[ Lesson ] Public-Key Cryptography - Security & Cryptography

Users browsing this thread:
commodore
Members
Overview ---------------------------------------------

In this (bland) lesson, we'll go over the concept of public key cryptography, where it is implemented today, and how to use it yourself.


Prerequisites ------------------------------------------

1) A brain and willingness to learn.
2) A second user account to test with.
3) GPG installed on the system.


Introduction -------------------------------------------

Public-Key cryptography has been used for years for the encryption of data in various uses, such as encrypted e-mail messages,
SSH connections, and is what allows the TOR network traffic to remain anonymous even while inside of the network. Although it
has been hugely implemented by a wide range of technology since the second half of the century, public key cryptography is still
one of the most efficient and safe methods of securing content between multiple individuals or network entities, and anything
encrypted with it is nearly impossible to decipher as a third-party (government, spouse, etc.)


How does public key cryptography work? ----------------

The technique largely utilized in public-key cryptography is the use of asymmetric key algorithms, in which the key that is
responsible for the encryption of the data is different than the key used to decrypt it. Each individual who wishes to send
the encrypted data has a pair of their own cryptographic keys. One that is publicly distributed that is responsible for encryption,
and one that is private to the user, and used to decrypt the data sent. These keys are mathematically relatable, but virtually
impossible to determine via one another.

For example, if I wanted my friend Alice to send me a couple pieces of sensitive information, perhaps banking information, I would
first send my public key to her via e-mail or any other means necessary (please note that the public key _does not_ need to be
concealed from others). Alice would then encrypt the data using my public key, and send it to me with as an e-mail attachment.
Upon receiving the file sent from Alice, I use my _private_ key to decrypt the file that encrypted with my _public_ key.
Now the data is no longer encrypted, and can be understood by me.


How can I implement public key cryptography? ----------

To put it simply, you are probably using it without being aware of it. SSL web encryption use public key cryptography to encrypt your
web traffic between you and websites to keep your data safe from fraudulent entities, but also ensures the validity of websites you visit.
Instead of allowing software to utilize it without letting us see the inner workings, we will get down and dirty with GPG, an encryption system
that uses public key cryptography!

Pop open a terminal, and run "gpg --gen-key". Select the default values, and assign your keys with a name and passphrase to protect your keys.
The program will ask you to move the mouse erratically for key generation. You just generated your own unique key pair! Congrats! Now if we view your
public key while in it's current state, we will notice that it may be a bit hard to share on, say, a piece of paper or an e-mail. To convert your key
to a more readable format, run "gpg --armor --export <name of key you assigned earlier> > key".

Now since we don't have another individual to test GPG with, we'll sign in as another user on your system. As the other user, import the first key with,
"gpg --import key". We now have the other user's oublic key saved. Now make a message in a plain file. To encrypt the file, we will now use the first
user's key with, "gpg --armor --encrypt <file>". Now enter the name of the public key of the other user. Now if we view the contents of the _new_ *.asc
file, we can see it was succesfully encrypted. Now we'll 'su', back to the first user. Let's pretend the second guy already e-mailed the message to him.

To decrypt the message, we will run "gpg --decrypt message.asc". It will prompt you for the passphrase you used while creating the keys. You now have a
cleartext version of the file!

Conclusion -------------------------------------------

As bland, and seemingly useless this lesson may have seemed, the content taught in it is widely used today to keep our information and online safety intact.
I hope you enjoyed! ;)
commodore
Members
(22-07-2012, 03:46 PM)NeoTerra Wrote: Look quite good! Keep up the good work.

Thanks a lot my friend. I'm glad you enjoyed it ;)
Reki
Members
The content is very informative, but I think you should edit the formatting (unless you really styled it that way) and put code or PHP tags around specific blocks of code to make it look better. :)
commodore
Members
(24-07-2012, 02:01 PM)Reki Wrote: The content is very informative, but I think you should edit the formatting (unless you really styled it that way) and put code or PHP tags around specific blocks of code to make it look better. :)

I was considering integrating [code] tags, but at the time of writing, the theme was white and code blocks looked pretty shitty. ;) I'll change it soon.
CrossFold
Long time nixers
Nice HQ work commodore . I like how it is exactly to the point :D
D9u
Long time nixers
====> Nice! <====
BSD is what you get when a bunch of Unix hackers sit down to try to port a Unix system to the PC.
Linux is what you get when a bunch of PC hackers sit down and try to write a Unix system for the PC.
yrmt
Grey Hair Nixers
I think it could be interesting to add that you can add your gpg key to a keyserver like this:

gpg --send-keys `keyid`

So anyone can import your key with

gpg --search `email`

And that you can encrypt files with

gpg --clearsign `file`

You can also set up different trust levels for keys with

gpg --edit-key `keyid`

trust

enter a trust level from 1 to 5

save

quit