Single file Encryption and Verification

From TWUUG

Contents

Description

Most modern encryption tools use asymmetric file encryption to encrypt data before transmission. In reality those tools can be used for much more, they can be used for Encryption, Decryption, Author Verification and secure checksums.

Asymmetric Encryption

The term asymmetric encryption refers to the fact that each encryption key actually consists of two keys, the Private Encryption Key and the Public Encryption key which must be used to communicate with one another.

Symmetric Encryption

Symmetric encryption refers encrypting and descrypting a file with a ginle key or passphrase. This type of encryption can be useful for one time communications, but offers far less security than Asymmetic Encryption.

Private Key

The Private Key is just that, Private, it is to be kept private and it not to be shared, this file confirms your identity and if stolen can allow other to masquerade as you.

The Private Key is generally used to apply signatures to files and to decrypt files that were send to you.

Public Key

The Public Encryption key is to be shared with others and is generally placed in a public location because it cannot be reverse engineered to obtain your Private Key.

Your public key is used by others to encrypt files so that only you can open them and to allow others to confirm your signature files.


Signatures

Secure Signatures are used to verify the integrity of a file and confirm the original author. In order to run a signature file you must have the author's Public Key.


File Types

  • Keys are generally kept in text files with .ASC, .PGP or .gpg extensions.

These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP PUBLIC KEY BLOCK-----".

  • Encrypted Files as generally kept in text files with the .ASC, .PGP or .gpg extensions.

These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP SIGNED MESSAGE-----".

  • Signature Files are generally kept in text files with the .ASC, .PGP, .gpg or .SIG extensions.

These files can be recognized with e text editor in which you will notice that the top line states "-----BEGIN PGP SIGNATURE-----".

Linux/Unix Applications

  • GNUpg - Free Opensource Command line Privacy Guard.
  • GPA - GUI Front-End for GNUpg utilizing GTK.
  • KPpg - GUI Front-End for GNUpg on KDE.

MAC Applications

  • PGP - A Licensed Non-Free highly standardized Privacy Guard

Windows Applications

  • PGP - A Licensed Non-Free highly standardized Privacy Guard
  • gpg4win - A group of applications to allow CLI and GUI usage of GNUpg on Windows.
The GUI applications have links to the original author sites 
because their functionality can change often and they often have very detailsed F.A.Q.s
Personal tools