PGP Public Key and Fingerprint

D922 B7B1 3A4D 9BF9 0927 DCA1 7A14 4B7D A3F4 8305

Paul Garrett Hugel Public Key

What is Public-Key Cryptography?

In short, public-key cryptography solves the age-old problem “how do I communicate with someone securely without somehow exchanging a secret password first?” Exchanging a shared password securely is a hard problem. You may have no way to do so if your communications are monitored.

With public-key encryption, instead of sharing a password, each party generates a “keypair” consisting of a “public” key and a “secret/private” key. Each party can then publish their “public” key to the world or send it directly to the other party, while keeping their secret key private and safe.

If you have Person B’s public key, you can do a few things with it:

  • Encrypt a message that only that Person B can decrypt. (They need their secret key to decrypt it.)
  • Validate that Person B signed a message with their secret key. This also lets you verify strongly that the message was not corrupted nor modified in transmission.

With your secret key, you can do a few things:

  • Decrypt messages encrypted with your public key.
  • Sign messages that others can verify came from you (they need your public key to verify the signature.)

What I Use

I accept and transmit all messages using the OpenPGP format, which is an open standard, (RFC 4880) and the most widely used standard for public encryption, so communication should work with any OpenPGP-compatible program.

GNU Privacy Guard (GPG)

GPG Tools–Macintosh OSX

http://support.gpgtools.org/kb/how-to/first-steps-where-do-i-start-where-do-i-begin

iPGMail–iOS

http://ipgmail.com

Testing some new tools:

Tutanota

Proton Mail