You can also sign other documents that require owner authenticity. On BigLumber, you can find the nearest listings of individuals who can sign your public key that would ultimately increase your web of trust. Any person doing such verification should verify the details with any governmental identities before signing the public key. If there are more people who have signed your public key using their private key, it means that they verify that the person who is claiming to be you is only you. Signing of public keys by other’s private key increases your web of trust. Now lets see what this signing of public key means. There are websites like BigLumber which allow you to list your public keys and allow signing of your public keys by others. Doing so will allow them to send you encrypted messages in case they have to send you sensitive information which can only be decrypted by you having that private key with you. Now you can upload your public key to the keyserver for other people to have access to them. If you don’t allow anybody to even touch your PC, then there is not even a need to provide passphrase in which case you must make it very very sure that the private key inside your PC is not at all accessible to anybody via any means.Īfter all the required information, your keys will be generated. It is recommended that you provide a good passphrase depending on how often you give your PC or laptop to other people to use. Whenever you make use of your private key ( say to decrypt messages which inevitably require private key ), it asks for the passphrase to first unlock that private key and then use that to decrypt messages. It will also ask for a passphrase, it is like a password to unlock your private key. It will ask you your basic information like Real name (it is recommended that you keep your name same as it is on your passports etc. Since the program is too interactive, you should be able to figure it out what it is asking and provide it the necessary information. It will ask you the required information. For ubuntu users :Īfter installing this, you need to generate your key. But the process should be same in any other distro since the software I will be using is gpg and it is same in other distros too.įirst install the gpg software using your package manager. I will demonstrate how to setup the GPG in ubuntu. In this system, the same key which is used for encrypting the data is used for decrypting the data, so its less secure than the public key cryptography. There is one more concept of symmetric keys. Hence it is a very secure method of sharing extremely sensitive information. And since you are the only person having that private key, you are the only single person in the world who can decrypt those messages sent to you encrypted using the corresponding public key. Since we are using public key cryptography, that encrypted message can only be decrypted by the private key. Now anyone having the copy of your public key can encrypt the messages and send messages to you. The private key as the name tells should not be made public to any person. This public key as the name tells is public and can be shared with any other. The transmitter transmits the message after encrypting it with a special key called ‘public key’. Public Key cryptography is a very secure way to share messages between two parties. If you are new to public key cryptography, I would like to showcase the concept here. One is a standard and other is a software made over that standard. The terms GPG and OpenGP are the terms that are used too often interchangably but one must understand that these two terms are different. GPG is GNU privacy Guard and it is a software made over OpenPG standards.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |