<h3class="post-list__item__title"><ahref="/posts/you-down-with-pgp-yeah-you-know-me/"title="You down with PGP? Yeah you know me!">You down with PGP? Yeah you know me!</a></h3>
<pclass="post-list__item__description">When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so...</p>
<pclass="post-list__item__description">Photo by Vidar Nordli-Mathisen on Unsplash Oh God. HEX! It’s just so hard to get your head around. A lot of people think that getting into...</p>
<h3class="post-list__item__title"><ahref="/posts/you-down-with-pgp-yeah-you-know-me/"title="You down with PGP? Yeah you know me!">You down with PGP? Yeah you know me!</a></h3>
<pclass="post-list__item__description">When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so...</p>
<pclass="post-list__item__description">Photo by Vidar Nordli-Mathisen on Unsplash Oh God. HEX! It’s just so hard to get your head around. A lot of people think that getting into...</p>
<h3class="post-list__item__title"><ahref="/posts/you-down-with-pgp-yeah-you-know-me/"title="You down with PGP? Yeah you know me!">You down with PGP? Yeah you know me!</a></h3>
<pclass="post-list__item__description">When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so...</p>
<h3class="post-list__item__title"><ahref="/posts/you-down-with-pgp-yeah-you-know-me/"title="You down with PGP? Yeah you know me!">You down with PGP? Yeah you know me!</a></h3>
<pclass="post-list__item__description">When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so...</p>
<pclass="post-list__item__description">Photo by Vidar Nordli-Mathisen on Unsplash Oh God. HEX! It’s just so hard to get your head around. A lot of people think that getting into...</p>
<h3class="post-list__item__title"><ahref="/posts/you-down-with-pgp-yeah-you-know-me/"title="You down with PGP? Yeah you know me!">You down with PGP? Yeah you know me!</a></h3>
<pclass="post-list__item__description">When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so...</p>
<metaname="description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<metaproperty="og:type"content="article">
<metaproperty="og:title"content="You down with PGP? Yeah you know me!">
<metaproperty="og:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<metaname="twitter:title"content="You down with PGP? Yeah you know me!">
<metaname="twitter:description"content="When “pretty good” is good enough PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing…">
<h1id="When-“pretty-good”-is-good-enough"><ahref="#When-“pretty-good”-is-good-enough"class="headerlink"title="When “pretty good” is good enough"></a>When “pretty good” is good enough</h1>
<p><abbrtitle="Pretty Good Privacy">PGP</abbr> stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that data, without a third party being able to
also do so. They call it “pretty good” because when you talk about encryption, one of the first things you have to assume is that it’s going to be broken, or is already broken and no one knows. It’s important to know that given enough time,
money, and computing power; every encryption can be broken. You also have to realize, There are people in this world who have a much simpler method of breaking encryption and it’s usually called the 5$ wrench attack.</p>
<p>For the most part. Your data is not something that someone is going to spend billions of dollars trying to get at. So long as you’re not in a country that routinely violates human rights, you might also not be susceptible to the 5$ wrench
attack. I should note however that it seems people in the United States have been held in prison on contempt of court charges for not giving up decryption keys to encrypted data. It could very well be that you forget passwords to encrypted
data and end up languishing in jail. A truly cruel punishment.</p>
<p>So <abbrtitle="Pretty Good Privacy">PGP</abbr> is the standard however it is owned by Symantec and considered proprietary. An open, non proprietary version of this standard is called OpenPGP. <abbrtitle="Open Pretty Good Privacy">OpenPGP</abbr> is just a concept, a piece data outlining how <abbrtitle="Open Pretty Good Privacy">OpenPGP</abbr> works. <abbrtitle="GNU Privacy Guard">GPG</abbr> is actual code that does the things outlined in the <abbrtitle="Open Pretty Good Privacy">OpenPGP</abbr> standard.</p>
