You are not logged in.
Pages: 1
I've heard a few things about it here and there, but what are some practical uses for it? I searched the forums and wiki for it first, and didn't really find anything insightful.
Offline
Practical uses?
- symmetric and public key encryption of emails/jabber/files/...anything
- create/verify digital signatures and message digests
...
In short: you can make sure nobody reads stuff you don't want to get read and you can verify that stuff from others is genuine
1000
Offline
So I could do something like encrypt a text file with GPG using my own key, and only people with the key would get access to it?
Offline
That would be symmetric encryption. Think of normal passwords; you make up a phrase and somehow you'd have to tell it (securely) every recipient of your crypted message, else they couldn't decrypt it.
The thing with public key encryption is that you have keypairs which are connected to persons. Once you have verified (that's what 'fingerprints' are for) that the other persons public key really belongs to him, you can send each other encrypted messages/files without having to exchange passwords 'out-of-band'.
There's a public key part that you can publish freely - other people use it to encrypt messages to you.
And there's the private key part which is protected with a passphrase - that is to decrypt messages or to sign something as proof it's really coming from you.
http://en.wikipedia.org/wiki/GNU_Privacy_Guard
http://en.wikipedia.org/wiki/Public-key_cryptography
1000
Offline
Hmm.. I read the wikipedia pages and I know slightly more, but wikipedia is painfully inefficient at teaching new things to people. How can I get started once I install it?
EDIT: Wow, the manpage is long and confusing, too. o_o;
Last edited by xelados (2008-12-23 12:46:52)
Offline
Try the gpa package if you are a GTK+ user. KDE has a package for dealing with that kind of stuff too but dont remember its name.
There shouldn't be any reason to learn more editor types than emacs or vi -- mg (1)
[You learn that sarcasm does not often work well in international forums. That is why we avoid it. -- ewaller (arch linux forum moderator)
Offline
When I decided I should use GnuPG, google found me some very useful guides.
Online
By command line you can encrypt or decrypt text files, decrypt can go to std out or a file.
A better option my be a gnupg.vim for vim or emacs. In emacs gnupg support is built into cvs version, in 22 you might need to install easypg. This will allow access and ability to edit and are both careful about not writing any tempory files unencrypted.
Offline
KDE has a package for dealing with that kind of stuff too but dont remember its name.
Do you mean Kgpg?
Registed Linux User 608596
Offline
dolby wrote:KDE has a package for dealing with that kind of stuff too but dont remember its name.
Do you mean Kgpg?
Who would have guessed?
Online
The thing with public key encryption is that you have keypairs which are connected to persons. Once you have verified (that's what 'fingerprints' are for) that the other persons public key really belongs to him, you can send each other encrypted messages/files without having to exchange passwords 'out-of-band'.
There's a public key part that you can publish freely - other people use it to encrypt messages to you.
And there's the private key part which is protected with a passphrase - that is to decrypt messages or to sign something as proof it's really coming from you.http://en.wikipedia.org/wiki/GNU_Privacy_Guard
http://en.wikipedia.org/wiki/Public-key_cryptography
Be carefull with "verifying" the keys, you need a CA (certification authority) worth your trust to *really* verify a public key.
Just to point it out, gnupg is an open implementation of the PrettyGoodPrivacy standard which works almost exactly as the RSA encryption mechanism.
If anybody needs more detailed information, I'll be more than glad to help
Damnshock
My blog: blog.marcdeop.com
Jabber ID: damnshock@jabber.org
Offline
And its illegal in the states, no?
There shouldn't be any reason to learn more editor types than emacs or vi -- mg (1)
[You learn that sarcasm does not often work well in international forums. That is why we avoid it. -- ewaller (arch linux forum moderator)
Offline
Huh, illegal? No. The times when strong crypto (>56 bit symmetric; ridiculously low by today's standards) was under the same export restrictions as weapons or munitions are long over and there are no patent issues either.
Last edited by byte (2008-12-23 19:29:16)
1000
Offline
I belive dalby's idea is that RSA was patented (wich expired a few years ago...2002?) and, therefore, you had to pay to use the RSA encryption algorithm.
And the symmetric encription byte is mentioning is simple DES wich has 64 bits, only 56 are actually used though. Nowadays, banks and others use triple DES which has 112 bits and is MUCH more solid than simple DES is.
Do you know that the only attack you can do against a DES encryption is by force? that's the reason why it *seems* so solid ( not the simple DES, 56 bits are too few). I say "seems" because nobody has proven why DES is valid, there's simply not enough knowledge about it: it just works.
As far as I know, you cannot use pgp in France where it's illegal ( I'm not 100% sure, I might be mistaken).
God, I'm losing myself here... sorry for the offtopic
My blog: blog.marcdeop.com
Jabber ID: damnshock@jabber.org
Offline
there is also Kleopatra
If people do not believe that mathematics is simple, it is only because they do not realize how complicated life is.
Simplicity is the ultimate sophistication.
Offline
Pages: 1