Download encryption practice files - opinion
Download encryption practice files - all? Excuse
You'll have to reboot (restart) your system after the PGP (Pretty Good Privacy) software has been downloaded and installed, so save any work on your computer and quit any open programs other than your web browser before you proceed. This tutorial has been designed for users of Windows PCs. A version of the tutorial for the Mac platform is in the works and will be ready soon. The tutorial describes the basics of the PGP software in order to help beginners get up and running using encryption.
In your browser, go to the download center at the PGP International Homepage
Click on the PGP Freeware link where it says: "Here you may download the latest freeware PGP version for your platform."
On the next web page, you'll be asked to answer a few simple questions. You have to answer Yes to all the questions as a way for you to declare that you won't misuse the software once you've downloaded it. Read each of the questions carefully before selecting Yes as your answer. Then click on the Submit button.
On the next web page, click on the first download link under PGP Freeware v (Windows 95/98/NT/). You'll be prompted now to decide if you want to open the software right away or download it (Save it) to your computer hard drive. You want to Save this file to disk, so make sure this option is selected in the File Download dialog box, then click on OK.
Now you have to tell your browser where you want to save the PGP program. Be sure to select a location on your hard drive where later you'll be able to easily find the zip file of the PGP software, then click on the Save button. The download will take a while, depending on the speed of your connection to the web.
Rarely does anything of significance arise out of the blue. PGP (Pretty Good Privacy) is the culmination of a long history of cryptographic discoveries. Cryptography is the science of writing messages in secret codes. It is nothing new. Since the human race became a species of its own, we have pondered the challenge of concealing our communications from others. Secrecy--stealth--is not a preserve of the human species. It is a matter of survival for all our brothers, sisters and cousins in the animal world from which we have evolved. Whether in times of peace or in times of war, we all harbor secret thoughts, feelings, desires, objectives, and so forth that we want to share only with those we absolutely trust, and that we want to carefully conceal from those who would take advantage of us if they knew what we had in mind.
Encryption makes this possible, and one of the strongest encryption tools available to us today is PGP.
Phil Zimmermann invented PGP because he recognized that cryptography "is about the right to privacy, freedom of speech, freedom of political association, freedom of the press, freedom from unreasonable search and seizure, freedom to be left alone." You can read Phil Zimmermann's fuller explanation as to why you need PGP. In the development of PGP, Zimmermann was greatly assisted by his knowledge of the long history of cryptography. Like Sir Isaac Newton, Zimmermann was able to achieve what he achieved because he "stood on the shoulders of giants" who went before him.
How does PGP work?
OK, here goes; put your thinking cap on If this gets overly technical for you, and your eyes start to glaze over, don't worry about it. It's nice if you can understand what's going on with Public and Private Key encryption, but it's not necessary right away. You'll understand it better as you start to use it and as you interact with others who use it and can explain what's going on. For now, it's sufficient to just follow the sets of numbered steps carefully in order to learn the skills required to use PGP. But read over what follows and understand it as best you can.
When you have successfully completed Step 3 of this tutorial, you'll have created two keys to lock and unlock the secrets of your encoded information. A key is a block or string of alphanumeric text (letters and numbers and other characters such as !, ?, or %) that is generated by PGP at your request using special encryption algorithms.
The first of the two keys you'll create is your Public Key, which you'll share with anyone you wish (the tutorial also will show you how you can put your Public Key on an international server so that even strangers could send you encrypted data if they wanted). Your Public Key is used to encrypt--put into secret code--a message so that its meaning is concealed to everyone except you
Then there is your Private Key, which you'll jealously guard by not sharing with anyone. The Private Key is used to decrypt--decode--the data (messages and so forth) that have been encrypted using your Public Key. This means that the message encrypted (encoded) using your Public Key can only be decrypted (decoded) by you, the owner of the corresponding Private Key.
The designation of one of the two keys (Key1, say) as Public and the other (Key2) as Private is purely arbitrary since there is no functional difference between the two. PGP chooses one to act as the Public Key and designates the other as the Private Key. If it chooses to designate them in the other order (Public=Key2 and Private=Key1), it would make no difference. This is because when either key is used to encrypt something, the other will act as the corresponding decrypting key to convert the encrypted data back into its original form. This capability is at the heart of the "Signing" process mentioned in Steps 8 through 10 below.
Public and Private Key encryption solves one of two major problems with older methods of encryption, namely that you had to somehow share the key with anyone you wanted to be able to read (decrypt) your secret message. The very act of sharing the key meant that some untrustworthy so-and-so could intercept it--and frequently did. Which meant your code was practically useless.
The second major problem with older methods of encryption was the relative ease with which the code could be broken. Codes have to be incredibly complex if they're to foil the attempts of astute humans to crack them. This is all the more the case today when we have increasingly powerful computers to do the dirty, "brute force," work of trying every conceivable combination of key possibilities for us. PGP, and other similar encryption systems, use a key that is really--well--astronomically large, meaning that the number of binary bits (1s and 0s) used to create it has an astronomically large number of possible combinations and the actual decimal (base 10) value they represent is--well--huge. Unlike earlier encryption methods, the security of PGP encryption lies entirely with the key. Earlier encryption methods relied on "security through obscurity" (ie: keeping secret the method used to do the encryption). The methods used to do PGP encryption are known and documented. It is PGP's selection of the complex keys used to do an encryption that makes it next to impossible to crack.
