Commit 1f8edc1f authored by John's avatar John

Site updated: 2018-11-19 15:09:33

parent 054b1cd3
...@@ -19,7 +19,7 @@ ...@@ -19,7 +19,7 @@
<meta property="og:description" content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…"> <meta property="og:description" content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<meta property="og:locale" content="en"> <meta property="og:locale" content="en">
<meta property="og:image" content="http://blog.thebestjohn.com/images/sonoff/sonoff.jpg"> <meta property="og:image" content="http://blog.thebestjohn.com/images/sonoff/sonoff.jpg">
<meta property="og:updated_time" content="2018-11-06T21:03:23.352Z"> <meta property="og:updated_time" content="2018-11-19T15:08:20.796Z">
<meta name="twitter:card" content="summary"> <meta name="twitter:card" content="summary">
<meta name="twitter:title" content="You down with PGP? Yeah you know me!"> <meta name="twitter:title" content="You down with PGP? Yeah you know me!">
<meta name="twitter:description" content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…"> <meta name="twitter:description" content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
...@@ -479,20 +479,34 @@ ...@@ -479,20 +479,34 @@
and therefore would have to assume that on the conversion table, there are numbers that go up to 93 and so on. Often time codebooks use numbers like this as well.</p> and therefore would have to assume that on the conversion table, there are numbers that go up to 93 and so on. Often time codebooks use numbers like this as well.</p>
<h2 id="Circling-back-to-GPG"><a href="#Circling-back-to-GPG" class="headerlink" title="Circling back to GPG"></a>Circling back to <abbr title="GNU Privacy Guard">GPG</abbr></h2> <h2 id="Circling-back-to-GPG"><a href="#Circling-back-to-GPG" class="headerlink" title="Circling back to GPG"></a>Circling back to <abbr title="GNU Privacy Guard">GPG</abbr></h2>
<p>What if Alice and Bob were never in the same room together? As soon as anyone, outside Alice and Bob, put their hands on a One-time pad, it should be considered compromised and, for all intents and purposes, useless.</p> <p>What if Alice and Bob were never in the same room together? As soon as anyone, outside Alice and Bob, put their hands on a One-time pad, it should be considered compromised and, for all intents and purposes, useless.</p>
<p>Luckily though, I’ve found this <a href="https://www.youtube.com/watch?v=YEBfamv-_do&amp;t=3m23s" rel="external nofollow noopener noreferrer" target="_blank">https://www.youtube.com/watch?v=YEBfamv-_do&amp;t=3m23s</a></p> <p>This is where <em>Asymmetric encryption</em> comes in. <abbr title="GNU Privacy Guard">GPG</abbr> uses something called <strong>key-pairs</strong>. When Bob wants to get secret information he makes his key pair with an encryption function.
<p><img src="/images/gpg/image.jpg" alt="Image alt text"></p> That key pair consists of a <em>public</em> key and a <em>private</em> key. Anyone can know the public key. It’s public, and won’t compromise the security of the message. Alice also has a key pair. The purpose of these public keys are to
<p><a href="https://alexcabal.com/creating-the-perfect-gpg-keypair/" rel="external nofollow noopener noreferrer" target="_blank">https://alexcabal.com/creating-the-perfect-gpg-keypair/</a><br><a href="http://biglumber.com/index.html" rel="external nofollow noopener noreferrer" both encrypt data and authenticate data. If Alice uses Bob’s public key, she can encrypt any data she likes using it. The only thing that can then decrypt that data, is Bob’s private key. Alice can also sign that encrypted message with her
target="_blank">http://biglumber.com/index.html</a></p> private key and Bob can use Alice’s public key to confirm that it was in fact signed by Alice and therefore likely to contain data that Alice encrypted. Let’s suppose Alice didn’t sign the message she sent to Bob. </p>
<p><a href="https://www.linode.com/docs/security/authentication/gpg-key-for-ssh-authentication/" rel="external nofollow noopener noreferrer" target="_blank">https://www.linode.com/docs/security/authentication/gpg-key-for-ssh-authentication/</a><br> <figure class="highlight plain">
<a <table>
href="https://disjoint.ca/til/2017/10/05/a-guide-to-setting-up--managing-gpg-keys-on-a-yubikey-4/" rel="external nofollow noopener noreferrer" target="_blank">https://disjoint.ca/til/2017/10/05/a-guide-to-setting-up--managing-gpg-keys-on-a-yubikey-4/</a> <tr>
</p> <td class="gutter">
<p><a href="https://github.com/drduh/YubiKey-Guide#22-install---macos" rel="external nofollow noopener noreferrer" target="_blank">https://github.com/drduh/YubiKey-Guide#22-install---macos</a></p> <pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br></pre>
<p><a href="https://medium.com/@ahawkins/securing-my-digital-life-gpg-yubikey-ssh-on-macos-5f115cb01266" rel="external nofollow noopener noreferrer" target="_blank">https://medium.com/@ahawkins/securing-my-digital-life-gpg-yubikey-ssh-on-macos-5f115cb01266</a><br> </td>
<a href="https://eklitzke.org/using-gpg-agent-effectively" rel="external nofollow noopener noreferrer" target="_blank">https://eklitzke.org/using-gpg-agent-effectively</a> <td class="code">
<pre><span class="line">Alice: Bob, Eve is on to us, go dark for a while, I&apos;ll let you know when it&apos;s less dangerous</span><br><span class="line">*Encrypted with Bob&apos;s public key*</span><br><span class="line">Eve then intercepts Alice&apos;s message</span><br><span class="line">Eve: Bob, I think I am in trouble, meet me at the Docks tonight. -Alice</span><br><span class="line">*Encrypted with Bob&apos;s public key*</span><br><span class="line">Bob shows up at the docks and is extraordinary renditioned.</span><br></pre>
</td>
</tr>
</table>
</figure>
<p>If Alice did sign the message, Bob could in fact decrypt the message but would also know that Alice may not have signed it. Eve doesn’t care what Alice sent Bob in this scenario. In fact she <em>can’t</em> know what the message says (assuming
the encryption isn’t broken). She just needs to change what it says and her goals are met. </p>
<p>Asymmetric encryption is often times computationally expensive. In most cases, when someone wants to talk to a specific person, they use the public private key-pair to set up a shared secret key using an algorithm called the Diffie–Hellman
key exchange.
