Presentation is loading. Please wait.

Presentation is loading. Please wait.

Crypto Party ATX Shameless self-promotion Visit us at https://CryptoPartyATX.orghttps://CryptoPartyATX.org Step-by-step guides on how to encrypt your s,

Published byKelly Hunt Modified over 8 years ago

Similar presentations

Presentation on theme: "Crypto Party ATX Shameless self-promotion Visit us at https://CryptoPartyATX.orghttps://CryptoPartyATX.org Step-by-step guides on how to encrypt your s,"— Presentation transcript:

1 Crypto Party ATX Shameless self-promotion Visit us at https://CryptoPartyATX.orghttps://CryptoPartyATX.org Step-by-step guides on how to encrypt your emails, text messages, files and folders Guides to maintaining your privacy by choosing stronger passwords and securely deleting data Info on upcoming parties Need help? Email plexiglass@riseup.netplexiglass@riseup.net Please contribute! Let us know if you have any questions; chances are someone else has those questions, too. If we know where it’s unclear, we can make those parts better. Can you do it better? Let us know how, or do it yourself and send it to us!

2 Tonight’s Topic: Email Encryption Basics of Encryption in General Definition and Examples Keys and Key Pairs What Email Encryption does and does not do How to set up Email Encryption Questions?

3 Encryption An Introduction

4 What is Encryption? Encryption is a means of putting text (or any computer data) into a secret code, so only the intended person can read it. A cipher or algorithm is the set of rules or instructions that shows how to write a message using the secret code. Historical examples: Caesar’s Cipher, Enigma Machine, PGP Commonly substitution and/or transposition Substitution: switching particular characters for others Transposition: moving characters around using set rules Keys – essentially just long passwords, but they also help determine how text is substituted and transformed

5 Substitution Examples Substitution is the process of switching letters with other letters in a specific way, so the letters can be un-switched later if the reader knows how they were switched, or if the reader can figure out how they were switched. Reverse-Alphabet ABCDEFGHIJKLMNOPQRSTUVWXYZ ZYXWVUTSRQPONMLKJIHGFEDCBA The message “HOWDY” is written “SLDWB” Caesar’s Cipher – Shift letters 3 spaces ABCDEFGHIJKLMNOPQRSTUVWXYZ DEFGHIJKLMNOPQRSTUVWXYZABC The message “HOWDY” is written “KRZGB”

6 Transposition Examples Transposition is the process of changing the text in a specific way, so that it can be un-changed later if the reader knows how it was changed, or if someone can figure out how it changed. Reverse characters MEET US AT THE NEXT CRYPTO PARTY YTRAP OTPYRC TXEN EHT TA SU TEEM Alternate characters MEET_US AT_THE_NEXT CRYPTO_PARTY ME_SA_H_ETCYT_ATETU TTENX RPOPRY

7 A step further…keys Think about Caesar’s cipher. If he always used the same +3 transposition, then anyone who figured it out or learned it would be able to read all of his coded messages. We need some way to change the code when we need to, and fortunately we have one. This is by adding a key or password to the mix. In a simple way, Caesar’s cipher could be improved by changing how much is added to each letter. Instead of using the same key of 3 every time, we could use the key 4 for one person, and the key 5 for another. We’re still following the same method of adding to the letter positions (i.e., the same cipher), but now we can do it differently for different people. Message +3 Phvvdjh Same message to two parties coded the same way Message +4+5 Qiwweki Same message to two parties w/ different passwords Rjxxflj

8 Keys Keys, along with a cipher, are used to encrypt messages (“plain text”) and/or decrypt coded text (“cipher text”). A key could be as simple as a digit or password, or as complicated as a PGP key. Keys make it more difficult to decrypt the coded message by changing the rules for how things are encoded or decoded. Example: Enigma MachineEnigma Machine Sometimes there are two keys –one to lock and another to unlock: Private Keys (or Secret Keys) such as passwords are used to decode messages. Never share a Private Key with anyone you don’t want to read your coded messages. Public Keys are used to encode messages. There is generally no harm in giving out a Public Key.

9 Single Keys (Symmetric Encryption) Some types of encryption use a single key such as a password. For example, if you encrypt a message with the password “dog”, you would use the password “dog” to decrypt it as well. To send a coded message, you will have to tell someone the key and hope that no one else finds out. If a cipher uses the same key to put something into code as it does to take it back out, then the cipher is said to be symmetric. Message Password Secret Code Message Password Secret Code Symmetric Encryption The same password works in both directions

10 Key Pairs (Asymmetric Encryption) Some ciphers use a different key to encrypt a message than to decrypt it. For example, you might encrypt a message with the password “dog”, but to read the message you would need the password “cat”. If a cipher uses one key to put something into code and a different key to take it back out, then the cipher is said to be asymmetric. In practice, both keys are created at the same time, and form a key pair. The keys in a key pair only work with each other, so any message encrypted with a one key of the pair can only be decrypted by the other key of the same key pair. Message Key 1 Secret Code Message Key 2 Secret Code Asymmetric Encryption One key is used to encrypt the message, but a completely different key is used to decrypt the message. - Key Pair