The size of the key can be increased whenever necessary to stay one step ahead of advances in technology. Time alone will tell if PGP can stand the test of time, but for now it's one of the best encryption technologies you'll find.
If you would like to read the history of encryption and understand the origins of Zimmermann's PGP program, an excellent account is given in Simon Singh's CODE BOOK (Doubleday, New York, NY, ). Find out more about PGP at the International PGP home page. The CryptoRights Foundation is another good website for information regarding privacy issues. You might also like to join the PGP-BASICS User group where you can find speedy and informed answers to questions that might arise as you get started using PGP. Once you're more experienced with the program, you can join the PGP Users Mailing List so you can keep in touch with issues related to privacy.
Once the download is complete, you'll have the zipped version of the PGP program on your hard drive. Now you have to unzip it. For this, your best bet is to use the shareware WinZip which you'll need to have installed on your computer. You may already have this program from when you had to install other software. You can check if you have the WinZip program by simply double clicking on the file you just downloaded (PGPFWWinzip). If you don't have WinZip installed on your computer, or if you're in doubt, you can go get it (download it) from the web. The best place to do this is at rushbrookrathbone.co.uk. Follow the directions to install the WinZip software on your computer. With a program such as WinZip installed on your computer, you are now ready to unzip and install PGP. Here are the steps to follow:
Now locate the PGP zip file PGPFWWinzip wherever you downloaded it on your computer and double click on it to unzip it.
Next you'll be prompted to run the PGP Setup program, which will begin immediately. You'll be presented right away with the PGP Freeware Setup Wizard.
Follow the Wizard's step-by-step directions, clicking on the Next button as you go along. The first three screens contain info about PGP (licensing, etc.). Read them before clicking on the Next button.
The 4th screen asks you to enter your name and the name of the company you work for. Next you're asked to confirm the folder where you want the PGP Wizard to install the program. Unless you have other ideas, accept the default for this item.
Keep your wits about you on the next screen, which asks you which PGP components you want to install. You do NOT need to install PGPnet Virtual Private Networking, since for most people it's unnecessary and, as Steve Kinney points out, can create nasty network configuration problems. So Deselect this item by removing the check mark next to it before clicking on the Next button.
On each of the ensuing screens, read what the Wizard has to say. When asked, accept the defaults and let the Wizard do all the setup for you.
Once the PGP software is installed, you will have to reboot your system. PGP will prompt you to go ahead and Restart.
After your system has been restarted, you are ready to create your Public and Private Keys.
Now that you have the PGP software installed on your computer, you need to create a Public and Private Key pair. This you can do at any time. Remember as you complete the steps that follow that your Public Key is so-called because you will willingly share it with others so that they can use it to send you secret information. Your Private Key is so-called because it alone will decode any information encoded with your Public Key. As long as you alone have knowledge of your Private Key, your privacy is assured. Here are the steps to follow:
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking on the PGPtray icon
in the lower right corner of your screen and selecting PGPkeys in the pop up menu.
The PGPkeys window opens up, listing various people's Public Keys, among which in a short while will be yours and any others (your correspondents) that you choose to add to the list.
In the PGPkeys menu bar, click on the Generate New Keypair icon
to bring up the PGP Key Generation Wizard. Read the introductory dialog, then click on Next.
The PGP Key Generation Wizard now asks you to enter your name and e-mail address. Do this now. You can use any name you like and it's a good idea to use a genuine e-mail address so you can take advantage of the PGP feature which will look up the correct key for you when you are writing to a particular correspondent. Click Next when you're done entering your name and e-mail address.
Now the PGP Key Generation Wizard asks you to select a key type. Accept the default (Diffie-Hellman/DSS) and click Next.
The PGP Key Generation Wizard next asks you to specify a size for your new keys. Again accept the default ( bits, which will give you a key so large that it would be well nigh impossible to figure out even by the most powerful computer in the world) and click Next.
Now the PGP Key Generation Wizard asks you when you want your key pair to expire. Accept the default (Key pair never expires) and click Next again.
The PGP Key Generation Wizard now asks you to enter a passphrase. Think about this before you proceed. Choose a passphrase that has at least eight (8) characters (that's a minimum of 8 characters as a requirement), with a mix of upper and lowercase letters or other characters. The greater the mix of characters and the longer the passphrase, the better. As Herb Kanner explains, "The size of the passphrase, and the inclusion of mixed case and non-alphabetics is to increase the difficulty of a brute force attack on your passphrase." So, if you use a longer passphrase (Herb's is 15 characters long, and Bernie's is 33!!) even if someone used a supercomputer, it would take an intolerably long time for it to try all combinations till it hit on your passphrasse. If you'd like to read more about this important subject of Passphrases, take a look at The Passphrase FAQ. Arnold G. Reinhold's DiceWare Passphrase HomePage is another excellent resource.
Enter your passphrase once you've decided what it will be, hit Tab, and re-enter it for confirmation. Then click Next again.
If you have entered an inadequate passphrase, the PGP Wizard will warn you and ask you to go back and re-enter another passphrase. But if all is well, the PGP Key Generation Wizard will now go ahead and generate your key pair. You may be prompted to move your mouse around or hit random keys on the keyboard to help the Wizard create a more secure key. Click Next when the Wizard has finished generating your key.
You'll now be asked if you want to send your new Public Key to a server where others around the globe can find it and use it when they want to encrypt data they wish to send you. This is optional, so click in the box only if you wish to do this, then click on Next once more.
