Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 (edited) Here's my new one: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.12 (GNU/Linux) mQMuBFIgt6ERCACbVC2wZXMrgayMp404GNtbbP50bH+jTx+vTnCscNAXTqifF9nj 0IyJzSCDrZpbv5z4MaLFrKntFDEMo9DjVrzR2TziAngmihbub9RWZmuCPFiqv+j8 xf9HjaK7yRlHDtGgwDNpvLUTJSNgwXqDMZkDmd4a6UrMNHhoZijS4IUN9Jn9EWqf qpeyyiE2dVBFRfeodasmZ+kC8vnXqQ1xWScldthaIBYWFwMrkUx2BUfYBuVEnVev PUQiExiTYyhTQTZ8SmTuDMMn2NwmHz0NIngv2NUECLGzUPzGjSJVCVJGsrVFvsAf PJmETosSL/5YDLSki+J2yta8n7IP/mnj++TzAQC/EXr15PBb6rQJVdwk2w7b2yys vpzSdHLQZb8pjfoXhwf/fQNb38q2sJrCarFaLl4Xaco7pXXVeX/YJ09UFLGKpf/J P+ljHGpZvSKVyjuJn0HvQthLX3CaIKTo+6OmO3EcRrBjLNtFDzgRDScr5oNOs++x G3HO1J+irZcGhqMmAhnuQmzZaoZzklWspqFxPcLabEFOD2tWfDHxSQw8Wx9dKze4 0a8xma5PdqplhlxVJV8y0XnGGaef+9EBYeZgr2xgei36RC4JNKOh7iqLDkWdrvoh dJqihYFcO9LuXXIl0uLIkvKlGM0dlXpH0P7N1fndHgGsrP4PJ0uR4KSX0srLPSrs WczE3m+MrsR7I+VilXoufbFGbi55QnlZhqebYDsPaAf+JjdZXVdRjhVAsW0RoasY WLHFB4pW2CgC37hnWaicjNak+6Zc7GEtUm2eawb3Fxrt/H0K5ioia+2zKvI7usgY g4s02T+NpKuj+qGU5locpi0Tet2iQ6XM5dTCRGAGvZK542Jk7B1ASLcVgs1Xvoc+ NsiLo0NpjqTJ/rjZJhfL+2+LqHUqn6boFsrzB0kAq9wjyhTNc0pDEGlafbJvaEdS M5aIuTGq+WMxJqrJHd2R/Ea6hg+AC+fH+cCDU8aWvLAhy7a2M8x4yHK0mHcDbpGS KOgNFbyjaSETmYfFFC3BdPyEWjYSiIj7Wm4ZwrlqYDOdHaR7v4OYfswu2w2uC8kT oLQ4RnJhbiBQYXJrZXIgKEZyYW4ncyBsaWxiYW1iaSBnbWFpbCkgPGxpbGJhbWJp QGdtYWlsLmNvbT6IgAQTEQgAKAUCUiC3oQIbIwUJAHanAAYLCQgHAwIGFQgCCQoL BBYCAwECHgECF4AACgkQxro86Ya3T5smPQD7BSM94kgKUzU3i8YVAat7x0Vs8XI3 YTyIhl7rX6QKrNMA/34rNN9tasz4QLpoMHiBU4bqPVFbXgicfi6RqSYyIyXhuQIN BFIgt6EQCAC7b1/Ss0s2qsQ2wdQbU/BcIVEyH5+sthkCLv+l8RO3Nb9pBLhf9x8D 5Caur8Fr1I8h6pyP5Lc+eUtZ3af32WIxm5O63ZquJyjQy7O9z1+9Py7uhEdqGdGA Qq9zdCW1X8Ia7wVEifi7WkvTkgji7S9omoeH9hjE8hx5KR0oWJHsyxeWdudLy6nT L4AYCmWQu5YDvLvTq9j4AZi9p1N6rAtuWw9NmcQLUp+/DgfYyMiMpRwu9+1x+y5e sdh0bBtKxbgsQCD6nfBW/d7A82seZ2aB1+p/0a97EqcCm4dxlaVj8brWPE/GT5PD VZ8Q7zvZQbJkWkffxPNlVkvD9mhljFibAAMGB/9c4T+47I8kFiCUPiWfdkPZkchs VgTva1yBRDdjthfv6s7i94Hbn4bNEagsHaDRiWt4nF8K/UfkO9Yty/EWTUFgOrIJ S6wc2auNSY1Yni6VYXGjcEbUjYCza6vp8/YdiqvBhD1hbvUEMQz6pDTdGqCS+VDF JWl6VpsWnVGqO0CHJtgCFTgHKdg1hdaqqX4vz/FD0M/5Bno9+4FFvJJjKtBu36yu djgB5uEPUB0WD+1IuTuGr1MnPQsMEw7P56H+a6iwryrRZuvLe3/0tIVI5iBG0C2g 0pxP0oUZ465H0uneVIuafZTnvQeHfTRdd42F7943VMbbDMV57xnNg2ZebOg5iGcE GBEIAA8FAlIgt6ECGwwFCQB2pwAACgkQxro86Ya3T5t2CQD+NxLLSu/Lml65LloL AXX5Zusbrs2BMQvVNZk0mnfPy6IBALRgJmw8a7K8VCRJtzBOz1nZxBz94/QVntMp dbowd59J =zsz2 -----END PGP PUBLIC KEY BLOCK----- It appears that Mailvelope is ok for signing with the encryption level it uses but not for actually encrypted emails. Edited August 30, 2013 by LilBambi Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 That time it worked just fine Fran! Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 How do you import keys to WebPGP. It has a tab for public keys but no clickable anything to import keys. Where are you importing it?! Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 How do you import keys to WebPGP. It has a tab for public keys but no clickable anything to import keys. Where are you importing it?! You don't as it reads your keyring. Basically if you installed gpg and generated keys/added them; it will show up in WebPGP. I was having issues as the button in gmail wouldn't work half the time so I tried out mailvelope, and it worked beautifully. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 OK, I don't like that. I use various computers. That's not gonna work for me. I have deleted the key. I will remake one later. