awsome, nice work!
i love info on privacy protection.
Communication Techniques - Secure Communciations/Secure Email, page 1
privacy
Pages:
ATS Members have flagged this thread 3 times
ATS Members have flagged this thread 3 times
Topic started on 9-6-2010 @ 11:39 PM by THE_PROFESSIONAL
I thought I would write up a topic expanding on my previous thread on Communication techniques and talk about secure communications.
www.abovetopsecret.com...
I have no background in computers as I am in the medical field, but this is an interest of mine so if I make any mistakes correction would be appreciated. What I don't understand is that these security techniques should come preinstalled into any mail software or even windows itself. It is as if though they do not want the computers secure. Well lets change that shall we.
This thread will look at a methodology to provide secure email communications
using Public Key encryption (asymmetric key) combined with symmetric key encryption to transmit emails.
A little primer on cryptography first. When a message is written and needs to be exchanged between two entities there is a key that is needed to decoded the encrypted message. So the problem arises about how to distribute the key without someone eaves dropping on us and getting the key. The key is a symmetric key and is used to encrypt and decrypt the message. So now we have the problem of distributing a secure key to transmit data. So how do we solve the problem? Via public key encryption systems such as RSA. What a public key system does is
it creates a key pair (public and private) for a user. The private key is kept secret and the public key is shared. A person who wants to send [Person A] a message must use [Person A]'s public key to encrypt the message. The only way to decrypt the
message is using the private key that only [Person A] has. RSA relies on the difficulty of factoring large numbers, there are other algorithms but RSA is widely studied and deemed secure provided the key is sufficient length.
So now we have solved the problem of exchanging a symmetric key using Public key encryption via the RSA algorithm.
So [Person B]-----sends Person B's symmetric key encrypted via person A's Public key to [Person A]
[Person A]-----sends any data to person B using the key provided by person B
So now that we have securely solved the problem of exchanging a key, lets begin with a practical tutorial how to implement secure email communications on a specific email client. I am using Thunderbird from Mozilla and an addon called enigmail.
Here are the files you will need to play around with this:
Thunderbird: www.mozillamessaging.com...
GnuPg: www.gnupg.org...
(scroll down and download "GnuPG 1.4.10b compiled for Microsoft Windows")
Enigmail: addons.mozilla.org...
Install all these files one by one as per instructions.
1.Thunderbird install and add your email account as per instructions:
opensourcearticles.com...
2.GnuPG Install instructions: Pretty simple, I don't think you will need instructions.
3.Engimail install and start instructions (this is what I will focus on):
enigmail.mozdev.org...
Basic Steps:
a: Creating a Public Key pair (remember what we talked about above) --
Click on Open PGP tab under Thunderbird and select Key Management and then
Generate -->New Key pair.
enigmail.mozdev.org...
One thing that it will ask is to create a revocation certificate. You use this certificate whenever you lose your keys and it invalidates your key. It is good to have a backup file of all your keys and revocation certificates.
b: Publishing your public key (remember that when people want to send you
something they encrypt with this key) --
enigmail.mozdev.org...
c: Creating and sending a PGP signed message -- if the recipient knows how to
check signatures then it should work. I belive gmail is experimenting with
PGP signatures which means you should be able to send this from thunderbird
to another gmail client with it working in the near future.
enigmail.mozdev.org...
d: Creating and sending a PGP encrypted message --
In order to send encrypted email to someone you need someones public key. I
have put mine on the bottom for you to play with
email:
Key info:
Public key info:
enigmail.mozdev.org...
How to find my key (search the keyserver and import)
So a few things. On step 3a, when creating a keypair I chose RSA-4096 bit because the SHA-1 hash used in el gamal is not as secure as it should be, there are a few articles related to this topic:
www.debian-administration.org...
The symmetric key encryption algorithm that engimail uses is AES by default I believe. What it does is it creates a unique session key that is unique to each message you send and your message is encrypted via this 'session key' and this 'session key' is exchanged via the RSA method we talked about above.
And here is my email I can use and I am publishing a public key for you to send me secure email :-) Happy emailing
US.government.dod@gmail.com
[edit on 9-6-2010 by THE_PROFESSIONAL]
www.abovetopsecret.com...