That's it! You're done creating your PGP Public and Private Keys. Now all you have to do is share your Public Key with anyone with whom you wish to exchange secure information. The next sections tell you how to do this, and how to use your key and those of your correspondents to encrypt and decrypt the data that you exchange.
After a while, as you become more accustomed to using PGP, you may well want to change your passphrase, especially if the one you first chose is not complex enough for your liking, or if it has become compromised by someone else discovering what it is. Changing your Passphrase is a simple process.
To change your Passphrase, here's all you do:
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking again on the PGPtray icon
Highlight the key you want to change the passphrase for, then from the Keys menu select Properties.
In the dialog box that pops up on the screen, you'll see the button to Change Passphrase. Click on Change Passphrase, and in the next dialog box, as you might expect, you're asked to enter your current Passphrase. Go ahead and do this, then click on OK.
Now all you have to do is decide on a new Passphrase, write it down if necessary so you don't forget it, then in large letters write on the note the word "DESTROY" or "BURN" to remind yourself to do this once you've used the new Passphrase often enough to know it by heart.
When you're ready, enter it in the New Passphrase dialog box, and Confirm the New Passphrase by entering it again, then click on OK.
Back to the Table of Contents
Step 5: Distributing your Public Key
When you want to exchange Public Keys with a particular individual or group of individuals with whom you intend to exchange encrypted information, the best way to do this is to send it as an e-mail to whoever you want to have it. Read what follows carefully, however, so you understand how PGP works.
The recipient of your Public Key will have to have PGP installed on their own computer if they want to be able to add your Public Key to their keyring and use it to encrypt the data they want to send you. Likewise, you must have anyone else's Public Key on your keyring in PGPKeys if you want to send them encrypted data. This is a bit tricky to understand at first, but think about it. Anyone who uses PGP has two keys, a Public Key and a Private Key. Your Public Key is used by other people to encrypt information they want to send you so no one else but you can know what the information contains. When you receive an encrypted message from someone (could be any kind of data, not just text), you use your Private Key to decrypt it. The neat thing is that you're the only person who can decrypt the secret message because you're the only person who has the Private Key, with the passphrase that unlocks it (unless you share your Passphrase and Private Key with someone else, which would defeat the purpose of PGP!).
If you want to, you can put your Public Key on one or more servers that form an international server chain. Effectively, this makes your Public Key available to anyone anywhere who would like to exchange secure communications with you. Step 6 below explains how to do this.
To include your Public Key in an e-mail message, here's all you do:
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking again on the PGPtray icon
Locate your keypair among the list of keys in the dialog box and select it (by clicking once on it). Then copy it (Edit/Copy or control-C)
Start a new message in your e-mail editor, in the To: box enter the e-mail address of the recipient, and type a subject header such as "My Public Key"
Now click to put the cursor in the body of the e-mail, Paste your Public Key (Edit/Paste or control-V) into the body of the e-mail, and send it.
Back to the Table of Contents
It's a good idea eventually to place your Public Key(s) on what's called a public certificate server. This is a server where anyone can access your Public Key and use it to send you encrypted messages. You'll still be the only one who can decrypt the message because you alone have the Private Key, so you never need worry that your privacy will be compromised just because you made your Public Key public. After all, that's why it's called a Public Key. However, as a beginner to PGP, you may not want to do this right away, since you may well decide to change your Public Key at a later date for one reason or another. The thing is that, once you put your Public Key on a certificate server, you can't remove it--ever, and there's no point littering the server with keys that are never going to be used. So keep this section of the tutorial in mind for later, after you've got used to using the program and have settled into using a particular Public Key.
Here, then, are the simple steps to make your Public Key available through the certificate server at MIT. It doesn't matter which server you post your Public Key to, by the way, since they are all interlinked. Wherever you post your Public Key, it will be available worldwide.
Start by connecting to the internet, so that PGP can access the web site (in our case a server at MIT) where your Public Key can be sent and included in the database of Public Keys.
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking on the PGPtray icon
In the PGPKeys window, among the list of keys you see there, click on the icon representing your Public Key. This is the key you want to post to the certificate server at MIT.
Now pull down the Server menu, select Send to and then select the link to the MIT server at rushbrookrathbone.co.uk
PGP will now access the server for you and post your Public Key there. When it's done, it'll inform you that the key was posted successfully.
Step 7: Obtaining and Adding someone else's Public Key to your keyring
Once again this is simple enough. There are two ways to do this. You can either have someone send you their key in an e-mail and then paste it into your keyring from their e-mail or, if they have their key already posted to a certificate server, you can go get it yourself. Here is all you do if you get someone's public key in an e-mail:
First you tell your friend or friends to follow Step 5 above to send you their Public Key in an e-mail message.
Open the e-mail message containing the Public Key you wish to add to your keyring.
Drag to select from BEGIN PGP PUBLIC KEY BLOCK all the way down to END PUBLIC KEY BLOCK
Then copy it (Edit/Copy or control-C)
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking again on the PGPtray icon in the lower right corner of your screen and selecting PGPkeys in the pop up menu.
In the PGPkeys window, paste the Public Key you wish to add to your keyring (Edit/Paste or control-V).
Voil�! Check the keys in your keyring to verify that the new key has been added to the list.
For the record, and for practice, the following are the Public Keys of the authors of this tutorial. Add these Public Keys to your keyring now.
