email with pgp - why don't I need to know the key-pair?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
email with pgp - why don't I need to know the key-pair?
I'm trying to understand how pgp email encryption works. I thought that I create a key-pair and that the recipient needs to have both to view my message. However, when I send an encrypted message to myself, using 2 different email providers, all I need to know is the passphrase to decrypt the message.
How come I don't need to know the public & private keys of the sender? I'm assuming that when I put in the passphrase to decrypt the message, the correct passphrase automatically uses the private key that was, I'm guessing, sent with the email.
It's about the receiver's key(s), and you do know those...you are the receiver. (If I grokked correctly)
(I found that picture by searching for "pgp encryption" (no quotes). Please do that and read the documentation, as Michael Uplawski suggested.
Thanks. Ok, yes, I'm confused. In the diagram, i'm assuming that the "random key" is the "session key". Either way, the random key encrypts the 'data'. But then it says that the 'random key' is encrypted using the "receivers" public key. But I don't know the receiver's public key, at least not when I am using email whereby I create a key-pair using key-gen. I just click the encryption icon after creating a key-pair, and the message is encrypted and then decrypted by receiver through using the correct passphrase answer.
I can see that if someone were sending an non-email encrypted message that, based on the wiki diagram, that they would exchange public keys. But I would have thought that the sender would have to send the recipient the sender's private key to unlock the message.
Is the "random key" = "session key"?
Even if you encrypt the random key with the recipient's public key, how is that safe since potentially 'everyone' could have that public key?
If I take the session key and encrypt it with recipient's public key, and recipient's private key opens gives access to the random key/session key, isn't the session key/random key protecting the data and you need another key to decrypt the session key/random key?
It seems apparent that using PGP with email is different from using PGP with another client or form. What other forms are there besides phone apps which, I'm guessing, don't require the recipients public key?
Sorry that you're confused.
Even if I knew the specific answer, I doubt I'd post it here, given that searching for it in your favorite search engine will give you the answer. You just need to read more. I thought the wikipedia page was a good start.
It doesn't make sense to expect us to type out what you can find on your own.
That said, are you having trouble finding the documentation?
I there something specific that you don't understand? (asked in #2)
Sorry that you're confused.
Even if I knew the specific answer, I doubt I'd post it here, given that searching for it in your favorite search engine will give you the answer. You just need to read more. I thought the wikipedia page was a good start.
It doesn't make sense to expect us to type out what you can find on your own.
That said, are you having trouble finding the documentation?
I there something specific that you don't understand? (asked in #2)
Thanks. Yes, I need to read more, I'll agree with that. But I have to say that if understanding PGP encryption, key-pairs, etc, were not confusing, even given all the info about them online, millions more people would be using them.
I see there is symmetric encryption, which seems to relate to the email encryption, and also there is 'gpg' and 'pgp'. And there is 'ecrypt' and 'veracrypt'. Veracrypt would not download for some reason, server error.
I was able to encrypt a folder/ directory so that it can not be deleted. And I encrypted the file in the folder. But then I was able to delete the encrypted file in the encrypted folder, in which case, encrypting them was pointless b/c it did not save my file from being deleted.
To encrypt the folder, I used "sudo mount -t decryptfs ~/file ~/file". During the process it asked me if I wanted a clear text passthrough and if I wanted to encrypt the file (I think that's what it was), but the program would only work if I put yes for #1, and no for #2.
To encrypt the file I used "gpg -c filename".
There must be a way to prevent the file from being deleted, or, not even being able to get to the file since I would think an encrypted folder would protect the contents, otherwise, what's the point?
Thanks. Yes, I need to read more, I'll agree with that. But I have to say that if understanding PGP encryption, key-pairs, etc, were not confusing, even given all the info about them online, millions more people would be using them.
Quote:
Originally Posted by ttpp
I see there is symmetric encryption, which seems to relate to the email encryption, and also there is 'gpg' and 'pgp'. And there is 'ecrypt' and 'veracrypt'. Veracrypt would not download for some reason, server error.