I have no background in computers as I am in the medical field, but this is an interest of mine so if I make any mistakes correction would be appreciated. What I don't understand is that these security techniques should come preinstalled into any mail software or even windows itself. It is as if though they do not want the computers secure. Well lets change that shall we.
This thread will look at a methodology to provide secure email communications
using Public Key encryption (asymmetric key) combined with symmetric key encryption to transmit emails.
A little primer on cryptography first. When a message is written and needs to be exchanged between two entities there is a key that is needed to decoded the encrypted message. So the problem arises about how to distribute the key without someone eaves dropping on us and getting the key. The key is a symmetric key and is used to encrypt and decrypt the message. So now we have the problem of distributing a secure key to transmit data. So how do we solve the problem? Via public key encryption systems such as RSA. What a public key system does is
it creates a key pair (public and private) for a user. The private key is kept secret and the public key is shared. A person who wants to send [Person A] a message must use [Person A]'s public key to encrypt the message. The only way to decrypt the
message is using the private key that only [Person A] has. RSA relies on the difficulty of factoring large numbers, there are other algorithms but RSA is widely studied and deemed secure provided the key is sufficient length.
So now we have solved the problem of exchanging a symmetric key using Public key encryption via the RSA algorithm.
So [Person B]-----sends Person B's symmetric key encrypted via person A's Public key to [Person A]
[Person A]-----sends any data to person B using the key provided by person B
So now that we have securely solved the problem of exchanging a key, lets begin with a practical tutorial how to implement secure email communications on a specific email client. I am using Thunderbird from Mozilla and an addon called enigmail.
Here are the files you will need to play around with this:
Thunderbird: www.mozillamessaging.com...
GnuPg: www.gnupg.org...
(scroll down and download "GnuPG 1.4.10b compiled for Microsoft Windows")
Enigmail: addons.mozilla.org...
Install all these files one by one as per instructions.
1.Thunderbird install and add your email account as per instructions:
opensourcearticles.com...
2.GnuPG Install instructions: Pretty simple, I don't think you will need instructions.
3.Engimail install and start instructions (this is what I will focus on):
enigmail.mozdev.org...
Basic Steps:
a: Creating a Public Key pair (remember what we talked about above) --
Click on Open PGP tab under Thunderbird and select Key Management and then
Generate -->New Key pair.
enigmail.mozdev.org...
One thing that it will ask is to create a revocation certificate. You use this certificate whenever you lose your keys and it invalidates your key. It is good to have a backup file of all your keys and revocation certificates.
b: Publishing your public key (remember that when people want to send you
something they encrypt with this key) --
enigmail.mozdev.org...
c: Creating and sending a PGP signed message -- if the recipient knows how to
check signatures then it should work. I belive gmail is experimenting with
PGP signatures which means you should be able to send this from thunderbird
to another gmail client with it working in the near future.
enigmail.mozdev.org...
d: Creating and sending a PGP encrypted message --
In order to send encrypted email to someone you need someones public key. I
have put mine on the bottom for you to play with
email:
US.government.dod@gmail.com
Key info:
Public key info:
enigmail.mozdev.org...
How to find my key (search the keyserver and import)
So a few things. On step 3a, when creating a keypair I chose RSA-4096 bit because the SHA-1 hash used in el gamal is not as secure as it should be, there are a few articles related to this topic:
www.debian-administration.org...
The symmetric key encryption algorithm that engimail uses is AES by default I believe. What it does is it creates a unique session key that is unique to each message you send and your message is encrypted via this 'session key' and this 'session key' is exchanged via the RSA method we talked about above.
And here is my email I can use and I am publishing a public key for you to send me secure email :-) Happy emailing
US.government.dod@gmail.com
[edit on 9-6-2010 by THE_PROFESSIONAL]
reply posted on 10-6-2010 @ 12:37 AM by THE_PROFESSIONAL
reply to post by togetherwestand
Thanks I hope you kinda understood what I was talking about and this kinda introduces you to the world of privacy. I don't know why all email users such as gmail provide automatic support for such types of things. Maybe it seems that they don't want complete security.