Netiva Caftori's Public Key:
BEGIN PGP PUBLIC KEY BLOCK
Version: PGPfreeware for non-commercial use <rushbrookrathbone.co.uk>
mQGiBDp1yy0RBADVlyDewVwltBs7HnHCG3bXlVUODFkn/00TdbM2SPnOAIkj4giB
ylOP7Mg+Hr5y7FIBvmPWx06In6JjNQiSbpshP5YHv57UfE79nEJdWuSTQt/7j7IJ
GkHYtBRHQMIAHMgT8IB5d3gFq52jSa8hw/ixMP09a0Rw8RP9+kOE4s9UrQCg/zVH
IHswdc/mb50PjdeXwnjxQbkD/3lJYEzz8eUlFHB4rVaC1yRi21Lypf0DIMfQg5j9
xBxY4odFJKyf22PeuAjp9roURRIbGIkIGH8eXF+Mav9OqEdD80JbEn1hZuaLk1RF
k1XJjmFRdKXz+Q7JmRdbs3zXXav2cYwalgzEXT5kuXuNlThLTnLoEFop8Hl3xM4/
PdqMBACkkHb07vPY5ltdXqL00lE6LedlBW4FLjIQgselsrUxq5U5y0Wg1Z
//a66l5QkyaMrpsHKfkLHdaPOVCs/WeG6eLwD/cUBEM1Y9Yb5DaB0njdZB3Yxcm8
W23hpKjDanb7SbaSA16gBIWRlvrB/qU+MZAj+EXRDJmwMJq2y7QjbmV0aXZhIGNh
ZnRvcmkgPG5ldGl2YWNAb25lYm94LmNvbT6JAE4EEBECAA4FAjp1yy0ECwMCAQIZ
AQAKCRDFpFclYzXzSwiRAJ0S3djCkJJPUalRyE+vWnfnhvJmDgCfTEBN2N6GlGWO
mrOg1tQlZoWbd5q5Ag0EOnXLLRAIAPZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65
Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09
jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brw
v0YAWCvl9Ij9WE5JgtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiN
jrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrK
lQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH+wVFKD3A
FEdEBHqDZuKjLdLJIKHk4gloKeQ60R9NLLFynfIgSvgsii5uWLY9+gZ2FIGnP3Yc
GxZH1HASv+pG1sw0MnhutxZui3E3Mt69Uv1KTlTGYkfS+mXBw4Qr7hXavCkF45we
f/9Qlj6hSKVjy4YcewdvpopM9S4gVcBq+EdTp1negsCyj3YhFiEo0JEL40mnoHX7
HudJBbiBmknmBZOjxzBBeDPcu7fWV/LDCWiFoGg9uWy2KOcIt7sNXVJbukbSGYg2
hzOB2JPaqCqI5+4YfUCumNLd0lktT7S1V3/6xszEnybQL7tMtmrZZFAFHFAwLNPA
bLxdF/b26GbrTT+JAEYEGBECAAYFAjp1yy0ACgkQxaRXJWMttbQCg98c40J41
iXkP9CuqGR0LBJ46VNAAnj+5dH9NfBp5TN0rAyxwBveTK
=0VvA
END PGP PUBLIC KEY BLOCK
Bernie Poole's Public Key:
BEGIN PGP PUBLIC KEY BLOCK
Version: PGPfreeware for non-commercial use <rushbrookrathbone.co.uk>
mQGiBDrlpg0RBADQIOANoihULVTQ3sddrU7XObaNMtgFY7fEpybl0fqQStPyqXHY
nMdeHQQA/d9vEviuN5kbLXW2m1Zf67mAajDc8jP/lElYQg8lv8C6XXBkVH/7i7gC
mFteHDbXCsh8Eqwh2okC3frYPpAx1I0z1VtmOGz2jFfxjVBNfuuBPhaRHQCg/0v8
TEi/i/vY7ALLMPcPCAnPgk8EAMKlb/mBTqbahBjCBWx/CLpEQQ/qVDQmlEk/BBKz
ms6t0OQXtqwcf5+kxre2Xf3XDYRYZPL9mS5oSjSLk2vma+5/Z59Xg39tWke7GULs
hle9wA8Bta/ak6t3fxCr/4MyS2BSpYsIfA+6AlPAs2rOF7EX6jOZkfhHvyS1jCBV
4Y0jA/0VoX+TaDNDZotbMT5INGMkIQS9PD8B3/ynjRdRnDpjOIVscEp0A2tyZ
9w7TkiVoFtBg5XcM5H1j9FZBfhPg/aZGz0ofJlnvhxGiNVUE2Zxr1PwftTFUJUBu
7RqnliUsYCL00aFoEDXIJ4T18dB8a/KO9Jh+RXOUOMe0G4rQkQmVybmllIFBv
b2xlIDxiZXJuaWVwb29sZUB5YWhvby5jb20+iQBOBBARAgAOBQI65aYNBAsDAgEC
GQEACgkQ+JGoqOuWpYh1fQCffB+5AYS1tGBpTBn8ILTGfJNZfkkAmwYgG8PbHJKG
MR2ip6RXYxqk6HfUuQINBDrlpg0QCAD2Qle3CH8IF3KiutapQvMF6PlTETlPtvFu
uUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfUodNQ+PVZX9x2Uk89
PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7HAarTW56NoKVyOtQa
8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLYkjwEPwpVsY
jY67VYy4XTjTNP18F1dDox0YbN4zISy1KvbEpQBgRjXyEpwpy1obEAxnIByl6
ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMgs7AAICB/9fLWJk
