SWBFGamers PGP Club

Started by Joseph, March 04, 2014, 03:27:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 04, 2014, 03:27:01 PM Last Edit: March 04, 2014, 03:53:27 PM by Joseph
It is now very important that all internet-using people know how to communicate securely, even over insecure channels like gmail, and with no fear of being spyed upon by e.g. the NSA. Fortunately there is a way to do this. It is called PGP.

This thread is a brief explanation of PGP and how to use it, with an interactive component. Your challenge is to send me an encrypted message!

HOW PUBLIC KEY CRYPTO WORKS (VAGUELY)


Everyone makes their own public key and private key. You keep the private key to yourself, but advertise the public key widely (website, email signature, etc.), so that anyone who wants to message you securely uses your public key. The encrypted message can only be read by the person with the associated private key, namely, yourself.

Remarkably, this allows you to communicate securely with complete strangers who you've never met before, without exchanging a secret key.

HOW TO DO IT (in 5 minutes)

1. First, download the software. By googling "PGP client" you can find an assortment; I prefer gpg4win for Windows. Macs might try GPGtools. My tutorial will focus on gpg4win, but the steps will be similar for other clients. Worst case scenario, you have to read someone else's tutorial.

2. Open Kleopatra.

3. File, New Certificate, create an OpenPGP key pair.

4. Enter your details, and in Advanced Settings chooseRSA 4096 bit (for maximal security).

5. Create the key. Make sure to use a long (>16) password which is generated randomly using special characters. random.org has a generator you can use, but I recommend KeePass as a generator and a way to store your passwords (so no memorization needed).

6. Now, from my experience you may want to close and restart Kleopatra at this point, because usually it doesn't immediately list your new key. You want to see, in the main interface, the key with your name, email, etc.

What to post here (to complete the challenge)

1. First, you want to right click the key you've created, and click "Export Certificate". This makes an .asc text file (which may be opened e.g. with WordPad) containing your public key. It will look like the block of text at the bottom of this post. This is the public key; other people need to see it in order to communicate to you securely. Now, post your public key in this thread (as I've done).

2. Second, you need to practice by sending me a message. To do that, copy/paste my public key (which is below) into a blank text document, and save it as a .asc file. Then, in Kleopatra, go to Import Certificates, and select that file. Once my key is imported, you may send me an encrypted message. First, type the message you want into a .asc file. Then in Kleopatra, go to file, sign/encrypt files. Choose the file, choose encrypt and select "Text output (ASCII armor)", next, select my name as who you want to encrypt to. Voila! Kleopatra will make a file which contained the encrypted message. Place the encrypted message

3. If you did everything correctly, I am the only person in the world who can read your message (with the private key corresponding to my public key). When I read the message, I will write a response and send an encrypted message back using your posted public key. To read it, you will go to File, Decrypt/verify files, and the rest should be obvious by now.


--------------------------------
I'm anxiously awaiting your responses! Please tell me if anything is unclear in the above, or if you have any questions.

Here is my public key:

Code Select
-----BEGIN PGP PUBLIC KEY BLOCK-----   
Version: GnuPG v2.0.21 (MingW32)   
   
mQINBFMWWZMBEADfu0HeZBJFaXfTRgKdG3UUQNfvFF00EYBPFMBrBVAE9mA8WXGX   
huMVC3tG+BwI/mJ3t7WLzpj+WmySI57Ei9XcwM8BROUt9B4ITnp3ZnXJoTzJe02E   
CDyzmG2xW/6YNtQy/z4VsZr2kvY7jeCKoFOSX9Fbm2+30H6ISM1TfCt8GnzXAVEd   
zFZtbpNSw84zMxeY5iNQk61iDAhhEWFc/fVzde0nFMl+29bdBxc6PyKuZfsJ6tCu   
CUQN/ppK/GjCGfDeFSf8JztBaPCoDTcsOxDBeOyBi2i55EOF3fhpHzV6nNw7gnCb   
c3Mp50ONycKV75GoEVjb4ChNNDbxJBjiVg4CO14qRhC/P3p7XvR8UGkOgG3kWlj2   
05RdqZGk9ZI9rteiXnQSvDvTHELBBK4UUfeaA8G2F1Ch+Foy7+iBIE4JB2IklDm/   
SSaMVsfs2CwQScHzT7VuumVdbmaSfPpRHy2s19zdJV1TBleFFygYV4YDqLa0hFab   
3fj955rVMkzJTmjL7MltktYHaXdbBGBF/UEMZtQ27ZRCowp085S1V9nhlWuTuDwi   
cMgaOH/woFUA3X2TNGVje9oM3Vu2fc1uVpBDAVZV52FI4BWhyxgODQc+zXUyIFPM   
Hmhi4Xdc7TYVZxJBMtOJT+YgohQA20nKkWN6esIqxcpRxJ2mQG5+gUSo6wARAQAB   
tCVKb3NlcGggS25pZ2h0IDxqb3NlcGguOTM3MUBnbWFpbC5jb20+iQI5BBMBAgAj   
BQJTFlmTAhsvBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQEXlPi5pXZ9A2   
iBAAxWIvcD2yQ84OQc7QDUlHGl1E4nmwQ7X/qckWzDk6U/i6MmEwhalKNDCEKv8y   
h9qOLGuw/mzJA/RwSQG+lM1bWi6njku1PYnZFAdEaM0arngCCkE+HMDP3ohQDJ5I   
XvR87yRw9F/aIt6QP80+ce5huq7v5ks75fcJwQduy8Mi5/AoYzijL/ZVTtPIgJaJ   
2MVKt4yT+bq8FjzBrjKmTNktfmnFopABDD6sM8i656P8zYKxx1Szs0FEOzbDyCLP   
ZUdxO/CHk6mgOIWJGYJHRfjJdry1F2E7y15wrMqF9HkV8D0hOImWog5ECHrSK/Rw   
rLkm+XN6stGnhcEXjHO1fQnMWI9g26BAUKL8RD1RlqhlGl9ouS1oTFRL3WpG5itH   
l86fh8GofKkAgx7b4ZH9Egi8SbAl6I6ps/OoGwzN2VniKEHDwO1a5WROv4kLBcT0   
9114gmPHW0PMnfEVkad9DbZQqs7z4O4MG4vOtEEdUg9AwSV2ArzJLM0Cnsgo97Yh   
o4liILaoryCLgPxfTsqPJiKFeroISC26CneCzYRnxOStH9f8RrinLqPQkFbIwvnL   
+CG6h2votCbWoUCfdx8BTItAdEN2E852ILducQyHcTW2CPpW0ZpQe/PafdgMFVmz   
cXjzIAdrK0Byc1YnzYR3jLvymGhDOJXi6OqfJ5oJGW0Oliw=   
=2G+t   
-----END PGP PUBLIC KEY BLOCK-----   

Print
Go Up Pages1
User actions