<p>All this lingo and stuff can be confusing so from now on I’ll just be talking about how to use <abbrtitle="GNU Privacy Guard">GPG</abbr>. All you need to take away from that is <abbrtitle="GNU Privacy Guard">GPG</abbr> is a program that
let you use the stuff thats outlined in <abbrtitle="Open Pretty Good Privacy">OpenPGP</abbr></p>
<h3id="A-word-on-why"><ahref="#A-word-on-why"class="headerlink"title="A word on why"></a>A word on why</h3>
<p>When you talk about securing yourself on the web you have to realize that it’s not just about securing you. Your life might not be at risk because of your views, your government, your ideals, or your beliefs. The thing is there are many people
in this world who aren’t so lucky. Whistleblowers, Journalists, political dissidents opposed to fascist regimes all have to worry about whether or not they are going to be found out by someone who may not like what they have to say.</p>
<p>The truth is that using <abbrtitle="GNU Privacy Guard">GPG</abbr>, and encryption in general, normalizes the use of encryption. Imagine if you would, that nobody had locks on their front doors. When walking down the street, you would assume
that the only door in the neighborhood with a deadbolt would be hiding something. This is a perfect analogy because it’s also a great response to people who say “Well I have nothing to hide why should I encrypt things”. You’re not hiding
anything in your house, why have a lock on the door? Why have a door at all? The answer is that A: You don’t want people wandering in. B: You want to keep bad people out.</p>
<p>The same thing goes for encryption. Your identity is something that you need to protect. Identity theft occurs every day and it has far reaching implications. On top of that. As a society, we need Whistleblowers, Journalists, and yes, sometimes
dissidents.</p>
<h2id="How-does-encryption-work"><ahref="#How-does-encryption-work"class="headerlink"title="How does encryption work?"></a>How does encryption work?</h2>
<p>In order to talk about encryption, you usually have to talk about math. Lots of fairly complicated math. People write thesis’s on encryption algorithms and base their eitire mathematical careers off them. I’ve always found it to be a very
intimidating way to approach the concept.</p>
<p>Basically, in order to encrypt something, you need a secret password that both you and the person you’re trying to contact know. This “shared secret” is then used to take your input data (your secret message) and transform it into something
that is unrecognizable to an outside observer. Throughout history, this has taken many forms. One-time pads are very tight encryption, the enigma machine was famous for needing the first Turing machine to be built to crack it. If you want
explanations as to how the math works for these, this isn’t the right blog.</p>
<p>Let me take you through a quick example using a One-time Pad. A One-time pad is called as such because in order for it to be secure, you can only use it once to encrypt data. Each successive use weakens it’s encryption strength. They’re basically
two paper booklets that are identical to each other with random letters on them. Those random letters are identical in each pad as well. The two people wanting to send messages to one another should each have one.</p>
<p>When people talk about encryption they also always seem to use “Alice” and “Bob” as the people wanting to send messages. “Eve” is always the nefarious third party trying to spy on the communication. I don’t know why but make your own story
up.</p>
<h2id="One-time-pad-encryption-example"><ahref="#One-time-pad-encryption-example"class="headerlink"title="One-time pad encryption example"></a>One-time pad encryption example</h2>
<p>So let’s make our super secret one time pad. First we’re going to agree on a key. We’ll go elementary school style with just listing the numbers of the letters in the alphabet.</p>
<table>
<thead>
<tr>
<thstyle="text-align:center">A</th>
<thstyle="text-align:center">B</th>
<thstyle="text-align:center">C</th>
<thstyle="text-align:center">D</th>
<thstyle="text-align:center">E</th>
