Summary: Microsoft Outlook allows you to compress and/or encrypt your PST file. We'll look at what the options are, and when you might choose them.
What kind of Compression or Encryption do I want for Outlook's .PST files?
In an earlier article I discussed compacting an existing .PST, and creating additional .PSTs. One thing I didn't talk about was what kind of encryption or compression to select. In most cases the default is fine, but understanding the differences may help you select something more appropriate for your situation.
When you create a new .PST, Outlook offers you three different types of encryption: none, compressible, and high.
•
No Encryption means just that. Outlook will store your email in such a way that anyone with access to your .PST and notepad will be able to view your mail. It won't be pretty because it'll be intermixed with Outlook's control information and anything in HTML will have all of the HTML tags intermingled. But it will be easily visible.
Compressible Encryption will obfuscate the data in your .PST such that simple tools like notepad will see only garbage. In fact, it'll take some hacker's tool to actually decrypt the data. The term "Compressible" is used because the type of encryption used does not defeat the techniques used by programs such as ZIP, or even the built-in compression that's available on some Windows file systems.
High Encryption uses a stronger form of encryption that is more difficult to hack. It's also potentially more time consuming for Outlook to read and write. And as you might guess, this form of encryption does not compress well if at all. You can still attempt to compress a copy of your .PST for backup if you like, but it's not likely to get much smaller if at all.
So the bottom line is it depends. If you don't care that your .PST might be readable by someone or perhaps you use other forms of security to prevent access, then perhaps No Encryption is right for you. If you're storing sensitive data or have other reasons to be concerned, then perhaps High Encryption is best.
As for me I leave it at the default: Compressible Encryption. I do occasionally want to be able to compress my .PSTs (they do get big), but I'd at least like to keep the casual browser from easily reading my mail.
Article C1882 - January 16, 2004
If the compressible encryption option is used, do you know what encryption algorythm is used? For exampel AES256, AES128, 3DES....
Posted by: Michael Manzo at July 19, 2006 9:22 AMHi,
I want to read a pst file through my own program, but i couldn't find any material describing the structure of the pst file . Can u help me in getting that.
Thanks
Posted by: Amit at August 20, 2006 11:20 PMLooking forward to hear from you
The file format is proprietary, and to the best of my knowledge, not published. You need outlook.
Posted by: Leo A. Notenboom at August 21, 2006 9:05 AMI found you through Google, please help. What's the difference b/w encryption "none" and encryption "AES-128"? I'm trying to use/format a brand new blank disk on my PC that has Microsoft Office Suite. Thanks so much!!
Posted by: CB Jackson at April 27, 2007 11:06 AMHi
Posted by: Ajay at January 24, 2008 10:20 PMi am having a problem in outlook 2007 regarding to export pst file with no encryption,By default Microsoft outlook 2007 export pst file with encryption.in outlook 2003,after going through all steps of exporting pst file,finally a dialog box appears having encryption settings,but in outlook 2007 that dialog box doesn't have encryption setting options.
so how can i enable those settings?
Hi
Posted by: Ajay at January 24, 2008 10:26 PMi am having a problem in outlook 2007 regarding to export pst file with no encryption,By default Microsoft outlook 2007 export pst file with encryption.in outlook 2003,after going through all steps of exporting pst file,finally a dialog box appears having encryption settings,but in outlook 2007 that dialog box doesn't have encryption setting options.
so how can i enable those settings?
In Outlook 2007 there indeed seems to be no option anymore to set no encryption! Why Microsoft makes a new Outlook version not compatible with the older versions?? Anyone knows a fix for this? In order to use certain programs like Pst2mail the pst-file should be set to no encryption.........
Posted by: Bob at June 3, 2008 12:27 PMWith respect to security, it does not matter which of the three so-called encryption options you pick, they are all essentially equivalent. Compressible encryption is a simple Caesar cipher (crypt = table[plain]) for each plain text byte with a fixed permutation table that does not depend on the password. Of course, since the permutation table is fixed, it is also known. Therefore, anyone can trivially decrypt these .pst files.
High encryption moves us all the way up to an early WWII German Enigma three rotor cipher, where again, the content of the three rotors are fixed and don't depend on the password. Of course, since the rotors are fixed and known, anyone can trivially decrypt these .pst files as well.
All in all, a complete joke as far as security is concerned.
Posted by: Carl Byington at January 18, 2009 2:58 PMMy mistake. The compressible encryption is not a Caesar cipher, it is instead a byte substitution cipher with a fixed substitution table.
Posted by: Carl Byington at January 18, 2009 3:17 PMI´m using discryptor.net to encrypt my data. It is userfriendly and really fast.
Posted by: Hrupa at April 25, 2009 7:22 AM