</p> </p>
<p><a href="https://superuser.com/questions/879977/how-to-have-a-different-pass-phrase-for-a-gpg-subkey" rel="external nofollow noopener noreferrer" target="_blank">https://superuser.com/questions/879977/how-to-have-a-different-pass-phrase-for-a-gpg-subkey</a></p> <p>In this method, Alice and Bob publicly agree on a shared set of numbers, they then use their private keys and use the public numbers in an algorithm to obtain a “mix” of numbers that they’ll send to one another. Alice and Bob then “mix” the
<p><a href="http://duplicity.nongnu.org/" rel="external nofollow noopener noreferrer" target="_blank">http://duplicity.nongnu.org/</a></p> others mixed numbers to be left with a pair of numbers that no one else can know. Eve would need access to either Bob or Alices private numbers in order to arrive at the new secret from any of the numbers that were shared.</p>
<p>It’s a little hard to understand this way and often a good way of explaining this is with Colours. The image below shows a representation for this.<br><img src="/images/gpg/dhkeyexchange.png" alt="Diffie–Hellman key exchange"></p>
<p>Notice the final colour never goes into the public space. This is the number that would then be used to encrypt messages using a symmetric encryption (similar to our one time pad example). If you’d like to see a video on this, Khan Academy
presents a lesson by <a href="https://britcruise.com/" rel="external nofollow noopener noreferrer" target="_blank">Brit Cruise</a> and does a good job at demonstrating it.</p>
<!-- https://www.youtube.com/watch?v=YEBfamv-_do&t=3m23s -->
<div class="video-container"><iframe src="//www.youtube.com/embed/YEBfamv-_do&t=3m23s" frameborder="0" allowfullscreen></iframe></div>
</div> </div>
<div class="article__author" itemscope="" itemprop="author" itemtype="https://schema.org/Person"><img class="article__author__image" src="/images/avatar.jpg" alt="John Warren"><a class="article__author__link" title="About John Warren" rel="author">John Warren</a> <div class="article__author" itemscope="" itemprop="author" itemtype="https://schema.org/Person"><img class="article__author__image" src="/images/avatar.jpg" alt="John Warren"><a class="article__author__link" title="About John Warren" rel="author">John Warren</a>
<p class="article__author__desc">Just a place to make stuff</p> <p class="article__author__desc">Just a place to make stuff</p>
...@@ -519,7 +533,7 @@ ...@@ -519,7 +533,7 @@
})(); })();
</script><noscript>Enable JavaScript to see comments.</noscript> </script><noscript>Enable JavaScript to see comments.</noscript>
<!-- Meta Tags for Structured Data--> <!-- Meta Tags for Structured Data-->
<meta itemprop="dateModified" content="2018-11-06T21:03:23.352Z"> <meta itemprop="dateModified" content="2018-11-19T15:08:20.796Z">
<meta itemprop="articleBody" content="When “pretty good” is good enough <meta itemprop="articleBody" content="When “pretty good” is good enough
PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that..."> PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that...">
<meta itemprop="url" content="/posts/you-down-with-pgp-yeah-you-know-me/"> <meta itemprop="url" content="/posts/you-down-with-pgp-yeah-you-know-me/">
......
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<url> <url>
<loc>http://blog.thebestjohn.com/posts/you-down-with-pgp-yeah-you-know-me/</loc> <loc>http://blog.thebestjohn.com/posts/you-down-with-pgp-yeah-you-know-me/</loc>
<lastmod>2018-11-06T21:03:23.352Z</lastmod> <lastmod>2018-11-19T15:08:20.796Z</lastmod>
</url> </url>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment