out of the box: cryptography

April 23 | 2012

secure email & file encryption

Why should a designer, other than a geek even bother about such complex things like encryption? Simple. Because no one would write sensitive data on a postcard or dare to transfer money in an envelope without worrying about it to be stolen somewhere. As drastic as it sounds, it describes almost any online communication how data is being transferred through cyberspace. This does not mean that everything should be encrypted from now on, but having privacy tools and a basic understanding about cryptography gives everyone the chance to make a choice about how private or/and secure given data can be handled. 

 

secure email & file encryption

the GNU privacy guard (GPG) is an open source cryptographic software. It can sign, encrypt and decrypt emails and files.

secure email & file encryption

in order to sign, encrypt/decrypt messages or files, a key chain with two keys is needed.. One is the public key, as the name implies, it is meant to be shared and exchanged. The 2nd key is the secret key, the one that is granting unlocks all features. It must be keept safe at all costs and never shared with anyone else. If someone steals it, the effort is worthless.

secure email & file encryption

a digital signature ensures that the messages or files have not been tempered with. GPG works with fingerprints, that are made from the key pair. They come in  shape of a unique combination of letters and numbers and are just as unique as a fingerprint in real life.  can be used to only to sign a document.

secure email & file encryption


to encrypt/decrypt a message, a sender/recipient must be specified.  The owner’s public key is being used as an identification, along with the secret key granting access.

secure email & file encryption

to identify others as a recipient or sender, all available public keys must be added to the GPG key chain, so it can be specified, where again the secret key granting the access in order to do so.

There are many front-ends that offer GPG support, but the easiest and fastest way to do it is, believe it or not, on the command line. It’s not as bad as it seems, the commands are logical and will help to understand how GPG works, which is important to understand before being used. A list of basic commands and instructions for everyday use along with a mini guide is up for the grabs.

no new insights yet

share yours...

* required | ** required and kept in secret, promise!