asymmetric cryptography by David Kumar
Content What is a asymmetric Cryptosystem? How Public Keys can be trusted GnuPG Creating Key pair Handle the keys Thunderbird Questions?
Review: asymmetric cryptography Public Key Secret Key Review
How Public Keys can be trusted Authority Infrastructures Public Key Infrastructure (PKI) Financial transaction Cross certification Company's Web of Trust GnuPG Review How Public Keys can be trusted
Public Key Infrastructure Often used in combination with Hardware Review How Public Keys can be trusted
Cross certification Review How Public Keys can be trusted
Web of Trust allows anyone to sign anyone else's public key Review How Public Keys can be trusted
GnuPG Under GNU General Public License Web of Trust Command line Tool But there are some GUI’s for: Instant messaging Email Etc. http://www.gnupg.org/ Review How Public Keys can be trusted GnuPG
Creating Key pair gpg --gen-key (generates the sec. and pub. key) Algorithm: DSA/ ElGamal Key length 1024 – 4096 bits duration of validity Valid for ever Valid for specific time: days, weeks, month, years Personal Information Name, Email address Passphrase Review How Public Keys can be trusted GnuPG
Creating Key pair Digital Signature Algorithm ElGamal (al-Dschamal) Based on Diffie-Hellman: Review How Public Keys can be trusted GnuPG
Example GnuPG Key Review How Public Keys can be trusted GnuPG -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.7 (MingW32) mQGiBEdXIhgRBADTv+EasL+ZVWbkb42eq37vNNmXD8JoNFCCaDrCdZmLrFc2S4Pq Wb63jmtlaZ0QG9BG8RcMxo7fPeoUZu1W6abHm29b+E1cDqBp8RdTrcRcbMnW9A5w Yrfga5Rc5f3eL9rRGcddq2zoSf86jNjoJoAuJWP20dPTTG7RtaqSazH12wCg1A8I MOrirxgsl/rxaNr+UoAUOykD/iOXD3jVIiLgGQi2pAgJlHANrtOj13FoUWLVYbuR QT+Sy6FI5uHxopYaj7B2FydWFeBZh16dtaFT0v5zR8auEDA7EIG0WldkmdRBo115 IS7MpSX6WGqoaRCH9sW/UO1Qz+ZEjSZ8T7nQTGvsa/pNmQQyIArTpf04gAfl+W2C kQ0lBADTuw90GAyNZBkgmYrJNFLjbMX/ogsmscuymHeTBMVTcN56EIQ4B09D6aq2 wQHDjBeEdSOUxnxGyq9yPiNjjzsZ/D3o51VFpITy57xvkWCmlflU9OJ/AF3mgYz+ rXxkHeuRzNR2oOfyDTGxD8hF5qXNsXxRuJzANgDqz9aflzBW07QkRGF2aWQgUy4g S3VtYXIgPGRza3VtYXJAY2xlbXNvbi5lZHU+iGAEExECACAFAkdXIhgCGwMGCwkI BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAwvq2f1WC3UrIpAJ4z4cO46tiq7U+wQQ1U JVeJWIMxBQCfRy9W+q/RNIIaOLFK7h+Lh/hGXle5Ag0ER1ciGBAIAMkRCgBtzkvM 3TQ/Boxwgzoy6w6gxOJQAArKKww+cI3FPEAp5LaZ3xlCgGIPTetJrIk07hBkdrxn MECTaQSTzsnwrBmkmwqJ+QCRZ7VNEwTHg2l5P5ag3fsVZUde77lcw9YXQ/U06aQy KHLw3urdy9tZNAf8lTneV1ySRug7EXhceJvGKOQGbpd/y8nxkSoiccGqtJixcDf+ 0T+UZ+AvG2nt62sDpknj06xP5L/IaFiordD4xse3dHfLkwCl6MT9FIy1i+GSTHTh Mji3/m+UMOzO3iPgDdiwXEG9NcCYN5ZdWauOmxzXi4963FFu8tTS9lrEJoBWnUvz V7VqQAqe1gcAAwUIAJG4J8VW8gNNMgLTRu8UliZptaPXVibqz7FvPNI1BcvxjUUg XjVLsuo1BtBgzt+CIDVbheIZdwJyEADoWW/szBbusWANVtH/oGrZHA7afJz4IfAq OBzk1Alo26LrPL2sqP4iaOvzQxO6PF4m4gGmzgkV+IKfG80fpUwiKGD1W9pLrvY9 h2+9h5bxqld+ojU3qa+E1GwYSNlyb8s/4t2u7V83+UaUXXiAq+YLABWGnVvkq8oZ juYiAm6W8pqt+6bF96szWx8L7Yr/72GFfFFX4ME9Q8IY8StLtttlUKb8dom2R5sI 4O5G5Lv9rd0qYL0r55ScXvR2r2kesVfpYhp+8AKISQQYEQIACQUCR1ciGAIbDAAK CRAwvq2f1WC3UudMAJ43HZzBbzMPSGXTkpvxnzRu3hl5jACdF3yjHtcvi6AUVD43 njN97QZLRu8= =6ABD -----END PGP PUBLIC KEY BLOCK----- Review How Public Keys can be trusted GnuPG
Key Export / Import Export: Import Show all keys: gpg --export [UID] –o filename Why export? Import gpg --import [Datei] Why import? Show all keys: gpg --fingerprint Review How Public Keys can be trusted GnuPG
Signing a Key gpg --edit-key UID Be careful to sign Keys! sign Review How Public Keys can be trusted GnuPG
Thunderbird Enigmail Thunderbird Add-on: for GnuPG Review How Public Keys can be trusted GnuPG
Enigmail Review How Public Keys can be trusted GnuPG
Thunderbird Review How Public Keys can be trusted GnuPG
Thunderbird Review How Public Keys can be trusted GnuPG
Questions? Review How Public Keys can be trusted GnuPG THE END