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 OK, I have created one locally and will be upload to http://pgp.mit.edu -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.12 (GNU/Linux) mQMuBFIgwtMRCADPP04lUB8g1Cd8EP0diafTjenlI1EaD+2xm27bOk34aHs0NWFL d+xb8M0vLDjTKqMJdwHIyJjJmbkkaOeVvnDxXfR389uDUiMW4F2V02KZqsLE0bb5 NZ0imykyD22BQGtwlEASkQao9FWbF/qXFwuy6WMvukb3rr1651kT6y7dOoOpBleY XEOH/ra26QwapO7wurBRGOVqiSTeesUIJEfprdQSWx69seQ1d82+r6/fEzb25HcV pZcNjhz13c26ms4bwT6sAy2tdqPkVgrGe2JkBoz4k+5sEedAtuwQjp7MprXC982V NnAnwIazhEXr5bmgxmkpGz49xmxfw22n2Rp/AQCV2ZVRaDs2YTrlFXD29qUWVcnt BY3EDYtQ5gokvlFnKQf/ZfXJlB1kqqPdVgXKV5nVpfPZupiF2YhlJdlHmzpAw4r4 hjHFk6DcpzuyewuyQI6IKyx9bHE5i1Zk4K+WuHwA1jRV5FoJ9/YgZEAHt4f4ccPV D5xenWJCEHEgdr/JJUql7FxJcTUedbJafiSB4Hmz8RC/Xd8dk7Z8P1bEjOx55rRq gDP+pyIDz0t/ynuW7lovU0g3SWUgLPFMQTarv80HdZ+CUWyig00K0L56vlCsXwhy k0BQMKeP/lmwS0wmo2g8koCu1go12QUnLpY2Rrkp56VPzgkF7Qs6GcQGHwZtyPVQ 6JYdyoiZr8fq5FVJQFCyl8CiV6RsXK0ZEqyWP/b81AgAtWqcc89foDZIjeHoPsEq ZC8WeLgt4bpvw1v03pdZKw/JytZPOIE46ys9sLKs1lQwRWRUOXsFcJ42fcASLcW1 T/jpr4kiRqQOOo6ZU6FCA8C2DNzPADZOGrCWPnFXWqohNo8hqhaIOWEUiRwQVhzs zuqsqYsSTBVFMEWnVibGEu95qR536+BuHKu5ZdTNL33l+5UEloiUzciswk/bFNz+ iuh8LfwgSDGx0jdrkwOsGfJWp9/nLtl6Mv0liYyAe8bH9VYPbvfO/xnVKeIm1O4U JqtCGWuUe2JipUZdkh/B7FU+WqwVKwmugG6ZR7MUpYZAga2SnVTLOQQRwMfHE5QV o7QpRnJhbiBQYXJrZXIgKEtleSAjMSkgPGxpbGJhbWJpQGdtYWlsLmNvbT6IeQQT EQgAIQUCUiDC0wIbAwULCQgHAwUVCggJCwUWAgMBAAIeAQIXgAAKCRCYhA92hBf+ aFMyAP9/KnapV0VDKgjRl8uPAYyiW0YWaAv+FLRowAVGpg8sbgEAgzMS44/93u3h K8oqp+nWEcu6Axp+LzLZdkhPn+EA5ky5Ag0EUiDC0xAIAN1uivrHKsFLj0uNA1rT +GI7s5rb2Y0l5H2HDRZY44SqNnBoOfRh0WrdoFlMfXcRk73lXlIBA/G6kVSqGuJI /DH15JcldfolgtqGJJR6LgwJAeGQlGiJclZfT0udExuUjOIvu40u+hUGd7TC61t7 2OGwhu5dK9XpLLnJJMrhmLlzKtTInK8F93ybafElnTVv4IzM53wnRUkeIDdgd2or CMJwq1SMInJ0F5GgdyDAFn/Hwi1C2HHbGUvSsvvAcIjQ/Vul6LgrVY5DbO+xaHCi 9aKdBfd+gLiyr+EDE/X00slEDPJE55dh9hdlrHsQzB1SLR8rJrOG0f7cc/BHNA9O pisAAwUIAJGyXJsDadOJ2nRjgd76Rv7EcFzi4CkKxMNz2ml38eMkFBMv3KJcHUH2 /4G+hYiWRiJe++vCTEWtapKdu5VdXhdt/x1XJTFkA7NS9CA+tC2iUGn2LF5RbFg/ umaY3IquQImdbpyn6+AAxd8aegXjfXpoLKJnPqQcUYfrY3oUi52nhnUGx00/jehc zcg/dJghepFAoLrb9dJ9KskA+/SmGQLPNqHKRV4iGrXDcngXqC3IJq9a19kZi+Kl tL/mnr1OKX9SQWebgQa+KDo2hLe5I/Mlir2IeNfzA1yaG1uH3LDDIzllLbpXTam8 CTHz6W1Y0Yel6PkGf6b0Nwu5M3TjGpOIYQQYEQgACQUCUiDC0wIbDAAKCRCYhA92 hBf+aOfHAQCDEt1DSfOLuLXrrBwWywuJvaeFvuSYdlTgDdsw336QvwD/YY2RdfDe Mxb0pqHc31HI6LUhR7NrhnBB9y1ocMCGcwM= =mRnz -----END PGP PUBLIC KEY BLOCK----- Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 Added Fran! Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 OK! It's working great so far! Have tested with Josh and works both ways with my new key above. I finally decided to go ahead and create my key using commandline linux instead of creating one in Mailvelope. I then imported my keys. Then imported other's keys. And Mailvelope is working great! Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 I create different key sets for different purposes. For example, I have a discrete set for personal document encryption. I also have a set for email encryption only. You get the idea. Fran, I dowloaded your pub keys off the server. I don't know which ones to use for email. If the one above is DEFINITE FOR SURE you pub key for email, I will store it instead of the others I have. Ah... it was the key above that I already had. COOL! 1 Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 Hi Eric, the one with my name with comment key #1 is the correct new key. Sorry for the confusion. I shouldn't have uploaded my key till I was sure it was working right. The the last one I posted here in post #37 is the right one for email. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 I used it for your last interchange of messages via email. Hopefully, all is working. