|
||||
Featured Articles           Today I discovered how to validate the Public Key Algorithm that’s used for a given gpg key. Unfortunately, it’s extremely unintuitive & took quite a bit of digging to figure out how. So I’m leaving this here in hopes it helps someone in their future searches. Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael This post attempts to answer the following question: If an evesdropper intercepts a message encrypted with gpg, how much information will they be able to extract from the message without a decryption key? I will show the unencrypted metadata added to a GPG-encypted message, and I will present commands that can be used to extract this unencrypted metadata. Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael I came back from my “cross-country bicycle trip”:http://1guy2biketrips.michaelaltfield.net to discover I could no longer send signed email because my key expired! I’ve also changed colleges from “SPSU”:http://www.spsu.edu/ to “UCF”:http://www.ucf.edu, and my old college is expiring my email address, so here’s what I need to do: # Extend my key’s expiration another year # Add new email address to subkey # Save updates to key # Export a new public key Background Information GPG “GPG (GNU Privacy Guard)”:http://www.gnupg.org/ (used here) is a popular, cross-platform implementation of “OpenPGP (Pretty Good Privacy)”:http://en.wikipedia.org/wiki/Pretty_Good_Privacy defined in “RFC 4880”:http://tools.ietf.org/html/rfc4880. OpenPGP outlines a standard, open message format for maintaining the “confidentiality”:http://en.wikipedia.org/wiki/Information_security#Confidentiality and “integrity”:http://en.wikipedia.org/wiki/Information_security#Integrity of electronic messages. Why Subkeys? “Public Key Cryptography”:http://en.wikipedia.org/wiki/Public-key_cryptography is long, complicated, and well outside the scope of this post. However, one thing I never fully understood was the functional purpose of subkeys. Thankfully, “the GPG documentation”:http://www.gnupg.org/gph/en/manual.html is excellent. So, there’s 2 major things I want to accomplish by using GPG with my email # Confidentiality through encryption # Integrity through signatures The designers of PGP viewed the signature role as indefinitely important while the encryption role as dynamic overtime. Therefore, when we first generate a keypair, 2 keys are created: 1 primary key for 
I recently reformatted my hard drive–switching from pure Gentoo to the Sabayon fork. Sabayon did for Gentoo what Ubuntu did for Debian. It’s generally a lot easier to use, but–unlike Ubuntu–it doesn’t sacrifice functionality for ease-of-use. Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael I went to send an email the other day and I was halted when I discovered that my key had expired. I can’t believe that I’ve been using GPG for 6 months, but the time had come to generate a new keypair. This post outlines the process to gererate a new keypair once your old keypair has expired. Michael Altfield Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡ About Michael |
|
|||
|
Copyright © 2024 Michael Altfield's Tech Blog - All Rights Reserved Powered by WordPress & Atahualpa |
||||