11 The Advantage of Key Pairs Advantage: Anyone can encrypt a message for you, but only you can decrypt it. If you have a pair of keys that each work in only one direction, then you only need to keep one key secret. The one you keep secret is called the Private Key. The Private Key is used only to decrypt messages*, and it is the only key that can decrypt those messages. The Public Key is used only to encrypt messages. This means you can give it out to anyone, since the only thing someone could do with it is encrypt a message. Because the key is part of a pair, if someone encrypts a message using your Public Key, then only you can decrypt the message because only you have the Private Key. Message Public Key Secret Code Message Private Key Secret Code A Public Key is used to encrypt a message. A Private Key is used to decrypt a message. - Key Pair

12 Summary Symmetric Encryption (with Single Keys) Same key is used to put a message in code and to take it back out of code. Somehow the key must be shared with the recipient without sharing it with snoops. Asymmetric Encryption (Key Pairs) Different keys are used to put a message in or to take a message out of code. The Public Key can be shared with anyone, so anyone can send you a message. The Private Key is never shared, so only you can read the messages.

13 Key Pairs for Email Encryption If I have explained this well, you can hopefully already see why we use Key Pairs for encrypting email messages. Here’s a quick summary: You do not always have a secure way to contact someone. If you only contact someone through email, how could you tell them a password? If you emailed a symmetric password, you might as well not have one, since anyone monitoring the email could see the password and use it just as easily as the intended recipient could. You want to be the only person who can decrypt the message. If you tell anyone a password, there is some chance of them sharing it with someone else. Having one password to encrypt a message and a different password to decrypt it means that you never have to share the password that “unlocks” the messages, but you can tell anyone the password to “lock” a message. There’s no harm in more people finding out how to send a message that only you can read.

14 Purpose of Email Encryption What it does, and what it does not

15 How Private is Email? Would you want to use postcards for nearly every message you send? (You do.) When you send a postcard, anyone who handles it along the way could look down and read the message. Sometimes it doesn’t matter, but I would not want to send every letter this way. Sometimes I want only the recipient to be able to read the message. When you send an email, it’s just about as private as a postcard. Instead of being handed from person to person and sent by truck, however, emails are passed from server to server until they end up at the destination. But like it is with postcards, any server involved in transmitting the message could also read or store the whole message. With email, the following parties could possibly read the message as it goes by: Anyone on the same open or wired network, unless using SSL Your Internet Service Provider (ISP) (e.g., TWC, ATT, Grande, etc.), unless using SSL Your email provider (e.g., Gmail, Yahoo, Hotmail, etc.) Your contact’s email provider Your contact’s Internet Service Provider (ISP) Your contact AND…anyone with access to the data of any person or company above

16 Making Postcards More Private Normal Email Message: Message and Metadata visible Encrypted Email Message: Only metadata visible

17 What Email Encryption Does Email Encryption will allow you to put the content of a message into code. When you encrypt the message using your contact’s Public Key, only your contact will be able to decrypt it; they are the only one with the Private Key of the same pair. If a contact sends you a message encrypted with your Public Key, only you have the right Private key to decrypt it.

18 What Email Encryption Doesn’t Email Encryption will not hide the fact that you sent a message It will not hide your email address or your contact’s email address. It will not hide the date or time the message was sent. It will not hide the Subject line of your message. Any snoops will be able to see whom the message was sent from and to, when it was sent, the subject line, and possibly the IP from which the message was sent. But they will not be able to read the message.

19 Setting Up Email Encryption Putting theory into practice

20 Email Encryption in General Here’s how we go about using Key Pairs in Email Encryption: 1. Install an Email Program that supports PGP encryption 2. Install a Key Manager program to keep track of our own Key Pairs and our contacts’ Public Keys. 3. Create a Key Pair. 4. Install an Add-On to the Email Program to let it work with our Key Manager 5. Use a contact’s Public Key to send them a message. Use our own Private Key to read a message from our contact.

21 Email Program - Thunderbird https://www.mozilla.org/en-US/thunderbird/ Thunderbird is an open source email program from Mozilla, the makers of Firefox. It is available for Windows, OS X, and Linux. Download and install Thunderbird, then follow the on-screen steps to add your current email account.

22 GPG / Key Manager Program http://www.gpg4win.org/ GNU Privacy Assistant (Windows) GPA is a key manager included in the the GPG4Win package. GPG4Win is an open-source package implementing many of the features of GPG on Windows systems. https://gpgtools.org/ GPG Keychain Access (OS X) GPG Keychain Access is the key manager included in the GPGTools’ GPGSuite package. GPGSuite is an open-source package implementing many of the features of GPG on OS X systems.

23 Creating a Key Pair First, download and install the key manager program for your operating system. WINDOWS USERS: Please be sure to select the checkbox next to GPA when installing gpg4win Next, find and click “New Key” or something similar. Fill out the requested information and set a password. You now have a key a pair – a private key to decrypt messages and a public key so people can send you messages

24 Thunderbird Add-on: Engimail https://www.enigmail.net/ Enigmail is a Thunderbird Add-on that works with your key manager program. Go to the Add-ons section in Thunderbird and search for Enigmail. Install the Add-on and restart Thunderbird. Check the OpenPGP Security settings in the Account Settings menu to make sure it uses the correct Private Key and encrypts your messages by default (if desired).