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 I used it for your last interchange of messages via email. Hopefully, all is working. It works for me Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 Oh, yeah! Working well with Josh and Eric! Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 NSA will start tracking our comms for sure now. 1 Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 Well, seems to me they have much more important things to worry about than a few friends emailing back and forth. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 You would think... Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 Well they did say that they monitor and collect all encrypted communication until they can crack it. http://www.forbes.com/sites/andygreenberg/2013/06/20/leaked-nsa-doc-says-it-can-collect-and-keep-your-encrypted-data-as-long-as-it-takes-to-crack-it/ Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 That's their problem. And won't they be surprised when it is just normal emails. Here's a link to my Public Key ... didn't realize you could link to your public key on the server like that. Very cool! Thanks Josh for finding that out. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted August 30, 2013 Share Posted August 30, 2013 Put it in my Sig too. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 Well they did say that they monitor and collect all encrypted communication until they can crack it. http://www.forbes.co...es-to-crack-it/ Good luck with the cracking... Security quality To the best of publicly available information, there is no known method which will allow a person or group to break PGP encryption by cryptographic or computational means. Indeed, in 1996, cryptographer Bruce Schneier characterized an early version as being "the closest you're likely to get to military-grade encryption."[1] Early versions of PGP have been found to have theoretical vulnerabilities and so current versions are recommended. In addition to protecting data in transit over a network, PGP encryption can also be used to protect data in long-term data storage such as disk files. These long-term storage options are also known as data at rest, i.e. data stored, not in transit. The cryptographic security of PGP encryption depends on the assumption that the algorithms used are unbreakable by direct cryptanalysis with current equipment and techniques. For instance, in the original version the RSA algorithm was used to encrypt session keys. RSA's security depends upon the one-way function nature of mathematical integer factoring.[2] Similarly, the symmetric key algorithm used in PGP version 2 was IDEA, which might at some point in the future be found to have previously undetected cryptanalytic flaws. Specific instances of current PGP or IDEA insecurities (if they exist) are not publicly known. As current versions of PGP have added additional encryption algorithms, the degree of their cryptographic vulnerability varies with the algorithm used. In practice, each of the algorithms in current use are not publicly known to have cryptanalytic weaknesses. New versions of PGP are released periodically and vulnerabilities are fixed by developers as they come to light. Any agency wanting to read PGP messages would probably use easier means than standard cryptanalysis, e.g. rubber-hose cryptanalysis or black-bag cryptanalysis i.e. installing some form of trojan horse or keystroke logging software/hardware on the target computer to capture encrypted keyrings and their passwords. The FBI has already used this attack against PGP[3][4] in its investigations. However, any such vulnerabilities apply not just to PGP but to any conventional encryption software. In 2003 an incident involving seized Psion PDAs belonging to members of the Red Brigade indicated that neither the Italian police nor the FBI were able to decrypt PGP-encrypted files stored on them.