MxqlKPuP4nfcDXxjYu5yYrtgTxnEA8LjwHILFHC6dS+TruOBehDWWq07PEihRVdK
3vY/oOSV70Du4yO2/siau4xUNhrP2dw1AKgDW1gNvQbeXYuxhs7vKDQGHDgYhUKm
z5E6hX5Z3HesujXnHWe8NtTqa1gM+SP3LF6oFkzTpuIoogRRULy6HUbis1v+Um4i
WI1EXchfauNwy6IzFYOTw41MExKtDyxTLjzBz/PfsncQc2zWpFAih8ZcqQkiOg8B
a+h7xp0hrPzXT0ewxb3aiELI+2oq6m0uwprWJE09REWgwe78gRwbiwlPDH4P/uL9
/tUA2PaCPaEkM7+EiQBGBBgRAgAGBQI65aYNAAoJEPiRqKjrlqWIZv0AoK/IfMGB
Pk7ZKtEr64R8NAArXBoQAJ9E90U+eHZzVN9jG/MVuJKwiNRYZw==
=xI2U
END PGP PUBLIC KEY BLOCK
Pranav Lal's Public Key:
BEGIN PGP PUBLIC KEY BLOCK
Version: PGPfreeware for non-commercial use <rushbrookrathbone.co.uk>
mQGiBDr9VmoRBADK8ZX4gTXSsOPo/y+eMv/G55y9tfZfh2tTXsIRVSloRwMN0DBD
36yjWfh3xM0Bfa7z57i5gKdjT95sVokKplbTUcMGNoJQZ4h8TWgvr2Wf2FX0U6Bl
0/cm/9iWHh0jolW2Su6WVLznbknL93Pv6ejxfT/LspKvbnQTBOl3/29CZQCg/xFC
5IVVsNP3Aqe7/fHWps10dmUD/3zq1Bhr6VG+xhZ1yKtRkpMJUX5n/2CSvGpqJrxv
vQUW++9KK5MzApMk9DXbPPyvEP8W6Gl4iOVuXyNoEPBpxu38jF2E9sH+I5llzvl9
Gm+wa0Yz6T5qz0DVrxYTgpVAsBnQsJXOoZEqMPnF4fC/Ba2RfnzpwFCjnGqvZsUc
v+3tA/wLc8yBk6mbBYzb3OKBp2y1RGZcN+52U2hTq18/OKT9CGFCrgHLAFi+Y7iK
5hfErXzUUxRJ/m3LqoUTmtPZy+nst+I/IxpmVKNoeMGXT5VcLyy8KU85Q5zz/AAp
x/QRFPJK8aNfzphBXX3g1NBt1Z/0Kz+JHxXyq16U5nNI4eYEnbQgUHJhbmF2IExh
bCA8cHJhbmF2QHNvZnRob21lLm5ldD6JAFgEEBECABgFAjr9VmoICwMJCAcCAQoC
GQEFGwMAAAAACgkQ2E+b6PepG8MJFgCgo8OYI3c8YzfelRdCkPoZzkwCC8gAn27S
Wzb2PjGpeYlJsIYz1t6IixyHuQINBDr9VngQCAD6WhaZlHBHGQN6I0rzIaiEjCz2
IhMAdxipnXV2yn9m6+nrBdA22pMT8ca9dNk66OCSlDTElADuzKQq+CtZrkaMq3I1
AIj5twGGJr7TtIIg03OqZsdAbX0rdcu5HAflqPnc+TIiMij/fyp+NYtRmIIDJd4+
ld0gmnTjzBEEFpaA6FdzUJxAyMltJYUMjfwJNNb7ExXzvQswb6CDI9o0gct+gasy
TzqLhv/GMvqzAcOHANF0Mqtxg1kr3qVE4xN7bxvFdYpnpieJR7fc/RoYGQN+zqt1
fFQwRx5o4S8JGDku9AXhThIeyF9j4JJVfVlQgAY/Sh+nrhV2DpiIAaJhnXuPAAIC
CADzBVhZ6B76lEKLjh0A49iNSxGRHQiWt4ZNZ2Ru+DELeqhIa/hCzpwiXZQkJGL3
FuSHkhuoIKbYRpPBx9kgA+TgjmMHZObxAhT0ZCYjhBPSxFCgmGp+A5lR6a4gV
V7uKTtsY/6OQVgjo94sdu2nr3FPW2UIuuMsSzthuXRG3mTe+6fypwjPivlFgOZb7
hRvWnRgG03zEGuIirp3C8PtI6iJyd89npLYWZ93Z5Zu+gT00dLyCMoeToCN0VPZy
tLcFbAoMflYvaRTBpVKYCGDXq6GbMg00egHpbpnOKQCG3rGZg2vsmwke7UViB3kj
l3JevhU1XTu7wsH+WeC8tiFEiQBMBBgRAgAMBQI6/VZ4BRsMAAAAAAoJENhPm+j3
qRvDLisAoNb8Dg2RYuMVciB59pAWAd8geaz5AKD1Y6WL0QRQ//dERubgm/Aq17eE
ig==
=A47s
END PGP PUBLIC KEY BLOCK
Bob Rosenberg's Public Key:
BEGIN PGP PUBLIC KEY BLOCK
Version: PGP Personal Privacy
mQGiBDYehAsRBAD9Mmgv7gV3JsMQ0sMLWjk9zX4O07h2XHUow0P5hTIL+lEtcjBn
WpufGD0cZjEdVHctH9x/nTOoUdcepTLyIHoLVD+MboepvlizEvqfCQNWEadH
BRE3fzSMqxWTl9nAQyXjqDBi+M92mswMQXUNqhg7cxk50Aymb2rQFoc1PwCg/0mu
fQgQ0UmNTKWfovuGhxKV0/8D/1luI30t5sb4DHFB4mgY9an0r0PtSYdHU3M5jrIx
kbHnWPYtydKNWkhBOncZJOnARAQ6q9SzmdoS9bzVIf0FXAVB3TG7IqgkaxXzkCAw
xkyrcxLjuT0GAbFg3t0kAqzsVnmIgfTCCycg/Xfnn+0Nak0Q06yHtOsPz2g8xhYa
K0MDBACIPH5tpJekxd+fZtF4dHqEotrXPcslPECi3BZELAEsntoAHRS/hYtQUFFZ
7bls3/wdMYX9etlxUbfUXhdxtuxJnpT2S0VoVI4h53cnAAhe8jzCOK5qVBUXSsjX
gYgD03BcXfwM4pMIpxbk+5i+oE5E0w2hIH9sfKFbgLHBaj0ZxLQyUm9iZXJ0IEEu
IFJvc2VuYmVyZyA8Ym9iLnJvc2VuYmVyZ0BkaWdpdHNjb3JwLmNvbT6JAEsEEBEC
