Pretty Good Privacy with GnuPG



Similar documents
Signing and Encryption with GnuPG

Signing and Encryption with GnuPG

Encrypting with KMail, Mozilla Thunderbird, and Evolution LOCK AND KEY BY FRAUKE OSTER

Tutorial: Encrypted with Thunderbird and Enigmail. Author: Shashank Areguli. Published: Ed (August 9, 2014)

Networks & Security Course. Web of Trust and Network Forensics

Getting started with IMAP for Aggi What is IMAP?

Create Mail Profiles for Gmail, Yahoo or Hotmail Accounts for Outlook Windows

Published : License : None

HW/Lab 1: Security with PGP, and Crypto CS 336/536: Computer Network Security DUE 09/28/2015 (11am)

GPG installation and configuration

GPG Tutorial. 1 Introduction. 2 Creating a signing and encryption keys. 3 Generating a revocation certicate. Andreas Hirt July 12, 2009

THUNDERBIRD SETUP (STEP-BY-STEP)

The KGpg Handbook. Jean-Baptiste Mardelle Rolf Eike Beer

Gold Lock Desktop. User Manual. Follow these simple steps to install, configure, and use Gold Lock Desktop.

GPG - GNU Privacy Guard

How To Send Mail From A Macbook Access To A Pc Or Ipad With A Password Protected Address (Monroe Access) On A Pc (For Macbook) Or Ipa (For Ipa) On Pc Or Macbook (For

Configuring Outlook 2010 for Windows

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Encrypting your Communications using PGP

GETTING STARTED SECURE FILE TRANSFER PROCEDURES A. Secure File Transfer Protocol (SFTP) Procedures

e- storage Mail Archive

C R E A T E D O N 8 / 2 2 / MCALLISTER SOFTWARE SYSTEMS. AVImark Software Support. S e t u p

Set up Outlook for your new student e mail with IMAP/POP3 settings

isecur User Guide for iphone

Ubuntu Open PGP IMPLEMENTATION. Dr. ENİS KARAARSLAN 2014

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on. User Information

The basic groups of components are described below. Fig X- 1 shows the relationship between components on a network.

How To Encrypt A Traveltrax Report On Gpg On A Pc Or Mac Or Mac (For A Free Download) On A Thumbdrive Or Ipad Or Ipa (For Free) On Pc Or Ipo (For An Ipo)

Outlook Express. Make Changes in Red: Open up Outlook Express. From the Menu Bar. Tools to Accounts - Click on Mail Tab.

After you've enabled POP/IMAP access in i.mail, you need to configure your client to download i.mail messages.

ENCRYPTION ENCRYPTION A BLACK PAPER HOW TO SECURE YOUR S FOR FREE WITH THE STRONGEST ENCRYPTION IN THE WORLD A BLACK PAPER

How to Setup Privacy Guard Encryption.

Receiving Secure from Citi For External Customers and Business Partners

Biography of Trainer. Education. Experience. Summary. TLS/SSL : Securing your website PGP : Secure your communication. Topic

How to use PGP Encryption with iscribe

LiteCommerce Advanced Security Module. Version 2.8

Android: Configure IMAP/POP/SMTP

Secure Part II Due Date: Sept 27 Points: 25 Points

Sending an Encrypted/Unencrypted Message. Let's Begin: Log In and Set Up Security Questions. Create Additional ProMailSource Accounts:

CLIENT DATABASE SECURITY

An Introduction to Secure . Presented by: Addam Schroll IT Security & Privacy Analyst

Setting up and controlling

Configuring Outlook 2016 for Windows

UNI - WINDOWS. How to... Access your University on your Windows Computer. Introduction. Step 1/1 - Setting Up Your Windows Computer

1 Login to your CSUF student account and click on the Settings icon ( ) at the far right.

Initial Setup of Microsoft Outlook 2011 with IMAP for OS X Lion

Move Your to AT&T Website Solutions

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Transitioning Your School Account

