this!

Anonymous said...

Thanks for a great post! I want just one single encrypted file with some personal information and I need to be able to read it on my Android. With the ZArchiver app I can open it, which is fine but what about security? Any program that opens a file within a 7z archive file will leave a temp copy on the OS or?