Introduction
Cryptography may help to enforce both information security and the right to privacy. Unfortunately, most of computer users do not value those things, and even if they do not mind using encryption (which becomes more trendy nowadays, since all that mass surveilance is confirmed and is not a conspiracy theory anymore; though a teapot integration would still be picked over both privacy and security by most users), it appears to be hard for them to set everything up. Here is an attempt to explain the basics to the newbie computer users.
Basic rules
- Encryption software should be reviewed by multiple security experts and users in order to be more or less trustworthy, hence:
- Proprietary software is a security distaster, and proprietary encryption software is even more so.
- Web-based encryption is almost as bad as proprietary software.
- Popular and commonly used software and algorithms are generally more reliable than custom software and algorithms. But do not confuse trendy and actively marketed things with serious ones.
- Pretty much everything that is secure and available to a regular user is also free.
- In many cases you would want end-to-end encryption.
- There is symmetric cryptography, where messages are encrypted and decrypted with the same key, and asymmetric (public-key) cryptography, where two different keys are used for those purposes. We will mostly focus on the latter here.
- “Schneier’s Law”: “Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can’t break.”
Warning
If your concern is privacy, it is recommended to take a look at OTR and Tor instead.
GPG
The GNU Privacy Guard is a rather useful encryption tool: it can be used to encrypt and/or to sign mail (and mail clients usually can invoke it automatically; OpenPGP, which it implements, is a standard way to encrypt mail, by the way), files, or any other kinds of messages. It is well-documented, and there are man gpg and info gpg, but let’s highlight a few of the common tasks.
There are various wrappers, including graphical ones, but we will focus on the primary console tool: it is simple enough, and, well, it is the primary tool. It might be a little easier to use with a single key, or at least a default one, but we will aim multiple keys, using ”The Asocial“ as a user name, and setting it explicitly whenever appropriate.
Getting started
Once you have GPG installed, you will need a key pair – a public key to share, and a private (or “secret”) key to keep for yourself: gpg --gen-key. It will ask a few questions, but it is fine to use default values if not sure what those mean.
To list the existing keys, there are gpg --list-public-keys and gpg --list-secret-keys commands.
Encrypting and decrypting messages
Let’s encrypt the first message now: we only need a recipient public key for that, but will write it to ourselves (so we have it already). One way to do that is gpg --encrypt --armor --recipient 'The Asocial' (--armor stands for “ASCII armor”, as opposed to binary data, so you can copy and paste it easily and virtually anywhere): type a message, hit C-d (Ctrl + D, EOT, end of transmission), and that’s it – the output is an encrypted message.
To decrypt the message, you will need the corresponding private key, and the command is simply gpg (or gpg --decrypt) – after pasting an encrypted message there and hitting C-d, it should show us the original message.
Key export and import
To enable someone to set us as an encrypted message recipient, we should share our public key with them. Be careful to not expose your private key here! But that’s pretty simple, too: gpg --armor --export 'The Asocial' (or gpg -o key.asc --export 'The Asocial' to write it into a binary file).
To import a key, either gpg --import and paste it there, or gpg --import key.asc. Or just gpg to check it.
Later you can publish your keys on a key server, so that others can retrieve the key rather securely (though it is a bigger problem than it may seem to exchange the keys securely), finding it simply by name or email.
Signing and verifying messages
Now you can exchange encrypted messages, but there is one important thing left: you can not be sure who sent you a message when you receive one – even if it is encrypted, that could be anyone who knows your public key (and, since it is public, normally you wouldn’t hide it). To sign a message, one basically encrypts it (or, rather, its hash, sometimes together with date and other metadata) with a private key, so others can try to decrypt it with the public key – and to see whether the corresponding private key belongs to the right person or not.
In order to sign a message with GnuPG, you do something like gpg --armor --clearsign --local-user 'The Asocial', and then as usual – writing a message, hitting C-d. To verify, just gpg (or gpg --verify), and paste the message there.
Now you can sign, encrypt, sign and then encrypt, encrypt and then sign, and even sign and/or encrypt messages and files with multiple keys!
More on GPG
As mentioned above, there is good documentation, as well as man and info pages; various cheat sheets can easily be found, too.
If you are curious how it works, there is a good explanation of one of the core algorithms, RSA, in Wikipedia, and there are good introductory books, such as Schneier’s famous Applied Cryptography.
Related software
Any decent mail client would support GPG, and most of GNU/Linux distributions are shipped with both GPG and some kind of a graphical wrapper to manage keys, and probably to work with GPG in other ways. So, just look around in your system, and chances are that it is already there.