any interest in working with public key encryption ("PGP")

Chat about just about anything else

any interest in working with public key encryption ("PGP")

Postby mike acker on Fri Mar 21, 2014 3:46 pm

Code: Select all
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

is anyone interested in learning more about Public Key Encryption?
This would  be GnuPG on our Linux systems -- or
PGP/Desktop for those needing an "official" commercial system.

Similarly we would use Enigmail on Thunderbird on our Linux systems
while those needing "official" commercial software would be using Outlook.

I think one of the aspects of Public Key Encryption is
that PGP or GnuPG provides authentication and integrity -- not just encryption.

Authentication allows you to verify that a message
is from the person who claims to have sent it.

Integrity allows you to verify that a message has not been altered "in transit"

Provided that you have a trusted copy of the other person's public key. 
Which gets us into the subject of Trust Models. 
These are discussed in Phil Zimmerman's original essay on PGP -- and --
as far as I'm concerned -- that's still the best read on the topic.

I'll sign this for you with GnuPG -- just for fun.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQEcBAEBAgAGBQJTLJTWAAoJEMxYQmPg90u5iLMH/1MPH3E1kDDtVqxb5BxF42e7
BnYBClU0EfSaZpIQ+stbVAGA9uU96dyPAj/uR1ceep/P0RCkvqJ8BmWSjxUBHjod
lVlrUqSUCD1kBsJ5yu9gC/pBInDT+nMoPgoqZpuc3XqTc43MGKWe9j7lQ2H6VHtu
hT/xSATXUoL5/Ql6tFkrsudW0+3huR4LV+ZPkYq2fXhZb3JSzNhPkE783Kx/Ao+l
Hx8ZSXDWlvNKQbSuRNto7nFZIQT6lnsPM0bhX6iSX4xyjC36a1taX45XLTeuP7ic
Ao/g4A/I0aCdaD7IwjMx9aTLEiaDTtXJpfp9ctGvCLNHLm3WEgpta8o7uubtA+o=
=L3+Q
-----END PGP SIGNATURE-----


my Public key is on the default server.

Link to Zimmerman's Original Document Vol 1

From my own studies it is my view that a lot of what we call "hacking" results from our failure to authenticate the credentials of sources that we communicate with . this would apply to software downloads as well as e/mails, credit card transactions, tax returns, web sites -- you name it.
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Linux Mint is funded by ads and donations.
 

Re: any interest in working with public key encryption ("PGP

Postby Habitual on Fri Mar 21, 2014 5:18 pm

you've got mail.
What's a landing but a take off in reverse?
My DorkBlog
User avatar
Habitual
Level 8
Level 8
 
Posts: 2073
Joined: Sun Nov 21, 2010 8:31 pm
Location: Undecided

Re: any interest in working with public key encryption ("PGP

Postby mike acker on Fri Mar 21, 2014 6:32 pm

Habitual wrote:you've got mail.


where'd ya put it?
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: any interest in working with public key encryption ("PGP

Postby Habitual on Sat Mar 22, 2014 11:10 am

the email went to charter.net (addy as shown on the mit keyserver key)
What's a landing but a take off in reverse?
My DorkBlog
User avatar
Habitual
Level 8
Level 8
 
Posts: 2073
Joined: Sun Nov 21, 2010 8:31 pm
Location: Undecided

Re: any interest in working with public key encryption ("PGP

Postby mike acker on Sat Mar 22, 2014 6:46 pm

Habitual wrote:the email went to charter.net (addy as shown on the mit keyserver key)



+ I received an e/mail from <>
+ i was able to obtain your key from the keyserver, and thus
+ i was able to send you a signed/encrypted reply

let us know if you receive the message and are able to decrypt it
are you using Thunderbird with ENIGMAIL ?

one of the key elements that we would like to examine in this thread is the subject of Trust Models

+ how would you ascertain whether or not to trust the key that you obtained from the key server ? How would I decide whether to trust your key ?

the reader is invited to read notes regarding Whitfield Difgfie's testimony in NewEggs defense v. patent troll TQP as well as Section 6 Managing Keys in Phil Zimmerman's original documentation.

exerpt
The problem was vast, Diffie explained—nothing less than how to keep things private in a networked world. He recalled a conversation with his wife in 1973, sitting on a New Jersey park bench. "I told her that we were headed into a world where people would have important, intimate, long-term relationships with people they had never met face to face," he said. "I was worried about privacy in that world, and that's why I was working on cryptography."

At that time, the only encryption happened within "closed systems." IBM could encrypt information within its own company's networks, and Texas Instruments could encrypt on theirs. But some kind of courier would have to carry encryption "keys" to both companies before they could do so.

That was the "key distribution" problem Diffie strove to solve. "It's arranging to provide keys to two people who have never met before, who suddenly find themselves with a need to communicate," he explained. "This is much the way we visit websites these days."

There was one other big need: proving authenticity.

"The receiver of the document can come into court with the signed document and prove to a judge that the document is legitimate," he said. "That person can recognize the signature but could not have created the signature."
Last edited by mike acker on Sat Mar 22, 2014 7:24 pm, edited 1 time in total.
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: any interest in working with public key encryption ("PGP

Postby mike acker on Sat Mar 22, 2014 7:20 pm

here is the PGP management menu that you get on Thunderbird after you install the ENIGMAIL plug-in

keymanagement.png
ENIGMAL management menu


you can do pretty much all you need to do from this GUI menu

or you could use GPG on the terminal
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: any interest in working with public key encryption ("PGP

Postby mike acker on Sun Mar 23, 2014 6:32 pm

Habitual wrote:the email went to charter.net (addy as shown on the mit keyserver key)


the interesting thing about our exercise today is that we can chatter over a pgp secured link
with scarcely any more effort than running bare

once the keys are exchanged the only added effort is in checking to make sure the PGP keys are set on.
optionally I can set Thunderbird to use PGP as the default for this correspondent.
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: any interest in working with public key encryption ("PGP

Postby Habitual on Fri Mar 28, 2014 12:10 pm

side note:
Exchanging keys via enigmail on an older version of Thunderbird will cough up errors.

Once I got my Tbird and enigmail into the 21st century, it was "smooth sailing".
What's a landing but a take off in reverse?
My DorkBlog
User avatar
Habitual
Level 8
Level 8
 
Posts: 2073
Joined: Sun Nov 21, 2010 8:31 pm
Location: Undecided

Re: any interest in working with public key encryption ("PGP

Postby mike acker on Fri Mar 28, 2014 6:41 pm

interestingly, once you have ENIGMAIL installed you can set RECIPIENT RULES
and then just chatter away with anyone that you have a shared key with.

I'm thinking about running a monolog thread on establishing TRUST --
I created a dummy person for the dialog
whatcha think ?
Home assembled box using ASUS M5A88-M motherboard and x64 AMD Phenom II X4 3.4GHz cpu; 4x4MB DDR3 RAM
User avatar
mike acker
Level 4
Level 4
 
Posts: 351
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Linux Mint is funded by ads and donations.
 

Return to Open chat

Who is online

Users browsing this forum: No registered users and 1 guest