Single file Encryption and Verification
From TWUUG
Contents |
Description
Most modern encryption tools use asymmetric file encryption to encrypt data before transmission. In reality those tools can be used for much more, they can be used for Encryption, Decryption, Author Verification and secure checksums.
Asymmetric Encryption
The term asymmetric encryption refers to the fact that each encryption key actually consists of two keys, the Private Encryption Key and the Public Encryption key which must be used to communicate with one another.
Symmetric Encryption
Symmetric encryption refers encrypting and descrypting a file with a ginle key or passphrase. This type of encryption can be useful for one time communications, but offers far less security than Asymmetic Encryption.
Private Key
The Private Key is just that, Private, it is to be kept private and it not to be shared, this file confirms your identity and if stolen can allow other to masquerade as you.
The Private Key is generally used to apply signatures to files and to decrypt files that were send to you.
Public Key
The Public Encryption key is to be shared with others and is generally placed in a public location because it cannot be reverse engineered to obtain your Private Key.
Your public key is used by others to encrypt files so that only you can open them and to allow others to confirm your signature files.
Signatures
Secure Signatures are used to verify the integrity of a file and confirm the original author. In order to run a signature file you must have the author's Public Key.
File Types
- Keys are generally kept in text files with .ASC, .PGP or .gpg extensions.
These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP PUBLIC KEY BLOCK-----".
- Encrypted Files as generally kept in text files with the .ASC, .PGP or .gpg extensions.
These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP SIGNED MESSAGE-----".
- Signature Files are generally kept in text files with the .ASC, .PGP, .gpg or .SIG extensions.
These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP SIGNATURE-----".
Linux/Unix Applications
- GNUpg - Free Opensource Command line Privacy Guard.
MAC Applications
- PGP - A Licensed Non-Free highly standardized Privacy Guard
Windows Applications
- PGP - A Licensed Non-Free highly standardized Privacy Guard
- gpg4win - A group of applications to allow CLI and GUI usage of GNUpg on Windows.
The GUI applications have links to the original author sites because their functionality can change often and they often have very detailsed F.A.Q.s