<thstyle="text-align:center">F</th>
<thstyle="text-align:center">G</th>
<thstyle="text-align:center">H</th>
<thstyle="text-align:center">I</th>
<thstyle="text-align:center">J</th>
<thstyle="text-align:center">K</th>
<thstyle="text-align:center">L</th>
<thstyle="text-align:center">M</th>
</tr>
</thead>
<tbody>
<tr>
<tdstyle="text-align:center">01</td>
<tdstyle="text-align:center">02</td>
<tdstyle="text-align:center">03</td>
<tdstyle="text-align:center">04</td>
<tdstyle="text-align:center">05</td>
<tdstyle="text-align:center">06</td>
<tdstyle="text-align:center">07</td>
<tdstyle="text-align:center">08</td>
<tdstyle="text-align:center">09</td>
<tdstyle="text-align:center">10</td>
<tdstyle="text-align:center">11</td>
<tdstyle="text-align:center">12</td>
<tdstyle="text-align:center">13</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr>
<thstyle="text-align:center">N</th>
<thstyle="text-align:center">O</th>
<thstyle="text-align:center">P</th>
<thstyle="text-align:center">Q</th>
<thstyle="text-align:center">R</th>
<thstyle="text-align:center">S</th>
<thstyle="text-align:center">T</th>
<thstyle="text-align:center">U</th>
<thstyle="text-align:center">V</th>
<thstyle="text-align:center">W</th>
<thstyle="text-align:center">X</th>
<thstyle="text-align:center">Y</th>
<thstyle="text-align:center">X</th>
</tr>
</thead>
<tbody>
<tr>
<tdstyle="text-align:center">14</td>
<tdstyle="text-align:center">15</td>
<tdstyle="text-align:center">16</td>
<tdstyle="text-align:center">17</td>
<tdstyle="text-align:center">18</td>
<tdstyle="text-align:center">19</td>
<tdstyle="text-align:center">20</td>
<tdstyle="text-align:center">21</td>
<tdstyle="text-align:center">22</td>
<tdstyle="text-align:center">23</td>
<tdstyle="text-align:center">24</td>
<tdstyle="text-align:center">25</td>
<tdstyle="text-align:center">26</td>
</tr>
</tbody>
</table>
<p>Next we’ll make our one time pad by generating a bunch of random letters. Important to note here that randomness is important to this whole thing. Most of the things you <strong>think</strong> are random are not. Truly random things are difficult,
but we’re not dealing with life or death info.</p>
<p>I went to <ahref="https://www.random.org/strings/"rel="external nofollow noopener noreferrer"target="_blank">random.org/strings</a> and got 20 random 2 character strings.</p>
<blockquote>
<p>IM OT WM GU BY SH EB JR PU YC PV LW ZI CZ DB DM RU BH TY FV</p>
</blockquote>
<p>I’ve arranged them in 2 letter groups because this next part is how we’ll encode/decode our message. Lets convert these to numbers. I’m just going to grab a couple to use as we won’t need all of them.</p>
<table>
<thead>
<tr>
<thstyle="text-align:center">IM</th>
<thstyle="text-align:center">OT</th>
<thstyle="text-align:center">WM</th>
<thstyle="text-align:center">GU</th>
<thstyle="text-align:center">BY</th>
<thstyle="text-align:center">SH</th>
<thstyle="text-align:center">EB</th>
<thstyle="text-align:center">JR</th>
<thstyle="text-align:center">PU</th>
</tr>
</thead>
<tbody>
<tr>
<tdstyle="text-align:center">0913</td>
<tdstyle="text-align:center">1520</td>
<tdstyle="text-align:center">2313</td>
<tdstyle="text-align:center">0721</td>
<tdstyle="text-align:center">0225</td>
<tdstyle="text-align:center">1908</td>
<tdstyle="text-align:center">0502</td>
<tdstyle="text-align:center">1018</td>
<tdstyle="text-align:center">1621</td>
</tr>
</tbody>
</table>
<h2id="Circling-back-to-GPG"><ahref="#Circling-back-to-GPG"class="headerlink"title="Circling back to GPG"></a>Circling back to <abbrtitle="GNU Privacy Guard">GPG</abbr></h2>
<p>Luckily though, I’ve found this </p>
<p><imgsrc="/images/gpg/image.jpg"alt="Image alt text"></p>
<divclass="article__author"itemscope=""itemprop="author"itemtype="https://schema.org/Person"><imgclass="article__author__image"src="/images/avatar.jpg"alt="John Warren"><aclass="article__author__link"title="About John Warren"rel="author">John Warren</a>
<pclass="article__author__desc">Just a place to make stuff</p>
<metaitemprop="articleBody"content="When “pretty good” is good enough
PGP stands for “Pretty Good Privacy”. It’s a set of algorithms for encrypting, compressing, and signing data so that a specific person can open and read that...">