270 likes | 452 Views
Crypto Party ATX. Shameless self-promotion. Visit us at https://CryptoPartyATX.org Step-by-step guides on how to encrypt your emails, text messages, files and folders Guides to maintaining your privacy by choosing stronger passwords and securely deleting data Info on upcoming parties
E N D
Crypto Party ATX Shameless self-promotion • Visit us at https://CryptoPartyATX.org • Step-by-step guides on how to encrypt your emails, text messages, files and folders • Guides to maintaining your privacy by choosing stronger passwords and securely deleting data • Info on upcoming parties • Need help? Email plexiglass@riseup.net • Please contribute! • Let us know if you have any questions; chances are someone else has those questions, too. If we know where it’s unclear, we can make those parts better. • Can you do it better? Let us know how, or do it yourself and send it to us!
Tonight’s Topic: Email Encryption • Basics of Encryption in General • Definition and Examples • Keys and Key Pairs • What Email Encryption does and does not do • How to set up Email Encryption • Questions?
Encryption An Introduction
What is Encryption? • Encryption is a means of putting text (or any computer data) into a secret code, so only the intended person can read it. • A cipheror algorithm is the set of rules or instructions that shows how to write a message using the secret code. • Historical examples: Caesar’s Cipher, Enigma Machine, PGP • Commonly substitution and/or transposition • Substitution: switching particular characters for others • Transposition: moving characters around using set rules • Keys – essentially just long passwords, but they also help determine how text is substituted and transformed
Substitution Examples Substitution is the process of switching letters with other letters in a specific way, so the letters can be un-switched later if the reader knows how they were switched, or if the reader can figure out how they were switched. Reverse-Alphabet ABCDEFGHIJKLMNOPQRSTUVWXYZ ZYXWVUTSRQPONMLKJIHGFEDCBA • The message “HOWDY” is written “SLDWB” Caesar’s Cipher – Shift letters 3 spaces ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC • The message “HOWDY” is written “KRZGB”
Transposition Examples Transposition is the process of changing the text in a specific way, so that it can be un-changed later if the reader knows how it was changed, or if someone can figure out how it changed. Reverse characters MEET US AT THE NEXT CRYPTO PARTY YTRAP OTPYRC TXEN EHT TA SU TEEM Alternate characters MEET_USAT_THE_NEXTCRYPTO_PARTY ME_SA_H_ETCYT_ATETU TTENX RPOPRY
A step further…keys Same message to two parties coded the same way Think about Caesar’s cipher. If he always used the same +3 transposition, then anyone who figured it out or learned it would be able to read all of his coded messages. We need some way to change the code when we need to, and fortunately we have one. This is by adding a key or passwordto the mix. In a simple way, Caesar’s cipher could be improved by changing how much is added to each letter. Instead of using the same key of 3 every time, we could use the key 4 for one person, and the key 5 for another. We’re still following the same method of adding to the letter positions (i.e., the same cipher), but now we can do it differently for different people. Message Message +3 +3 Phvvdjh Same message to two parties w/ different passwords Message Message +4 +5 Qiwweki Rjxxflj
Keys Keys, along with a cipher, are used to encrypt messages (“plain text”) and/or decrypt coded text (“cipher text”). A key could be as simple as a digit or password, or as complicated as a PGP key. • Keys make it more difficult to decrypt the coded message by changing the rules for how things are encoded or decoded. • Example: Enigma Machine • Sometimes there are two keys –one to lock and another to unlock: • Private Keys(or Secret Keys) such as passwords are used to decode messages. Never share a Private Key with anyone you don’t want to read your coded messages. • Public Keys are used to encode messages. There is generally no harm in giving out a Public Key.
Single Keys (Symmetric Encryption) Some types of encryption use a single key such as a password. For example, if you encrypt a message with the password “dog”, you would use the password “dog” to decrypt it as well. To send a coded message, you will have to tell someone the key and hope that no one else finds out. If a cipher uses the same key to put something into code as it does to take it back out, then the cipher is said to be symmetric. Message Password Secret Code Symmetric Encryption The same password works in both directions Message Password Secret Code
Key Pairs (Asymmetric Encryption) Some ciphers use a different key to encrypt a message than to decrypt it. For example, you might encrypt a message with the password “dog”, but to read the message you would need the password “cat”. • If a cipher uses one key to put something into code and a different key to take it back out, then the cipher is said to be asymmetric. In practice, both keys are created at the same time, and form a key pair. The keys in a key pair only work with each other, so any message encrypted with a one key of the pair can only be decrypted by the other key of the same key pair. Message Key 1 Secret Code Asymmetric Encryption One key is used to encrypt the message, but a completely different key is used to decrypt the message. - Key Pair Message Key 2 Secret Code
The Advantage of Key Pairs Advantage: Anyone can encrypt a message for you, but only you can decrypt it. If you have a pair of keys that each work in only one direction, then you only need to keep one key secret. The one you keep secret is called the Private Key. The Private Key is used only to decrypt messages*, and it is the only key that can decrypt those messages. The Public Key is used only to encrypt messages. This means you can give it out to anyone, since the only thing someone could do with it is encrypt a message. Because the key is part of a pair, if someone encrypts a message using your Public Key, then only you can decrypt the message because only you have the Private Key. Message Public Key Secret Code A Public Key is used to encrypt a message. A Private Key is used to decrypt a message. - Key Pair Message Private Key Secret Code
Summary Symmetric Encryption (with Single Keys) Asymmetric Encryption (Key Pairs) Different keys are used to put a message in or to take a message out of code. The Public Key can be shared with anyone, so anyone can send you a message. The Private Key is never shared, so only you can read the messages. • Same key is used to put a message in code and to take it back out of code. • Somehow the key must be shared with the recipient without sharing it with snoops.
