PGP: What, Why, When, How.

Rinat Sabitov, 2017

D122293D: 8A98 93D4 B64B 480E 471D  BE57 1883 9067 D122 293D

what

  • Что такое PGP?

What: PGP

  • Pretty Good Privacy
  • Tool for secure communication
  • Non-centralized
  • Public-key encription

WHAT: encryption

what: signing

WHY

  • Почему я должен использовать PGP?

WHY: REASONS

  • Protect data
  • Protect yourself

WHY: protect yourself

  • Message can not be modified
  • Message can not be forged
  • Proof of authorship

WHY: DISADVANTAGES

  • Not anonymous 
  • Not easy to use
  • Not widespread 

when

  • Когда я должен использовать PGP?

when: encryption

  • Распространение новых паролей
  • Хранение связки паролей / кредитных карт
  • Конфиденциальные данные
  • Передача сообщений через 3х лиц
  • Отправка личных сообщений через корпоративную сеть

WHEN: SIGNING

  • Always. Why not?

how

  • Как я должен использовать PGP?

HOW: Get

HOW: NEW KEYPAIR

$ gpg --gen-key
  • type / size
  • real name / email
  • passphrase
  • revocation

 

how: USage

$ gpg --encrypt passwords.txt
#creates passwords.txt.gpg
$ gpg --decrypt passwords.txt.gpg

Encrypt:

Decrypt:

Easy peasy!

HOW: IRL USAGE

  • Enigmail for Thunderbird
  • GPGol for Outlook
  • GPGMail for Apple Mail
  • Native in Gajim/Psi/Mutt and others

HOW: TRUST

  • No one authority
  • No expensive certificates
  • More signatures  == more trust

HOW: web of trust

HOW: exchanging

$ gpg --armor --export rsabitov@cloudlinux.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1

mQENBFVx8QEBCADYOiphYbxCrOoFihi+LheXXPwP7dG5tMTqzCoVLLTwq3tX9IOw
...
sbWmZvrQWZqrFKxMbFjIR5c3/i9s9j2/+J8/pQNDRT4=
=5kkT
-----END PGP PUBLIC KEY BLOCK-----

how: exchanging

$ gpg --import rsabitov.gpg
gpg: key 9E98BC16: public key imported
gpg: Total number processed: 1
gpg:               imported: 1

HOW: distributing

$ gpg --keyserver pgp.mit.edu --recv-key 0xBB7576AC
gpg: requesting key BB7576AC from pgp.mit.edu ...
gpg: key BB7576AC: 1 new signature

gpg: Total number processed: 1
gpg:         new signatures: 1

HOW: distributing

$ gpg --keyserver pgp.mit.edu --send-key rsabitov@cloudlinux.com
gpg: success sending to 'pgp.mit.edu' (status=200)

Keybase

  • SIGN/ENCRYPT/DECRYPT
  • IDENTITY PROOFS
  • KBFS
  • GIT
  • CHATS/TEAMS

done!

  • Qeustions?
  • Comments?
  • Who will sign my key?

PGP

By Rinat Sabitov

PGP

  • 1,934