[5] A more recent incident in December 2006 (see United States v. Boucher) involving US customs agents and a seized laptop PC which allegedly contained child pornography indicates that US government agencies find it "nearly impossible" to access PGP-encrypted files. Additionally, a judge ruling on the same case in November 2007 has stated that forcing the suspect to reveal his PGP passphrase would violate his Fifth Amendment rights i.e. a suspect's constitutional right not to incriminate himself.[6][7] The Fifth Amendment issue has been opened again as the case was appealed and the federal judge again ordered the defendant to provide the key.[8] Evidence suggests that as of 2007, British police investigators are unable to break PGP,[9] so instead have resorted to using RIPA legislation to demand the passwords/keys. In November 2009 a British citizen was convicted under RIPA legislation and jailed for nine months for refusing to provide police investigators with encryption keys to PGP-encrypted files.[10] The above from https://en.wikipedia.org/wiki/Pretty_Good_Privacy No wonder NSA and FBI hate it when people use encryption. That's their problem. And won't they be surprised when it is just normal emails. Here's a link to my Public Key ... didn't realize you could link to your public key on the server like that. Very cool! Thanks Josh for finding that out. Cool. I didn't know you could do that. I have mine served on my home page (click the little house in my siggy) from my own hosting account. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted August 30, 2013 Share Posted August 30, 2013 Yeah good luck cracking PGP (GPG), especially my 4096- bit key Cool. I didn't know you could do that. I have mine served on my home page (click the little house in my siggy) from my own hosting account. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted August 30, 2013 Author Share Posted August 30, 2013 https://noctslackv1.wordpress.com/2013/08/30/bond-james-bond-encrypted-email-4-you/ Quote Link to comment Share on other sites More sharing options...
Corrine Posted September 1, 2013 Share Posted September 1, 2013 A timely article on Malwarebytes blog: Encryption: types of secure communication and storage | Malwarebytes Unpacked 2 Quote Link to comment Share on other sites More sharing options...
goretsky Posted September 2, 2013 Share Posted September 2, 2013 Hello, I think it is very likely that intelligence services have the means to decrypt encrypted data, such as communications and files. In some cases, it might be nearly instantaneous, while at other times, it might require them scheduling computing resources to do so. Such tasking is probably done on a priority basis, i.e., "Is this a matter of national security which represents an imminent threat to the US?" "No." "Okay, go to the back of the queue.", since it delays the processing of other data. You might even get an idea of when something interesting is going on by mapping the thermal output (via satellite) of intelligence agencies' data centers. Regards, Aryeh Goretsky 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 2, 2013 Author Share Posted September 2, 2013 Hello, I think it