Featured Articles

Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Crowdfunding on Crowd Supply (Review of my experience)
Introducing BusKill: A Kill Cord for your Laptop
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
Hardening Guide for phpList
Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
WordPress Multisite on the Darknet (Mercator .onion alias)
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Detecting (Malicious) Unicode in GitHub PRs
previous arrow
next arrow

How to check the Public Key Algorithm used for a given gpg key (ie: RSA vs DSA)

Today I discovered how to validate the Public Key Algorithm that's used for a given gpg key. Unfortunately, it's extremely unintuitive & took quite a bit of digging to figure out how. So I'm leaving this here in hopes it helps someone in their future searches.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: How to check the Public Key Algorithm used for a given gpg key (ie: RSA vs DSA)

Eavesdropping Analysis of PGP Metadata

This post attempts to answer the following question: If an evesdropper intercepts a message encrypted with gpg, how much information will they be able to extract from the message without a decryption key?

I will show the unencrypted metadata added to a GPG-encypted message, and I will present commands that can be used to extract this unencrypted metadata.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Eavesdropping Analysis of PGP Metadata

Extend GPG Key Expiration

I came back from my "cross-country bicycle trip":http://1guy2biketrips.michaelaltfield.net to discover I could no longer send signed email because my key expired! I've also changed colleges from "SPSU":http://www.spsu.edu/ to "UCF":http://www.ucf.edu, and my old college is expiring my email address, so here's what I need to do:

# Extend my key's expiration another year # Add new email address to subkey # Save updates to key # Export a new public key

Background Information GPG

"GPG (GNU Privacy Guard)":http://www.gnupg.org/ (used here) is a popular, cross-platform implementation of "OpenPGP (Pretty Good Privacy)":http://en.wikipedia.org/wiki/Pretty_Good_Privacy defined in "RFC 4880":http://tools.ietf.org/html/rfc4880. OpenPGP outlines a standard, open message format for maintaining the "confidentiality":http://en.wikipedia.org/wiki/Information_security#Confidentiality and "integrity":http://en.wikipedia.org/wiki/Information_security#Integrity of electronic messages.

Why Subkeys?

"Public Key Cryptography":http://en.wikipedia.org/wiki/Public-key_cryptography is long, complicated, and well outside the scope of this post. However, one thing I never fully understood was the functional purpose of subkeys. Thankfully, "the GPG documentation":http://www.gnupg.org/gph/en/manual.html is excellent.

So, there's 2 major things I want to accomplish by using GPG with my email

# Confidentiality through encryption # Integrity through signatures

The designers of PGP viewed the signature role as indefinitely important while the encryption role as dynamic overtime. Therefore, when we first generate a keypair, 2 keys are created: 1 primary key for
. . . → Read More: Extend GPG Key Expiration

Sabayon, KDE, and Evolution

I recently reformatted my hard drive--switching from pure Gentoo to the Sabayon fork. Sabayon did for Gentoo what Ubuntu did for Debian. It's generally a lot easier to use, but--unlike Ubuntu--it doesn't sacrifice functionality for ease-of-use.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Sabayon, KDE, and Evolution

New GPG Key

I went to send an email the other day and I was halted when I discovered that my key had expired. I can't believe that I've been using GPG for 6 months, but the time had come to generate a new keypair.

This post outlines the process to gererate a new keypair once your old keypair has expired.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: New GPG Key