AAsFAjYehAsECwMCAQAKCRCnsU6BJsi/YQuOAKC8K2jIlwmyzLE2EXxE9u1Hw
XACg3X9G1Ad9jNGOkGVOLugXnxE36FS5Aw0ENh6ECxAMAMwdd1ckOErixPDojhNn
l06SE2H22+slDhf99pj3yHx5sHIdOHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6z
ZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+
Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDa
AadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2NZ
4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBY
K+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WM
uFzT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmW
n6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6UwybwACAgwAyBlC3K4DLlAq
KOf/gzd0YoazkUyx6qte4IF/wTw/wg9wK7mDqab75zAN1DxcsmpJLaPmWAFu2rWd
U1UqeB5+hnpnrYhFkxzL+TnOa9ckI9S33iLjFPCUFZJNlVlcgclLeog5DSzCV
TjgUeOEMsSUn5d4a7DSkHPfT8TBMlNPQBTuJGGC15H8cCC+2QmWUuLNkq90z6MR+
E5JOajj6z/7qOvfL4SOVPtQxvF5iz2zduapxGgTz4UqeVwA1X7HkXx7Cumdipg0S
Wn63j4IiHHoU4hDyanEkLX32l5PfhaQ8zfpztcy1TxaKXPPtgOGFNDCMo+dG6HfQ
AO2qsL5rDdvgu9hLeCkHaxVDgCKZ4XZ5T9SgL8v3UKep8JomEFt1kdq4KCBJ/gS/
EvXEbnj6Vs63pYtrKgoWxGCCqva8/fqUAfvsX+llGDLBCWLreMTDPisj4fXmJS7h
Cbdg4bSMbVzRUWLNQ/wJbRhR7eeMcP7vrT/q6rx3eL3QCD5cIOCiiQBGBBgRAgAG
BQI2HoQLAAoJEKexToEmyL9hzEIAoL1BDnbaEbsiFPdGsIOzdNRNCAKCpB9tr
K5MB6twgr+Ww52xyQf6xww==
=BBVS
END PGP PUBLIC KEY BLOCK
If your friend or friends have a Public Key (or Keys) already posted to a certificate server, you can go get it yourself. Here are the steps to do this:
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking on the PGPtray icon
Pull down the Server menu and select Search.
In the search dialog box, type the name of the person whose key you are looking for and hit OK. PGP will go to the international certificate server and find the key or keys for you (many people have more than one Public Key on the certificate server). If a Public for your friend exists on the certificate server, you'll soon see it displayed on your screen.
Click on the Public Key you want so as to highlight it, and then copy it (Edit/Copy or control-C).
Go back to your PGPkeys window where you see all the keys on your keyring. If one of the keys is highlighted by default, click anywhere off the list of keys to make sure no key is currently selected.
Finally, in the PGPkeys window, paste the Public Key you wish to add to your keyring (Edit/Paste or control-V).
Back to the Table of Contents
You are ready now to start using the PGP program to generate secure, encrypted digital information. In this section you'll learn how to encrypt messages or other data before you send them, and how to decrypt messages or other data that you have received.
First, the encryption process.
Compose the e-mail you want to send in whatever natural language you want to use (French, English, Spanish, German, etc.).
When you have finished composing the e-mail, make sure the cursor is still somewhere in the body of your message, and click on the PGPtray icon in the lower right corner of your screen.
