Mercurial > lilug > gpg
changeset 7:431e14ce74f8
Handout is done
| author | Josef "Jeff" Sipek <jeffpc@josefsipek.net> |
|---|---|
| date | Tue, 08 Aug 2006 18:54:58 -0400 |
| parents | 32a5f6b01723 |
| children | c67713358644 |
| files | handout.tex |
| diffstat | 1 files changed, 137 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/handout.tex Tue Aug 08 18:54:58 2006 -0400 @@ -0,0 +1,137 @@ +% two sided printing +\documentclass[letterpaper,12pt]{article} + +\usepackage[reset,margin=1in]{geometry} +\usepackage{url} +\usepackage{epsfig} + +\title{\huge GPG\normalsize} +\author{Josef ``Jeff'' Sipek $<$jeffpc@josefsipek.net$>$} +\date{} +\twocolumn +\begin{document} +\maketitle +\vspace{0.75cm} + +\noindent\fbox{ +\begin{minipage}{0.9\linewidth} +{\bf Cryptography}, n. + +The science which studies methods for encoding messages so +that they can be read only by a person who knows the +secret information required for decoding, called the key +\end{minipage} +} + + +\section{History} +\begin{itemize} + \item Caesar cipher -- used by Julius Caesar to deliver messages to + his generals. A simple substitution cipher which relied on the + illiteracy of majority of people. + \item ROT13 -- ``modern'' version of the Caesar cipher. It shifts + all characters by 13 instead of 3. Since there are only 26 letters + in the english alphabet, an interesting effect occurs: encryption + and decryption are one and the same operation! +\end{itemize} + +\subsection{Symmetric ciphers} +Both Caesar and ROT13 are \emph{symmetric} ciphers. That means that the same +key is used during both encryption and decryption. + +Some modern symmetric ciphers include \emph{AES} and \emph{Blowfish}. Both +of these ciphers, with a good key are \emph{effectively} unbreakable with +today's technology \& mathematics. + +The only problem with symmetric ciphers is the fact that the key has to be +agreed upon over a secure channel -- in-person meeting, trusted courier, etc. + + +\section{Asymmetric ciphers} +The solution to the problem is ``simple'' --- it is called \emph{asymetric} +ciphers. Asymmetric ciphers consist of 2 keys. One \emph{private} and the +other \emph{public}. The public key is exactly that, public. You can post it +on your website and not worry about a thing. The private key should be kept +secure at all times. The private key allows you to do all the cool things. +:) + +\subsection{Generating a key-pair} +Large random numbers are the basis of modern cryptography. + +\noindent +\begin{minipage}{0.5\linewidth} +\begin{center} +\epsfig{file=Public_key_making.eps, scale=0.45} +\end{center} +\end{minipage} + +\newpage +\subsection{Uses} +Such key-pair can be used to: +\begin{itemize} + \item Sign/Verify signature + \begin{itemize} + \item Sign with private key + \item Verify with public key + \end{itemize} +\end{itemize} + +\noindent +\begin{minipage}{0.5\linewidth} +\begin{center} +\epsfig{file=Public_key_signing.eps, scale=0.45} +\end{center} +\end{minipage} + +\begin{itemize} + \item Encrypt/Decrypt + \begin{itemize} + \item Encrypt with public key + \item Decrypt with private key + \end{itemize} +\end{itemize} + +\noindent +\begin{minipage}{0.5\linewidth} +\begin{center} +\epsfig{file=Public_key_encryption.eps, scale=0.45} +\end{center} +\end{minipage} + +\section{GPG commands} +\noindent{\bf Generate a new key-pair}:\\ +\noindent{\texttt gpg --gen-key}\\ + +\noindent{\bf Sign a file}:\\ +\noindent{\texttt gpg --clearsign \emph{filename}}\\ +\noindent{\texttt gpg -a --sign \emph{filename}}\\ + +\noindent{\bf Verify a signature on a file}:\\ +\noindent{\texttt gpg --verify \emph{filename}}\\ + +\noindent{\bf Encrypt a file}:\\ +\noindent{\texttt gpg --encrypt \emph{filename}}\\ +\noindent{\texttt gpg -a --encrypt \emph{filename}}\\ + +\noindent{\bf Decrypt a file}:\\ +\noindent{\texttt gpg --decrypt \emph{filename}}\\ + +\subsection{Nasty, eh?} +Since using GPG directly is rather nasty, people have developed many +GUI/console frontends, as well as integrated GPG functionality right into +their applications. For example, Kmail, mutt, both integrate with GPG very +nicely. + +\section{Resources} +Images shamelessly stolen from Wikipedia. + +\begin{itemize} + \item Wikipedia \\ + \url{http://en.wikipedia.org/wiki/Asymmetric_key_algorithm} + \item GNU Privacy Guard \\ + \url{http://www.gnupg.org} + \item OpenPGP Message Format \\ + \url{http://www.ietf.org/rfc/rfc2440.txt} +\end{itemize} + +\end{document}