The thing is that your account can be secure (IE the password for your account) but the email that you send can be read by anyone in the middle. These are techniques to limit that possibility.
Thanks I hope you kinda understood what I was talking about and this kinda introduces you to the world of privacy. I don't know why all email users such as gmail provide automatic support for such types of things. Maybe it seems that they don't want complete security.
The thing is that your account can be secure (IE the password for your account) but the email that you send can be read by anyone in the middle. These are techniques to limit that possibility.
reply posted on 12-6-2010 @ 04:22 AM by THE_PROFESSIONAL
Here is a list of public keyservers to find keys. Note that just because you found someones key does not mean that it is their key, you need to
authenticate the key meaning verifying that the key really belongs to the person who says it is their key. For instance my key is provided below and
if you see the same key from someone else, you know that one person is not telling the truth. But this is really my key haha. So here are a list of a
few keyservers to browse through and/or upload your keys too.
www.rossde.com...
sks-keyservers.net...
www.openpksd.org...
Happy emailing :-)
www.rossde.com...
sks-keyservers.net...
www.openpksd.org...
Happy emailing :-)
Pages: ^^TOP^^
Pole Shift Survival MotherLoad (14GB) of SURVIVAL information (PDFs)
Posted 1 days ago with 40 member flags
Posted 1 days ago with 40 member flags
Bushcraft On Fire Radio 05/17/2012 : #54...More Budget Bushcrafting, More Stealth and Cooking..
Posted 11 days ago with 29 member flags
Posted 11 days ago with 29 member flags
COOL! You can build all your farm machinery for survival using simple and affordable blueprints.
Posted 14 days ago with 12 member flags
Posted 14 days ago with 12 member flags
Newest topics, updated in real-time:
Newest topics getting flags, in real-time:
Code Name** Stellar Wind. Objective** Infiltrate All. Chances For Sucess** High.
General Conspiracies: 15 hours ago, 22 flags
General Conspiracies: 15 hours ago, 22 flags
"CIA are drug smugglers." - Federal Judge Bonner, head of DEA- You don't get better proof than th
General Conspiracies: 9 hours ago, 19 flags
General Conspiracies: 9 hours ago, 19 flags
Quantum Gravity Model "Loads" "Programs" from NON-PHYSICAL DIMENSION with INVERTED PENTAGRAMS!
Science & Technology: 7 hours ago, 15 flags
Science & Technology: 7 hours ago, 15 flags
As Commandos Raid Tampa, US State Dept Demands Power to Declare War?
New World Order: 17 hours ago, 13 flags
New World Order: 17 hours ago, 13 flags
Defense Department Seeks Legal Authority to Deploy Reservists onto American Streets
Breaking Alternative News: 12 hours ago, 12 flags
Breaking Alternative News: 12 hours ago, 12 flags
Can anybody analyze this video - UFO hovering over houses 26-5-12?
Aliens and UFOs: 8 hours ago, 9 flags
Aliens and UFOs: 8 hours ago, 9 flags
Newest topics getting replies, in real-time:
Porn stars explain how they ended up with Bill Clinton in pictures Hillary eat your hear out!! W/pic
Politicians & People: 15 hours ago, 45 replies
Politicians & People: 15 hours ago, 45 replies
Defense Department Seeks Legal Authority to Deploy Reservists onto American Streets
Breaking Alternative News: 12 hours ago, 39 replies
Breaking Alternative News: 12 hours ago, 39 replies
The Above Top Secret Web sites are a
wholly owned social content community of
The Above Network, LLC.
This content community relies on
user-generated content from our member contributors.
The opinions of our members are not those of site ownership
who maintains strict editorial agnosticism and simply provides
a collaborative venue for free expression.
ATS Server: www2.theabovenetwork.com
Header data: 0.036 seconds
Page processed in: 0.134 seconds
wholly owned social content community of
The Above Network, LLC.
This content community relies on
user-generated content from our member contributors.
The opinions of our members are not those of site ownership
who maintains strict editorial agnosticism and simply provides
a collaborative venue for free expression.
ATS Server: www2.theabovenetwork.com
Header data: 0.036 seconds
Page processed in: 0.134 seconds