25 Sending an Encrypted Message First you will need someone else’s public key. If you don’t know anyone with a public key, you can download mine from our website (or from a keyserver): https://cryptopartyatx.org/content/FE0E7924.asc Save your contact’s public key to a file, and click Import to import it to your Key Manager program (GPA or GPG Keychain Access) Press the “Write” button in Thunderbird and compose an email. (If you’re using my Public Key, send the email to plexiglass@riseup.net)plexiglass@riseup.net Click the lock icon in the bottom right to activate it. When you send the message, it will be automatically be encrypted with the Public Key of the recipient (as long as you imported that key into your key manager program already).

26 Receiving an Encrypted Message If someone uses your Public Key to encrypt a message, then you will use your Private Key to decrypt it. The process is nearly automatic. When you get an encrypted email, as soon as you try to read it you will be asked for a password. Type the password you used when you made your key pair.

27 Questions?

Download ppt "Crypto Party ATX Shameless self-promotion Visit us at https://CryptoPartyATX.orghttps://CryptoPartyATX.org Step-by-step guides on how to encrypt your s,"

Similar presentations

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.

Using Cryptography to Secure Information. Overview Introduction to Cryptography Using Symmetric Encryption Using Hash Functions Using Public Key Encryption.
® Microsoft Office 2010 Browser and Email Basics.

® Microsoft Office 2010 Browser and Basics.
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.

6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
EDW647 Internet For Educators Setting Up a Gmail Account Roger W. Webster, Ph.D. Department of Computer Science Millersville University (717) 872-3539.

EDW647 Internet For Educators Setting Up a Gmail Account Roger W. Webster, Ph.D. Department of Computer Science Millersville University (717)
Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.

Introduction to Online Data Collection (OLDC) Community Based Abstinence Education September, 2009.
Click and Connect - Session 2 More Internet Searching Introduction to Email BenefIT 3 Dept. Communications Energy & Natural Resources www.simpleit.ie.

Click and Connect - Session 2 More Internet Searching Introduction to BenefIT 3 Dept. Communications Energy & Natural Resources
1.3 Control of Information In this section you must be able to: Describe the legal rights and obligations on holders of personal data to permit access.

1.3 Control of Information In this section you must be able to: Describe the legal rights and obligations on holders of personal data to permit access.
Tony BrettOUCS Course Code ZAB 9 February 2004 E-Mail Security – Encryption and Digital Signatures Tony Brett Oxford University Computing Services February.

Tony BrettOUCS Course Code ZAB 9 February Security – Encryption and Digital Signatures Tony Brett Oxford University Computing Services February.
Email June 2013. Email Email is an easy way to communicate. It costs nothing to send an email, but it does require a connection to the Internet. You can.

June is an easy way to communicate. It costs nothing to send an , but it does require a connection to the Internet. You can.
 When you receive a new email you will be shown a highlighted in yellow box where your email can be found  To open your new email just double click.

 When you receive a new you will be shown a highlighted in yellow box where your can be found  To open your new just double click.
August 15 click! 1 Email Basics Kitsap Regional Library.

August 15 click! 1 Basics Kitsap Regional Library.
Email By Laura Trawin.

By Laura Trawin.
HOW TO USE EMAIL BY ALEX ROSS ALEX ROSS. HOW TO CREATE EMAIL ACCOUNT FOR DUMMIES Email is a great way to communicate with others. We can interact with.

HOW TO USE BY ALEX ROSS ALEX ROSS. HOW TO CREATE ACCOUNT FOR DUMMIES is a great way to communicate with others. We can interact with.
COMMUNICATION IGCSE ICT 0417 Section 9.

COMMUNICATION IGCSE ICT 0417 Section 9.
Sending and receiving emails Section 6. Objectives Students will deal with messages, send and receive messages, reply to emails, sorting emails and how.

Sending and receiving s Section 6. Objectives Students will deal with messages, send and receive messages, reply to s, sorting s and how.
Using Microsoft Outlook: E-mail Basics. Objectives Guided Tour of Outlook –Identification –Views E-mail Basics –Contacts –Folders –Web Access Q&A.

Using Microsoft Outlook: Basics. Objectives Guided Tour of Outlook –Identification –Views Basics –Contacts –Folders –Web Access Q&A.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Remote Assistance  Using this program you can allow someone to work on your computer, chat with you and view your screen with your permission  The other.

Remote Assistance  Using this program you can allow someone to work on your computer, chat with you and view your screen with your permission  The other.
Starter for 10 Unit 7: Using Messenger Transform IT SFT07_messenger.

Starter for 10 Unit 7: Using Messenger Transform IT SFT07_messenger.
ICT Essential Skills. Email (electronic mail) Snail Mail.

ICT Essential Skills. (electronic mail) Snail Mail.

Similar presentations

Ads by Google