Encryption Desktop PGP Zip files are not compressed
search cancel

Encryption Desktop PGP Zip files are not compressed


Article ID: 204032


Updated On:


Encryption Desktop Powered by PGP Technology Desktop Email Encryption Desktop Email Encryption, Powered by PGP Technology File Share Encryption File Share Encryption Powered by PGP Technology Encryption Management Server Encryption Management Server Powered by PGP Technology


By default, when encrypting a file using PGP Zip, the file is compressed as well as encrypted. This is because compression is enabled on the keys of internal users that are managed by Encryption Management Server. This can be confirmed by doing the following from the administration console:

  1. Navigate to Consumers / Consumer Policy.
  2. Click on the policy name that applies to the user.
  3. Click on the Edit button next to the Keys section.
  4. Check the Preferred Compression setting. It has a default value of ZLIB but can be changed to Zip.

You may find that PGP Zip no longer compresses files.


Symantec Encryption Desktop 10.4.2 and above.


Check whether Encryption Management Server is configured with an Additional Decryption Key (ADK) and whether it has compression enabled:

  1. From the Encryption Management Server administration console navigate to Keys / Organization Keys.
  2. If an Additional Decryption Key is present, click on it and note its Name and Key ID.
  3. Open Encryption Desktop.
  4. The ADK will be present under PGP Keys / All Keys.
  5. Double click on the ADK to show its properties.
  6. Confirm that the name and key ID match what is present in Encryption Management Server.
  7. Check that Compression is set to ZLIB, Zip or BZip2.

If the ADK has compression set to None, PGP Zip will not compress files because all PGP Zip files are automatically encrypted to the ADK as well as to user keys.

To change the ADK compression, you will need to change the Compression property of the private ADK and import it back into Encryption Management Server. Note that Encryption Management Server only stores the public ADK.

The private ADK should be stored in a safe location. If it is lost, the public ADK stored in Encryption Management Server serves no purpose and can be deleted.

If you need to replace the ADK, generate a new ADK using a standalone version of Encryption Desktop or PGP Command Line and ensure that the key has compression enabled before importing the public key into Encryption Management Server.