In the PGPtray pop-up menu, select Current Window, then in the Current Window sub menu, select Encrypt & Sign. This will bring up the PGPtray Key Selection dialog box where you should see the list of Public Keys including that of the person or persons to whom you wish to send your message. Note: The Private Key is kept in a file called the Private Keyring. It is encrypted with your selected passphrase so even if, somehow, someone gets access to your Private Keyring, it will be unusable without access to the Passphrase to decrypt the Key for use. Every time PGP needs access to the Private Key (to Decrypt an Encrypted Message or to Sign an Outgoing Message or someone's Public Key) the Passphrase will need to be re-entered. By default, PGP will remember [cache] your Passphrase for two Minutes so that you do not have to re-enter it if needed more than once within this time frame. However, two minutes isn't much time and the odds are you'll need to re-enter your passphrase every time unless you change this default. Step 14 explains how to do this, along with warnings about how to use the cache wisely and without risk.
Double click on the Public Key of the person to whom you wish to send your message (this selects the key and moves it to the recipients box just below). When you have made your selection, click on OK.
You will be prompted to enter your passphrase. Type it in carefully, then hit OK. If you did everything correctly, the message will be converted to unintelligible gobbledygook (aka "ciphertext", as it's called in the world of cryptography). The ciphertext will look like the following:
BEGIN PGP MESSAGE
Version: PGP Personal Security
qANQR1DBwk4DepqGz+tv7awQC/sGOyvgkqLDEz3QOc4AkDuoTVl9O2y7XNR47
w77OngPn3z/01yEpVDmkfrpdXKYmVhylICPg1yvNYTyx6EW5LIOYt1yuxLc+bjKS
piwrBdCxz5+VT8z9IQz7BNu75GBP5YMJyhZUgwFRDahPITz0ziqL9nBZeUX27PGL
ZIc32bm/18zLwbLUZi4CSPlnc9PzXTeubwnsaC0ZU1PT+WokkhPRxPrgBHLU/rMj
zqOoh2/dXGMUFY7F0zitGw1jcj+jIf49hpzPZ5oWChZQjnQdREZgaRenx3jRomol
BnT0KgGk+cBp8BIM65DyoYdMKEn+ngTgIYUYkBLnYXfQv9pgagPlQUgmMWSK/
zRkLS3PpKJFTviBXKKDeCteqDTRty3N1sEXaFbpMZtaNWJvqlXpbbrAkO
rvKAxMq9gpA+asfNSX29FT4uv4D7FWF3fp2e9it8c30//9yKXQ8pJb0vfz8B
vZCwIO1meDScIwI2D8/8EHzQMALxye7O/tpDW3BEU+NEqsHM2nXdebKl7mPk8
5voUyYZb3vz3PQHNJ+Jg14KybK8Jn7KGji19nHFgFtHN0Qoz4e5aTlZtMksWDaX+
dT6xfrKBo5wOaQHGAX3NHBAMTCqUoZajsGxsc+dQ/WB7Qw4qdZjmLtzj35HcF7s0
5RwOWZ2F9cqSj0bllaT9zo2jXs5ZM/fAZUBPsCp55EFpe52NFKJgyJY92mYi0
1SK26VMNMdHdp4zHWZdNkhPPG0EgDsz1g+EtY6YXWQYwIKPnQUivf5mhDdhPmWK6
sAR4D7s2Vgqs2gQnvuFxpkDMc5l2rMTAE5+xSpMPau27BDxBDKLw1i6ak23C+
l2qmiqQg0qeSFy2o7+HmyKWCENl2V84N8eLhoE+iyXj5fL2UvMlqVJePTT76Rz6p
+tD/15JYZo/8uAxIBivaB7P7k2Bqu0bmrCD4wdSKOLzhScxAj15Dtu0kWgEKGs80
VgTMu2iQLtphN7oObhWzUIf9O3MlqMnBCiOp4VFGebnJcDvullUB4OYZD6ZLIecN
8BsqsVlqawJbtWpmRfYg2bicP0ISCwFaoDvR8C+wb3h9nJ9EZeO/mZGjJweR
A6yXK7wyp6JHnvACwFhUkTno7nrdq8cDaG4ssolsUSKnON87ycLFWq/mNs9fhqzF
Y3y7Q4f7hA4EL83+bxc4YGqzirWHeVXetZdft+0Oz2Au8gRG5AVd+DX+xlr56
mJlkrlzYWG7HuEl8CRS7rAZHgRAIV3I7WDeNEYyBQNt/MfzUQY9+BmbtCsTlOnda
j8IkiL0QIW/9ZyvifxpvzKGKhxdXoqJWVSXLKHGk1qvY9epgw7QWk15crlti0Q4+
aDXvNieN9imk3UNQe2rncqzIKlbxasjparCKXiErQGFjldtTLrZcf7KjNOJuVG9J
HoOZC39ur8rkVrgWuSzrvzhpeQl0VlmdviZpocErZYPtnDQGgA3TbXX4lXoMiM1a
bOxTskUcgIBzN2L9nNfIhVaxJxMdSpJxElJ27V6Be97Q+YX4TF9xlH4zWFM3
NpGg1iXWNRb4VSwPE2+ZEiKirrlMsgXxfZNvAy3bAuSm0b1u7Isa/Jjab96DHff6
5g5K
=WRFH
END PGP MESSAGE
Now send the message just as you would normally do.
Next, the decryption process.
Open the e-mail containing the encrypted
Drag to select the block of ciphertext.
Click once more on the PGPtray icon in the lower right corner of your screen.
In the PGPtray pop-up menu, select Current Window, then in the Current Window sub menu, select Decrypt & Verify. This will bring up the dialog box asking you to enter your passphrase.