Secure Frequently Asked Questions

ing from The E2 Shop System address Server Name Server Port, Encryption Protocol, Encryption Type, SMTP User ID SMTP Password

Configure Outlook 2007 for Brandeis Gmail

Initial Setup of Mozilla Thunderbird with IMAP for Windows 7

Exam Papers Encryption Project PGP Universal Server Trial Progress Report

USING YOUR GMAIL ACCOUNT FOR SCRUBBING YOUR REGULAR OF SPAM Beginners Kaffee Klatch Presented by Bill Wilkinson

Using Your PGP Tool to Update Your Address Settings for Encrypted Messaging

Initial Setup of Mozilla Thunderbird with IMAP for OS X Lion

New Mexico State University

Set Up Setup with Microsoft Outlook 2007 using POP3

Setting up CatMail on Outlook 2010

File and encryption with GPG4win & Enigmail

3. On the Accounts wizard window, select Add a new account, and then click Next.

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

Setting Up . on Your Touch by HTC

The Case For Secure

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Clearswift Information Governance

Introduction to Cryptography

How To Access Your Cpa.Com From Your Computer Or A Mobile Phone Or Ipad (For A Free Download) Without Having To Use A Webmail Account

Configuring Your Client: Eudora 5.x

Internet Programming. Security

Configuring, Customizing, and Troubleshooting Outlook Express

Using Outlook with SaderApps

BlackBerry Internet Service. Version: User Guide

Public Key Infrastructure (PKI)

How To Encrypt Data With Encryption

THUNDERBIRD WORKBOOK

Set Up Your . HTC Touch Pro.

Overview Keys. Overview

ireadsmime User Guide For iphone, ipad, and ipod Touch

Ciphire Mail. Abstract

GPG4win / Kleopatra Documentation. Secure file and encryption by using GnuPG for Windows

PrivaSphere Gateway Certificate Authority (GW CA)

How To Protect Your From Being Hacked On A Pc Or Mac Or Ipa From Being Stolen On A Network (For A Free Download) On A Computer Or Ipo (For Free) On Your Pc Or Ipom (For An Ipo

Getting the most from Apple Mail

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

How to setup your iphone client

Cornerstones of Security

Patriots Outlook Configuration

How to Set Up Your. Account

Sync Security and Privacy Brief

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

gpg4o Manual Version 3.0

Transcription:

Pretty Good Privacy with GnuPG Steve Revilak Cabot House Sep. 24, 2013 1 / 16

Encryption and Signing Encryption The purpose is to ensure that a message is readable only by someone possessing a specific key. Signing Guarantees that a message was sent by someone with a specific key (and wasn t altered after sending). (Here I m using the term message in a very generic sense it could be email, a file, or any arbitrary piece of data). Leap of faith: You need some level of trust that a particular key belongs to a particular person. 2 / 16

Public vs Private Keys Keys exist as a pair: There s a public key. You share this with everyone. There s a private key (also called a secret key). This is a closely guarded secret. During encryption, the sender encrypts the message with the recipient s public key. The recipient uses their private key to decrypt the message. During signing, the sender signs the message with their private key. The signature can be verified by anyone with the corresponding public key. 3 / 16

Goals for this workshop Generate a keypair Upload your public key to a keyserver Download my public key. Set up your mail program to send and receive signed and encrypted email. (Mail program = Mail User Agent, or MUA) Send me a signed and encrypted message. (I should be able to decrypt your message, and verify your signature.) Let me sent you a signed and encrypted message. (You should be able to decrypt my message and verify my signature.) 4 / 16

Generating a Keypair We can do these things with GUI tools. I m including command-line equivalents for reference. Generate Key. gpg --gen-key Choose RSA, RSA. Use the longest key possible. Upload Key. gpg --send-key KEYID Download my key. gpg --search steve@srevilak.net OR gpg --recv-key 28C2A300 5 / 16