Key Pairs for Email Encryption If I have explained this well, you can hopefully already see why we use Key Pairs for encrypting email messages. Here’s a quick summary: • You do not always have a secure way to contact someone. If you only contact someone through email, how could you tell them a password? If you emailed a symmetric password, you might as well not have one, since anyone monitoring the email could see the password and use it just as easily as the intended recipient could. • You want to be the only person who can decrypt the message. If you tell anyone a password, there is some chance of them sharing it with someone else. Having one password to encrypt a message and a different password to decrypt it means that you never have to share the password that “unlocks” the messages, but you can tell anyone the password to “lock” a message. There’s no harm in more people finding out how to send a message that only you can read.
Purpose of Email Encryption What it does, and what it does not
How Private is Email? • Would you want to use postcards for nearly every message you send? (You do.) • When you send a postcard, anyone who handles it along the way could look down and read the message. Sometimes it doesn’t matter, but I would not want to send every letter this way. Sometimes I want only the recipient to be able to read the message. • When you send an email, it’s just about as private as a postcard. Instead of being handed from person to person and sent by truck, however, emails are passed from server to server until they end up at the destination. But like it is with postcards, any server involved in transmitting the message could also read or store the whole message. • With email, the following parties could possibly read the message as it goes by: • Anyone on the same open or wired network, unless using SSL • Your Internet Service Provider (ISP) (e.g., TWC, ATT, Grande, etc.), unless using SSL • Your email provider (e.g., Gmail, Yahoo, Hotmail, etc.) • Your contact’s email provider • Your contact’s Internet Service Provider (ISP) • Your contact • AND…anyone with access to the data of any person or company above
Making Postcards More Private Normal Email Message: Message and Metadata visible Encrypted Email Message: Only metadata visible
What Email Encryption Does • Email Encryption will allow you to put the content of a message into code. • When you encrypt the message using your contact’s Public Key, only your contact will be able to decrypt it; they are the only one with the Private Key of the same pair. • If a contact sends you a message encrypted with your Public Key, only you have the right Private key to decrypt it.
What Email Encryption Doesn’t • Email Encryption will not hide the fact that you sent a message • It will not hide your email address or your contact’s email address. • It will not hide the date or time the message was sent. • It will not hide the Subject line of your message. • Any snoops will be able to see whom the message was sent from and to, when it was sent, the subject line, and possibly the IP from which the message was sent. But they will not be able to read the message.
Setting Up Email Encryption Putting theory into practice
Email Encryption in General Here’s how we go about using Key Pairs in Email Encryption: • Install an Email Program that supports PGP encryption • Install a Key Manager program to keep track of our own Key Pairs and our contacts’ Public Keys. • Create a Key Pair. • Install an Add-On to the Email Program to let it work with our Key Manager • Use a contact’s Public Key to send them a message. Use our own Private Key to read a message from our contact.
Email Program - Thunderbird https://www.mozilla.org/en-US/thunderbird/ • Thunderbird is an open source email program from Mozilla, the makers of Firefox. It is available for Windows, OS X, and Linux. • Download and install Thunderbird, then follow the on-screen steps to add your current email account.
GPG / Key Manager Program http://www.gpg4win.org/ • GNU Privacy Assistant (Windows) • GPA is a key manager included in the the GPG4Win package. GPG4Win is an open-source package implementing many of the features of GPG on Windows systems. https://gpgtools.org/ • GPG Keychain Access (OS X) • GPG Keychain Access is the key manager included in the GPGTools’ GPGSuite package. GPGSuite is an open-source package implementing many of the features of GPG on OS X systems.
Creating a Key Pair • First, download and install the key manager program for your operating system. • WINDOWS USERS: Please be sure to select the checkbox next to GPA when installing gpg4win • Next, find and click “New Key” or something similar. • Fill out the requested information and set a password. • You now have a key a pair – a private key to decrypt messages and a public key so people can send you messages
Thunderbird Add-on: Engimail https://www.enigmail.net/ • Enigmail is a Thunderbird Add-on that works with your key manager program. • Go to the Add-ons section in Thunderbird and search for Enigmail. Install the Add-on and restart Thunderbird. • Check the OpenPGP Security settings in the Account Settings menu to make sure it uses the correct Private Key and encrypts your messages by default (if desired).
Sending an Encrypted Message • First you will need someone else’s public key. If you don’t know anyone with a public key, you can download mine from our website (or from a keyserver): https://cryptopartyatx.org/content/FE0E7924.asc • Save your contact’s public key to a file, and click Import to import it to your Key Manager program (GPA or GPG Keychain Access) • Press the “Write” button in Thunderbird and compose an email. (If you’re using my Public Key, send the email to plexiglass@riseup.net) • Click the lock icon in the bottom right to activate it. When you send the message, it will be automatically be encrypted with the Public Key of the recipient (as long as you imported that key into your key manager program already).
Receiving an Encrypted Message • If someone uses your Public Key to encrypt a message, then you will use your Private Key to decrypt it. • The process is nearly automatic. When you get an encrypted email, as soon as you try to read it you will be asked for a password. Type the password you used when you made your key pair.