Type your passphrase into the PGP Enter Passphrase dialog box that pops up on the screen, and hit OK. The decrypted message will come up in a new window for you to read. If you wish to keep the decrypted version, you can copy it and paste it into a word processor of your choice before saving it to disk. The decrypted message will look like the following (Note that the message is now readable and the signature has been verified):
*** PGP Signature Status: good
*** Signer: Robert A. Rosenberg <rushbrookrathbone.co.ukerg@rushbrookrathbone.co.uk>
*** Signed: 06/30/ at
*** Verified: 06/30/ at
*** BEGIN PGP DECRYPTED/VERIFIED MESSAGE ***
This is a sample of what the above Encrypted&Signed message looks like
after it has been decrypted and the signature has been successfully
verified. Since the Public Key that was used to encrypt this text belongs
to Robert Rosenberg, only he can decrypt the message to extract this
message. An Encrypted&Signed message is a Clear Signed Message (such as the
sample in Step 10 below) prior to the Encrypt Stage and after the Decrypt
Stage. While it is possible to just Encrypt a message, it is usual to also
sign it to prove its origin.
*** END PGP DECRYPTED/VERIFIED MESSAGE ***
That's all there is to it. To find out about the many other features of the PGP program, check out the Manual that was originally downloaded with the software. It's a .pdf file which will print out beautifully on your printer so you can read it at your leisure over a nice cup of tea :) Well, maybe you'll need something a bit stiffer to help you figure it all out
On a technical note: The actual encryption/decryption is NOT being done with the Public/Private keys of your recipient(s) but with a special one-timekey that is generated for use in this specific encrypt&signoperation. Every time you do an encrypt&sign, a new one-time key isgenerated. Unlike the Public/Private key pairs where anythingencrypted with one key needs the other key to do the decrypt, theseone-time keys have the ability to decrypt anything that they encrypt(hence its being known as a Symmetric Key). When you encrypt any data, thisone-time key is used to do the actual encryption. The Public key of each recipient is then used to encrypt the one-timekey and added to the encrypted text created with the one-time key. Thus what results is a list of recipients with the one-time keysupplied encrypted with each person's Public Key along with the common copy of the one-time key encrypted ciphertext. This format allows a message to be sent to multiple people at the same time yet allow each to use his or her own Private Key to read it. The decrypting process involves the recipient's PGP Program scanning the list of encrypted one-time keys looking for the copy that wasencrypted with their Public Key. This copy is then decrypted with thePrivate key to recover the one-time key which then can be used to dothe actual decrypting. The Signing/Verification actions that occur during an encrypt&signand decrypt&verify are covered in Step 10 below and occur prior tothe encryption itself and after the corresponding decrypting of the data.
Back to the Table of Contents
Step 9: Using your Default Public Key to save a backup, encrypted, decipherable copy of all your e-mail messages
There's something you need to know right away about PGP encryption: once you encrypt a message using the Public Key of the person to whom you're sending it, you won't be able subsequently to decrypt it and read it yourself since you don't have your correspondent's Private Key. Most of the time this doesn't matter because you may not need to keep a copy of every message you sent. But sometimes (maybe often, if you consider it necessary) you want to keep your own encrypted copy of a message for the record and you need to be able to decrypt it, if and when you want to read it at a later date. The best thing to do is tell PGP to encrypt all your messages using your correspondent's Public Key as well as one of your own Public Keys (called the Default Public Key). Here's how you do this:
Open PGPkeys by selecting Start/Programs/PGP/PGPkeys or by clicking on the PGPtray icon
In the Edit menu select Options, then in the Options dialog box make sure the General tab is selected
Click to put a check mark in the small box next to Always encrypt to default key, then click on OK.
That takes care of the problem of saving an encrypted copy of all your messages that you can readily decipher (decrypt) at a later date. Now for the steps you'll take to send (sign) and receive (verify) Clear Signed e-mails. The following section (Step 10) explains how to do this.
Back to the Table of Contents
Sometimes you won't want to use encryption when communicating. For example, when contributing to a listserv, posting notes that are shared with a community of folks where you can't be sure every member is using encryption, you won't encrypt your posting. But you can sign your posting with your PGP encrypted signature which any other PGP user will be able to verify as a way of ensuring that the note is genuinely sent by you. This notion of providing added assurance about the source of communication is part of what is known as the "Web of Trust", where people carefully validate/verify and sign each others' Public Keys so that others can find reassurance that the originator of an e-mail is who he or she appears to be. You can read more about this concept at rushbrookrathbone.co.uk where Patrick Feisthammel provides a fuller explanation along with an encouragement for all users of PGP to sign each others' keys. The concept of the Web of Trust is further explained by Hal Finney at rushbrookrathbone.co.uk For now, here are the simple steps to sign your own unencrypted mail.
After you have finished writing your message or e-mail, right click on the PGPtray icon
You will be prompted to enter your Passphrase (unless you have selected the option for PGP to recall your Passphrase from what's called the "cache"--which is not a good idea unless you know what you're doing (see Step 14), so for the time being we'll assume that you will be prompted to enter your Passphrase). In Step 14 you'll learn how to extend the time that your Passphrase is kept in the cache, along with warnings about how you should clear the cache when you leave your computer unattended for any period of time.
Go ahead and type your Passphrase and hit OK.
That's all there is to signing your unencrypted e-mails. Unfortunately, signing your unencrypted mail does not, in and of itself, reliably guarantee to the receiver of your note that you are
0 thoughts to “Download encryption practice files”