<metaproperty="og:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<metaproperty="og:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<metaname="twitter:title"content="You down with PGP? Yeah you know me!">
<metaname="twitter:title"content="You down with PGP? Yeah you know me!">
<metaname="twitter:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<metaname="twitter:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
...
@@ -479,20 +479,34 @@
...
@@ -479,20 +479,34 @@
and therefore would have to assume that on the conversion table, there are numbers that go up to 93 and so on. Often time codebooks use numbers like this as well.</p>
and therefore would have to assume that on the conversion table, there are numbers that go up to 93 and so on. Often time codebooks use numbers like this as well.</p>
<h2id="Circling-back-to-GPG"><ahref="#Circling-back-to-GPG"class="headerlink"title="Circling back to GPG"></a>Circling back to <abbrtitle="GNU Privacy Guard">GPG</abbr></h2>
<h2id="Circling-back-to-GPG"><ahref="#Circling-back-to-GPG"class="headerlink"title="Circling back to GPG"></a>Circling back to <abbrtitle="GNU Privacy Guard">GPG</abbr></h2>
<p>What if Alice and Bob were never in the same room together? As soon as anyone, outside Alice and Bob, put their hands on a One-time pad, it should be considered compromised and, for all intents and purposes, useless.</p>
<p>What if Alice and Bob were never in the same room together? As soon as anyone, outside Alice and Bob, put their hands on a One-time pad, it should be considered compromised and, for all intents and purposes, useless.</p>
<p>Luckily though, I’ve found this <ahref="https://www.youtube.com/watch?v=YEBfamv-_do&t=3m23s"rel="external nofollow noopener noreferrer"target="_blank">https://www.youtube.com/watch?v=YEBfamv-_do&t=3m23s</a></p>
<p>This is where <em>Asymmetric encryption</em> comes in. <abbrtitle="GNU Privacy Guard">GPG</abbr> uses something called <strong>key-pairs</strong>. When Bob wants to get secret information he makes his key pair with an encryption function.
<p><imgsrc="/images/gpg/image.jpg"alt="Image alt text"></p>
That key pair consists of a <em>public</em> key and a <em>private</em> key. Anyone can know the public key. It’s public, and won’t compromise the security of the message. Alice also has a key pair. The purpose of these public keys are to
both encrypt data and authenticate data. If Alice uses Bob’s public key, she can encrypt any data she likes using it. The only thing that can then decrypt that data, is Bob’s private key. Alice can also sign that encrypted message with her
private key and Bob can use Alice’s public key to confirm that it was in fact signed by Alice and therefore likely to contain data that Alice encrypted. Let’s suppose Alice didn’t sign the message she sent to Bob. </p>
<pre><spanclass="line">Alice: Bob, Eve is on to us, go dark for a while, I'll let you know when it's less dangerous</span><br><spanclass="line">*Encrypted with Bob's public key*</span><br><spanclass="line">Eve then intercepts Alice's message</span><br><spanclass="line">Eve: Bob, I think I am in trouble, meet me at the Docks tonight. -Alice</span><br><spanclass="line">*Encrypted with Bob's public key*</span><br><spanclass="line">Bob shows up at the docks and is extraordinary renditioned.</span><br></pre>
</td>
</tr>
</table>
</figure>
<p>If Alice did sign the message, Bob could in fact decrypt the message but would also know that Alice may not have signed it. Eve doesn’t care what Alice sent Bob in this scenario. In fact she <em>can’t</em> know what the message says (assuming
the encryption isn’t broken). She just needs to change what it says and her goals are met. </p>
<p>Asymmetric encryption is often times computationally expensive. In most cases, when someone wants to talk to a specific person, they use the public private key-pair to set up a shared secret key using an algorithm called the Diffie–Hellman
<p>In this method, Alice and Bob publicly agree on a shared set of numbers, they then use their private keys and use the public numbers in an algorithm to obtain a “mix” of numbers that they’ll send to one another. Alice and Bob then “mix” the
others mixed numbers to be left with a pair of numbers that no one else can know. Eve would need access to either Bob or Alices private numbers in order to arrive at the new secret from any of the numbers that were shared.</p>
<p>It’s a little hard to understand this way and often a good way of explaining this is with Colours. The image below shows a representation for this.<br><imgsrc="/images/gpg/dhkeyexchange.png"alt="Diffie–Hellman key exchange"></p>
<p>Notice the final colour never goes into the public space. This is the number that would then be used to encrypt messages using a symmetric encryption (similar to our one time pad example). If you’d like to see a video on this, Khan Academy
presents a lesson by <ahref="https://britcruise.com/"rel="external nofollow noopener noreferrer"target="_blank">Brit Cruise</a> and does a good job at demonstrating it.</p>
<divclass="article__author"itemscope=""itemprop="author"itemtype="https://schema.org/Person"><imgclass="article__author__image"src="/images/avatar.jpg"alt="John Warren"><aclass="article__author__link"title="About John Warren"rel="author">John Warren</a>
<divclass="article__author"itemscope=""itemprop="author"itemtype="https://schema.org/Person"><imgclass="article__author__image"src="/images/avatar.jpg"alt="John Warren"><aclass="article__author__link"title="About John Warren"rel="author">John Warren</a>
<pclass="article__author__desc">Just a place to make stuff</p>
<pclass="article__author__desc">Just a place to make stuff</p>
...
@@ -519,7 +533,7 @@
...
@@ -519,7 +533,7 @@
})();
})();
</script><noscript>Enable JavaScript to see comments.</noscript>
</script><noscript>Enable JavaScript to see comments.</noscript>
<metaitemprop="articleBody"content="When “pretty good” is good enough
<metaitemprop="articleBody"content="When “pretty good” is good enough
PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that...">
PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that...">