Today I did some research on which encryption method is safer for securely backing up extremely sensitive data like my Bitcoin wallet. I’ve been using the most popular WinZip and the free 7-Zip for years to AES encrypt my files (as regular encryption is far too easy to crack). For a while it was very secure but hackers have already identified security weaknesses with AES. So today I moved over, finally, to TrueCrypt thanks to the suggestion of a well-respected friend in the industry who also gave me the anonymous cellphone tipoff. So I’m going to save you some time and run through…

The advantages of switching to TrueCrypt

TrueCrypt is FREE. So is 7-Zip, but WinZip is not.

TrueCrypt’s method involves turning the opened vault into a virtual drive which is way more secure than WinZip or 7-Zip. Every time you open a file inside a .zip archive, they will decompress and decrypt the file straight to a temporary folder on your harddrive. When you close the file, 7-Zip just deletes it which is traceable and can be recovered by unscrupulous people. WinZip securely wipes the temporary file — much safer. But TrueCrypt doesn’t have this problem at all, since the file remains only in the encrypted virtual vault (which is being temporarily suspended/held in your RAM not written your HDD).

Secondly, whether a zip file is encrypted or not, anyone with access to your zip file can still peer at the names of the files inside it which has been a real file-renaming hassle for me in the past. With encrypted .zip files, the password is only required if someone tries to open, view or decompress a file inside it. TrueCrypt does not have this issue at all as the entire virtual volume is completely unviewable until the password is specified.

Finally, TrueCrypt is easier to use because (unless you install it on your USB stick) to Windows your TrueCrypt vault is treated as a regular drive, so once its decrypted you can access the files seamlessly without any hassle just like you would from a USB stick or an external hard drive or a CD, or your regular hard drive for that matter. With .zip programs you can only access the files inside an AES-encrypted .zip file through your compression program, each and every time they are accessed. Such a pain.

The advantages of sticking with .zip software

The total file size of a .zip file is allowed to change dynamically as you add and remove files from the archive. A TrueCrypt vault, because it is treated as a regular drive, has to have a set size. So you have to start by making it big enough for everything you might ever put into it.

And if you’re already using .zip archives all over the place, it will take some time and hassle to switch over to the new format initially.

However I think these small disadvantages are worth the hassle for true encrypted security and peace of mind.