Mail Client Basics Sending: You ll use a protocol called SMTP, or Simple Mail Transfer Protocol. Receiving: Two options: IMAP (Internet Mail Access Protocol), or POP (Post Office Protocol) IMAP stores all messages on your ESP s mail server. You can move them to local folders, but you have to do this explicitly. POP downloads mail from your ESP s mail server. By default, the server copy is deleted; you can also configure your mail client to leave it on the server. If you have a lot of mail on the server, the initial synchronization might take a while, especial with POP. 6 / 16

Configuring your MUA (GMail) GMail: Enable IMAP or POP in Gmail s web interface. Sending: smtp.gmail.com, port 587, use SSL Receiving: imap.gmail.com, port 993, use SSL; OR pop.gmail.com, port 995, use SSL https://support.google.com/mail/troubleshooter/ 1668960?hl=en&ref_topic=1669040 7 / 16

Configuring your MUA (Hotmail) Hotmail: Enable POP/IMAP in outlook.com s web interface Sending: smtp-mail.outlook.com, port 587, use TLS Receiving: imap-mail.outlook.com, Port 993, use SSL; OR pop-mail.outlook.com, port 995, SSL http://windows.microsoft.com/en-us/windows/ outlook/send-receive-from-app 8 / 16

Configuring your MUA (Yahoo) Yahoo: POP is only available for Yahoo Plus Accounts Sending: smtp.mail.yahoo.com, port 587, use SSL Receving: pop.mail.yahoo.com, port 995, use SSL; OR imap.mail.yahoo.com, port 993, use SSL http://help.yahoo.com/kb/index?page=content&y= PROD_MAIL_ML&locale=en_US&id=SLN4075 9 / 16

Sending and receiving mail We ll take this one step at a time. Send me a signed and encrypted message. Open your Sent Mail folder. Make sure that you can read the encrypted message you sent! I ll respond. Work on downloading, decrypting, and reading my message. Be sure to verify the signature. 10 / 16

Trusting and Signing Keys (1) How do you verify that a given key belongs to a given person? You check the fingerprint. Here s mine: gpg --fingerprint 28C2A300... Key fingerprint = 6F09 15FF 59CE E093 56F4 BEEC E772 7C56 28C2 A300 If the fingerprint matches, you ve got the right key. 11 / 16

Trusting and Signing Keys (2) Once you trust a key, sign it. gpg --sign-key 28C2A300 OR gpg --lsign-key 28C2A300 lsign is a local signature; it s only visible to you. To distribute a non-local (aka exportable ) signature: Send it to a key server: gpg --send-key 28C2A300 Export the key (containing your signature), and send it to the key holder. gpg -a --export 28C2A300 > signed-key.asc The key holder will gpg --import signed-key.asc to import your signature. 12 / 16

Revocation Certificates What if (say) your laptop is stolen, and you lose your private key? You revoke it. Generate a revocation certificate gpg -a --gen-revoke KEYID > pgp-revoke.asc Uploading the revocation certificate cancels your key. Note: you cannot generate a revocation certificate without a private key! Keep the revocation certificate in a safe place. 13 / 16

Backing up your keys If you lose your private key, you won t be able to decrypt messages. Lost private keys cannot be recovered! Backup your private key gpg -a --export-secret-keys KEYID > private-key.asc Store a copy of private-key.asc in a safe place. For example, keep electronic and printed copies in a safe deposit box. 14 / 16

Wrap Up PGP can protect your privacy through encryption. PGP can provide non-repudiation through signatures. PGP is something that you can (and IMHO, should) use every day. My favorite reason for using PGP: because I can! GnuPG is a free software implementation of a public standard. Remember: it s hard to backdoor software when the source code is public. 15 / 16

Resources GnuPG: http://gnupg.org/ GPG4win: http://www.gpg4win.org/ GPG Tools: http://gpgtools.org/ Riseup.net s Best practices for OpenPGP: https://we.riseup.net/riseuplabs+paow/ openpgp-best-practices Cryptoparty handbook: https://www.cryptoparty.in/documentation/handbook Surveillance Self-Defense: https://ssd.eff.org/ 16 / 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information