Note that this just covers security from an end-user perspective (specifically PGP), and does not focus on ISP/mail server "solutions" to security such as TLS, S/MIME, X.509 certificates and the like. Besides, we want end-to-end encryption - we want our emails encrypted before they even leave our possession.
So, to recap, our three main problems are :
- Privacy - ensuring only those who are meant to read it can read it
- Integrity - ensuring our email arrives unaltered and without tampering
- Authenticity - ensuring the sender really is who they claim to be
I can't be arsed to respew what is already written better elsewhere on the tinternet. You can read about PGP here.
Now you've read that (yeah, I know - you didn't bother either really, did you? If I can't be arsed to write about it, why should you be arsed to click on that and have to read about it and wade through more crap) you'll have a good understanding of CryptoCruyff Turn Functions and Maverick MiG-28 Inversion tables... No, sorry, I'll be sensible now. Anyway, now you've read that link, you'll know PGP works by having key pairs - a public key that you give to all and sundry and a private key that you treasure and hold with more reverence and care than Gollum bestows upon his precious ring (well, obviously - he loses the bloody thing in a cave).
Anyone can use your public key to encrypt an email to you that only you - with your private key - can decrypt. Without the private key the email will be unreadable. This takes care of problem number one - privacy, problem two - integrity (any change will make the email unreadable and undecipherable) and half of problem 3 - it ensures the authenticity of the recipient (you).
Also, and maybe most useful in today's mass phishing and spoofing era, you can sign your emails with your private key. Anyone with your public key can use this key to then authenticate that the email was indeed sent by you, and hasn't been tampered with. Problems 2 and half of 3 taken care of.
Here's an example of a signed message. The gobbledygook at the bottom is the email encrypted with your key. This is how the content is protected - the bit at the bottom is just your original message encrypted which anyone with your public key can decode and compare with what's written in plain text. You can use my public key and something like GPG (Gnu Privacy Guard - other PGP clients are available...) to verify it.
You should get something like this back:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
This bit of text is by me.
Me being Linuxdoc.
Linuxdoc as in me, as in the guy who writes that https://linuxdoctorafcb.blogspot.com.
Thanks for looking.
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEQQTdCYO5KEcdCr1DaGQL8nZBBngFAl09el4ACgkQaGQL8nZB
BnicDwwAh1XgwtDP2uD/UYV/+fslTUwjJjQO8P2QK6euscVsAHFRpyveoDueIY2A
ann1zsdtBSEkUMpoB9JhPOMaftMnjj1s2Zglx2lnH//CxfxLjjrGx9dh2VpD/t9R
07lkoiyEdjuIyWTlZMmqCZZRUlnhUdUWaosk8vYVthoag0gaYtMMdpyVEYM4iD80
PitjRO3jzwofCiS1VW4e8Kvtkzn3GF0H+pw1xFgiaWlHDIbqXykKF9XU1OCvAJgL
iGLhdUqzUWXaZh+jbM4ZNnWk6VZ2/b+Nr5XJy949Qa3V6grPzB7+ODY/CDcjlmW0
Rzkg8XedKliDUXPvZ0WW3PDOJmwZUQ2kR6JE67RsHkkBPlOOvVQgZMCKVzSQ+/dU
dF6dTXsdej1GxNNHWWNOlCywQMBXK9d+QvIIDkNSoRzZc+NRUiSlYlwxKALasI56
R5GTMcktHJakyV1wwzE2BSZiwH2Z9k5cFdpFTyDWVHAX0u5WB/zYoLUVWe37K4zd
EK/+x1EQ
=LxDV
-----END PGP SIGNATURE-----
gpg: Signature made Sun 28 Jul 2019 11:35:10 BST
gpg: using RSA key 4104DD0983B928471D0ABD4368640BF276410678
gpg: Good signature from "Chris Manning (https://linuxdoctorafcb.blogspot.com) <linuxdoctorafcb@gmail.com>" [ultimate]
You can find a basic guide with tips for using GPG here
I'll over-use the wonderful italic and bold formatting tags now, to show how this all fits together. Because if I had your public PGP key, the fun really starts as you then solve problems 1, 2 and 3 completely.
If I was to write an email to you, I would first encrypt it with your public key (ensuring the message's privacy and integrity and confirming the authenticity of the recipient). I would then sign it with my private key, and then send it. Upon receipt of the email, you would use my public key to verify that I am indeed the sender of said email, and that your encrypted mail has arrived unaltered and without tampering exactly as I sent it (verifiable integrity and confirming the sender's authenticity). Next you would use your private key to decrypt the message back to readable English and plain text (or HTML) and thus complete our end-to-end encryption - from my mailbox to all the way to yours - our email remained encrypted and readable only by you. That's PRIVACY, INTEGRITY and AUTHENTICITY all aced and taken care of. All before coffee time.
I should really talk about the Efail bug/vulnerability, and how to combat it (Efail is a bug in the way some mail readers handle S/MIME messages, it's not actually a bug with PGP, or indeed anything to do with PGP).
MORE TO FOLLOW... MAYBE!
No comments:
Post a Comment