is very likely that intelligence services have the means to decrypt encrypted data, such as communications and files. I have to disagree with you here, Aryeh, regarding 2-key, random hash PGP encryption. If my understanding of PGP is accurate, there is very little possibilty that anyone can decrypt it using hacking or brute force methods. Unless Big Bro has some fabulously advanced alien technology, I don't see them breaking PGP that easily. Cracking the Code Zimmermann is not optimistic about the investigators' chances of success. "The very best encryption available today is out of reach of the very best cryptanalytic methods that are known in the academic world, and it's likely to continue that way," he said. Sources close to the investigation have suggested that they may even have to turn to talented hackers for help in breaking into the seized devices. One of the magistrates coordinating the inquiry laughed at mention of the idea. "I can't say anything about that," he said. The technical difficulty in breaking PGP was described by an expert witness at a trial in the U.S. District Court in Tacoma, Washington, in April 1999. Steven Russelle, a detective with the Portland Police Bureau, was asked to explain what he meant when he said it was not "computationally feasible" to crack the code. "It means that in terms of today's technology and the speed of today's computers, you can't put enough computers together to crack a message of the kind that we've discussed in any sort of reasonable length of time," he told the court. Russelle was asked whether he was talking about a couple of years or longer. "We're talking about millions of years," he replied. From http://www.pcworld.com/article/110841/article.html 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 2, 2013 Share Posted September 2, 2013 I have to disagree with you here, Aryeh, regarding 2-key, random hash PGP encryption. If my understanding of PGP is accurate, there is very little possibilty that anyone can decrypt it using hacking or brute force methods. Unless Big Bro has some fabulously advanced alien technology, I don't see them breaking PGP that easily. From http://www.pcworld.c...41/article.html That is what I was thinking Eric Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 2, 2013 Share Posted September 2, 2013 Relevant? http://xkcd.com/538/ 1 Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted September 3, 2013 Author Share Posted September 3, 2013 I'm not saying it can't be broken. I'm just saying that from all I'm reading, PGP is not a pushover for pimply-faced Russian hackers named Yuri. Who really knows what the NSA can and cannot do? Know what I mean, Jelly Bean? 1 Quote Link to comment Share on other sites More sharing options...
goretsky Posted September 3, 2013 Share Posted September 3, 2013 Hello, The underlying algorithms might be secure (or at least highly-resistant), but that does not mean every implementation of them is. If I were trying to keep information from law enforcement, I would not rely on encryption alone. Regards, Aryeh Goretsky 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted September 3, 2013 Share Posted September 3, 2013 Hello, The underlying algorithms might be secure (or at least highly-resistant), but that does not mean every implementation of them is. If I were trying to keep information from law enforcement, I would not rely on encryption alone. Regards, Aryeh Goretsky Agreed but I imagine GnuPG is a good implementation due to it being open source. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.