The Hitchhiker's Guide to PGP
To provide encryption and decryption, PGP uses public key cryptography. Public key cryptography is an asymmetric encryption scheme that uses two different keys, the public key that encrypts data and the private key for decryption.
You are free to share your public key with anyone while keeping your private key secret. Anyone with your public key can use it to encrypt information that only you can decrypt using your private key.
To use PGP encryption, you first need to generate a public and private key pair using a PGP software, such as Kleopatra. You can then share your public key with others, who can then use it to encrypt data they want to send to you.
Here's how PGP message encryption works:
A user generates a pair of keys, a public key, and a private key. The public key is shared with others while the private key is kept secret.
To send an encrypted message, the sender uses the recipient's public key to encrypt the message. This ensures that only the intended recipient can decrypt the message.
The recipient then uses their private key to decrypt the encrypted message.
For additional security, the sender can use their private key to add a digital signature to the message. The signature acts as proof that the message was written and sent by the key owner.
On receiving a signed message, the recipient can use the sender's public key to verify the digital signature of a message. A valid signature proves that the message was sent by the sender and has not been changed. The slightest change in the original message, even by just one character will cause the verification process to fail.
Here's a step-by-step guide to how you can do all this with Kleopatra:
Download and Install Kleopatra
Go here and download Gpg4win (GNU Privacy Guard for Windows) installer. Kleopatra, a certificate manager for OpenPGP, is one of the software contained in Gpg4win.
For Linux users, get Kleopatra here.
Install the program and run it.
Generate a PGP Key Pair
Once the installation finishes, Click on New Key Pair.
New Key Pair Generation
You will then have the option to set a name to be associated with your PGP public key. You can also enter your email address and protect your key with a passphrase. The passphrase will make sure you're the only one with access to your private key.
Enter name, email address, and passphrase
Click OK on the success popup.
Key successfully created
Next, double-click on the certificate you just created and then click on "Export."
Export your public key
This will open a popup with your public key. You can copy it, save it and share it with other people.
The public key
You can delete the lines that begin with "comment" if you do not wish to share the information with others.
Import Public Keys
To encrypt messages you send to others, you will need to import their PGP public keys.
Copy the public key you want to import and paste it into the Notepad.
Begin the import process
Next, click on Tools, then Clipboard followed by Certificate Import.
Certify the import
On the popup, click on Certify. The information displayed on the popup that follows can help you verify that you are importing the correct public key.
Click Certify, followed by OK on the next popup.
Key successfully imported
Encrypt a Message
Copy the plain text message you want to import and paste it into the Notepad.
Next, click on Tools, then Clipboard followed by Encrypt. On the popup, click on Add Recipient.
Then select the public key you want to encrypt the message with and click on OK.
Click on Next to start the encryption process. Click on OK after the encryption completes.
The encrypted message is saved in your clipboard, you should paste and send it to the intended recipient as it is.
Decrypt a Message
To decrypt a message encrypted with your PGP public key, paste the whole message as it is on the Notepad. You should then click on Decrypt/Verify Notepad.
Decrypt a message encrypted with your public key
The decryption process will only be successful if the message was encrypted with your public key.
Sign a Message
Paste the message you want to sign on the Notepad. Then click on recipients. Unchecking the Encrypt for me and Encrypt for others checkboxes, will result in an unencrypted message.
Sign a message with your keys
Next, click on Sign Notepad. The signed message will be on the Notepad once the signing succeeds.
Verify a Signed Message
To verify a signed message you will need to have imported the sender's public key.
Paste the message into the Notepad.
Verify signed message
Click on the Decrypt/Verify Notepad tab to verify the message.
Successfully verified signature
The message will be successfully verified if the signature is valid.
Basically, PGP encryption secures communications by:
- Preventing the modification and interception of data during transfer.
- Ensuring the transferred data is protected from unauthorized access.
- Allowing recipients to verify the authenticity of senders.
Keeping private keys secure is crucial in ensuring the integrity of the encryption process is preserved. Remember to back up your keys and secure the backups.
Noted, though key length is sufficient for any length >=2048 unless quantum computer with the required qbits appear. However, better safe than sorry anyway. And for expiry, it's standard practice to set it in case of key theft, security over convenience.
Niggers Eat Doo doo2023-03-186fee062a
Nah we need people using clearnet emails on the DN. the more low hanging fruit aka stupid zoomers and retarded niggers there are getring themselves caught, the less scrutiny there is on everyone else. never teach a nigger proper opsec, always let them get caught
Shut the fuck up.
I waste narcan2023-03-18cd079753
NlGGERS are too stupid to figure out PGP, most of them use privnote or dont even bother encrypting their address when are buying on wickr and telegram. Then they cry racism when the feds bust them distributing fentanyl. NlGGERS should all just be gassed. Crime would go DOWN, economy would go UP
D no 2023-03-200aa794de
Agreed. This man deserves an award
As soon as a person says something RACIST, immediately their comment becomes worthless. If your so tough, go be racist in the real world and not in hiding behind the DN
Boom is a nigger.
encrypt with 4096 but never use "forever key" as mention above, is good for commodity but not for high level opsec. I would say renew it every 4 months and change pass as well often.
I worry that pgp is a ticking time bomb. History has shown that tech appears to be advancing slowly until It does. In reality the organizations behind the innovation delay or keep private the information they have for years until It finally hits the public. We may not have the ability to make quantum computers with enough qbits right now but if we learn how to stabilize it there's a good chance it could happen fast. If you are in the realm of drugs im not sure its a huge deal but anything beyond that and it is a valid concern. This very well could be the next wave of busts like DNA provided in this last decade.
I'm hearing some good things about eliptical keys. Still waiting for someone in the security arena to make unqualified statements about their efficacy, though. Know one hacker who swears by them. I don't trust the USA's NIST implementation, though. Too easy to have a built-in backdoor for the TLA's. [tinfoil_hat]
I am stupid 2023-03-19a6eee01c
Dumb thoughts about drugs/law abiding patriotic citizen who pays taxes ;)
nigger poo poo2023-03-190a59a5df
Dumb thoughts about drugs/law abiding patriotic citizen who pays taxes ;)
Straight and Narrow2023-03-22e7e865b9
because DNL got shutdown by their web host a few months ago and now they are on the straight and narrow, that's life in the Caribbean savvy?
in case you haven't made one, Would you make the hitchhiker's guide to i2p Please?
Thanks for the info whomever the author is. Things like this are much appreciated 👍
Ok WTF why would someone use Windows for that.... DO NOT TRUST A PROPRITARY OS NEVER EVER!
I did not understand anything
HAHAHA tanginang yan
First, I would leave out the email address in the key completely. There is no need, other than a few special cases, for an email address on the DN. Too many peeps will use a legit clearnet email. Next, the key created with your process is a 3072 length key, and includes a Valid Until date. New people should be instructed, imo, to use Advanced Settings... and change 3072 to 4096 in both RSA and RSA+ components of the key. The Valid Until date should be blank, creating a "forever" key which prevents problems when a key expires. Just a couple of points that provide better security (no email, 4096 key length) and longevity ("forever key") for new peeps making keys. ymmv