• No results found

Encrypting your Communications using PGP

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Encrypting your Communications using PGP"

Copied!
22
0
0

Loading.... (view fulltext now)

Download now ( 22 Page )

Full text

(1)

Encrypting your Email Communications using

PGP

(2)

If you are watching this tutorial as part of the conference

materials, the software is on a separate CD.

Alternately, you can obtain the software at the following URLs:

www.gpgtools.org (Mac)

www.gpg4win.org (Windows)

(3)

Safe Tax Strategy Strong PIN

Off Shore Stable Institutions Gold

Due Diligence

Insurance Trust

Diversification

Entities

(4)

Guard Dog Firearms Safe Neighborhood Martial Arts Situational Awareness Alarm System Eat Well Lifestyle Exercise Medical Checkup

(5)

Tor Linux PGP HTTPS Proxy Service Mac Versus PC Anti-Virus Strong Password Safe Email Provider

Firewall

TrueCrypt Jitsi

Off The Record Chat

Secure Cloud Storage One Time Password

Technical Expertise

(6)

Any and all of the above

There are many technologies, techniques and tools. Each is intended to address a different problem.

(7)

We will address the challenge of communicating privately via email using Public Key Encryption.

If you grasp the concept of how Public Key Encryption works, developing additional security practices become much simpler.

“Encryption works. Properly implemented strong crypto systems are

one of the few things that you can rely on.”

- Edward Snowden

(8)

VERY BRIEF primer on encryption as it applies to email

Configure your laptop and email software to send and receive encrypted email

Windows Mac

Outlook (2010) Apple Mail

(9)

Confidentiality – Preventing unwanted disclosure of

information

Integrity – Ensuring that content as well as identity

can be trusted.

Availability – Ensuring that data and systems are

available when expected.

(10)

Encryption is the process of encoding information so that only authorized parties can read it.

(11)

Shared Secret / Symmetric Key

Both the sender and the receiver use the same encryption key. Works very well, but it requires the sender and receiver to be able securely share the key ahead of time. That is a problem in the world of email.

Public Key / Private Key

A different key is used to decode than to encode a message. (Wait ... I’ll explain). This is what is used to encrypt email.

The enabling technology is commonly known as PGP or GPG

(12)

During setup, two keys are generated, a public key and a private key. The keys are mathematically related, but one cannot be

used to derive the other.

What is encrypted with one key can be decrypted with the other. What is encrypted with one key CANNOT be decrypted by itself.

So here is how it works ... The public key is distributed far and wide to any and all. The

private key is a closely guarded secret.

Public Keys are used to encrypt. Private Keys are used to decrypt

(13)

Make sure your recipient has PGP / GPG ... and knows how to use it! Make sure you have the recipient’s public key.

Type your message in your mail program and click encrypt.

Select the recipients Public Key to use for encryption and click Send

(14)

Assume you have my pubic key and that you know it belongs to me Assume that you know with a high degree of confidence that I have closely guarded my private key

I can “fingerprint” my message with my private key. Using my public key in your possession, you can verify the fingerprint.

Since the fingerprint is unique to my private key, you know the message came from me

What is Signing ?

Signing is the act of digitally certifying that an email you have sent did in fact come from you. It is comparable to the use of a signet and a seal.

(15)
(16)

Mac

PC

Run gpg4win on thumb drive

Under Choose Components, check all except

GpgOL

Claws-Mail

Complete Installation (May require reboot) Under Programs, confirm new folder

Ggp4Win and launch program Kleopatra

Run GPG Suite from directory Accept all default settings and install Close to finish installation

In Spotlight type and run GPG Keychain Access

Next - Create Keys ...

(17)

Mac

PC

In Kleopatra click File | New Certificate

Select Create a personal OpenPGP key pair

Enter name and email address. Under Comment, enter “private” or “work” Click Advanced Settings. Review and change as necessary (expiration date). Click Next and Create Key.

Enter passphrase and repeat. DO NOT FORGET. (I recommend a sentence). Click Finish

Launch GPG Keychain Access Click New

Enter name and email address. Open

Advanced Options in the Comment field, enter “private” or “work”

Set Expiration if desired. Leave other default settings. Click Generate Key Enter passphrase and repeat. DO NOT FORGET. (I recommend a sentence). Click Finish

Next - Configure Email ...

(18)

Outlook

Install Outlook GPG Plug-in - gpg40_setup.exe Accept default settings

Thunderbird

Install Thunderbird plug-in nameed Enigmail by clicking Tools | Add-ons and search for add-in Enigmail

Apple Mail

No configuration necessary

(Note This is trial software)

Next - Distribute Public Keys

(19)

Mac

PC

Open GPG Keychain Access

Right-click your key and hit Export

CLEAR THE BOX THAT SAYS Allow Secret Key Export (IMPORTANT)

Save the file to your desktop and email as an attachment to:

Open Kleopatra

Select your certificate and click Export Certificates

Save the file to your desktop and email as an attachment to:

You will receive an automatic response from

[email protected] with our Public Key attached. Save that file to your desktop immediately.

Distribute Public Keys

[email protected]

(20)

Remember: You need “my” public key to send me an encrypted email. My public key (that you received from my automatic response) is my “lock” that I send you. I have the key to unlock it. You need to put my public key in your “keychain”

Mac

PC

Open GPG Keychain Access Click Import and select the file saved on your desktop named caseyconfpublickey

Click Open

Open Kleopatra

Click Import Certificates and select the file saved on your

desktop named

caseyconfpublickey Click Open

(21)

Mac Apple Mail

PC Outlook

Launch Apple Mail

Click Compose New Message compose a test email to

caseyconference. [email protected]

Click the “lock” icon to make sure it is locked. Make sure there is a

checkmark in the “seal” icon.

Click Send. Enter your PGP pass phrase from earlier.

Launch Outlook. If asked for gpg4o settings, accept default.

compose a test email to caseyconference. [email protected]

Ensure there is a checkbox in both Encrypt and Sign.

Click Send. Enter your PGP pass phrase from earlier

We will respond with an encrypted and signed email from [email protected]

(22)

You encrypt a message with another party’s public key You decrypt a message with your own private key You sign a message with your own private key

You verify a signature with another party’s public key

Does the whole email get encrypted? NO What if I want to encrypt to many recipients? How about GMail via a browser?

What if I lose my key or my computer crashes? iPad / iPhone: openGP and iPGMail

References

Download now ( PDF - 22 Page - 408.44 KB )

Related documents