Information Security

Using GPG to password-encrypt files

In addition to public key encryption, GPG can also be used to password encrypt files. This doesn’t use public/private key encryption but uses symmetric key ciphers like AES or CAST.  This can be useful when you simply need to use a shared secret to encrypt or decrypt a file or if you are encrypting a file to yourself for safekeeping.

Wikimedia Commons
Enigma Machine – Flickr Simon Claessen CC-BY

OpenSSL is cool and all but don’t use it to encrypt information in-situ. It’s a bad idea. OpenSSL is good for generating TLS certificates. It wasn’t intended for file encryption.

To encrypt a file named message.txt:

Continue reading “Using GPG to password-encrypt files”

Advertisements
Information Security

Electronic Mail Encryption

Electronic mails need to be encrypted if you need true privacy when communicating. Encryption is the most practical and effective way of fighting surveillance and privacy violations by the state or any malicious actors like intelligence agencies (unwarranted eavesdropping) and black-hat crackers.

Electronic Mail Encryption can be done using the open implementation of Pretty Good Privacy (PGP, written by Phil Zimmermann) called GNU Privacy Guard (GPG) authored by Werner Koch and others.

gpg

Creating a public key pair:

A public key pair is a pair of keys: A public key and a private key. As the name makes it obvious, you keep the private key to yourself and give out the public key. You can create a key pair like so:
Continue reading “Electronic Mail Encryption”