I was able to encrypt a folder/ directory so that it can not be deleted. And I encrypted the file in the folder. But then I was able to delete the encrypted file in the encrypted folder, in which case, encrypting them was pointless b/c it did not save my file from being deleted.
To encrypt the folder, I used "sudo mount -t decryptfs ~/file ~/file". During the process it asked me if I wanted a clear text passthrough and if I wanted to encrypt the file (I think that's what it was), but the program would only work if I put yes for #1, and no for #2.
To encrypt the file I used "gpg -c filename".
There must be a way to prevent the file from being deleted, or, not even being able to get to the file since I would think an encrypted folder would protect the contents, otherwise, what's the point?
@linx9 and ttpp, and more towards ttpp since you seem to involve yourself as the first person, with discussions initiated by linx9:
This continued posting in the same thread with multiple accounts is not helping your fellow LQ members understand the problem flow correctly and tends to cause greater confusion.
Your fellow LQ members should not have to discern who is providing updates and feedback for a technical thread question.
Please refrain from this behavior moving forwards. Either always use a single account per problem, or do not post from two accounts as the originator/owner of a problem.
@linx9 and ttpp, and more towards ttpp since you seem to involve yourself as the first person, with discussions initiated by linx9:
This continued posting in the same thread with multiple accounts is not helping your fellow LQ members understand the problem flow correctly and tends to cause greater confusion.
Your fellow LQ members should not have to discern who is providing updates and feedback for a technical thread question.
Please refrain from this behavior moving forwards. Either always use a single account per problem, or do not post from two accounts as the originator/owner of a problem.
PGP/GnuPG e/mail is a question that is simple on its surface and complex in careful study.
PGP keys are generated in pairs: a "private" key ( which you keep ) -- and a "public" key -- which you post to the keyserver or provide to your correspondents
Once you have posted your public key to the keyservers I can encrypt a message for you -- using your public key. I could post this message on a public web page -- and still -- no one would be able to read it without your private key
that's the simple part
I could also sign the message for you, using my private key. And you could then download my public key from the keyservers, and with that -- your could verify my signature.
but this is where the subject gets deep: how do you satisfy yourself that you have MY public key -- rather than some sort of fake or error ?
you have to validate the digital fingerprint of the key:
Code:
EB17451DCBD3089F8095500EF6E941B14DEA0DAD
at this point the only information you have is: you got this key from someone who posts on the Linux Questions BBS
how are you going to validate my identity ?
phone call? meeting in the conference room? IT Security Officer checks it for you ?
you have to do something: no one is going to give you security.
once you have satisfied yourself that you have the correct key then: you sign my public key on your keyring. This will change its state to VALID -- indicating that you are satisfied that you know who the key belongs to.
do not confuse this with TRUST. Trust is another matter entirely, related to whether or not you trust me to validate other peoples keys for you. Be very careful at this point: it's here the entire x.509/SSL process breaks down.
a huge amount of computer hacking is facilitated by "phishing". The "phishers" compose and send e/mail messages that look official. These may even be spoofed to look like they are from your boss, or your insurance company, or your bank -- or even the IRS. In reality the "phish" contains HTML code with virus scripting, or documents containing bad scripts or vBasic or such that re-direct your browser to a criminal controlled source. You may not recognize that you have been re-directed to a criminal resource because unless you have proper authentication for sites that you should use. This can end up in bank fraud, or ransomware, black-mail or other crime, and, all too often, does.
and this is facilitated because e/Mail -- and too much of our electronic communication -- is NOT AUTHENTICATED
I'm a proponent of electronic authentication, and particularly, PGP/GnuPG -- which is why I'm writing this post.
Last edited by mike acker; 07-21-2019 at 09:20 AM.
PGP/GnuPG e/mail is a question that is simple on its surface and complex in careful study.
PGP keys are generated in pairs: a "private" key ( which you keep ) -- and a "public" key -- which you post to the keyserver or provide to your correspondents
Once you have posted your public key to the keyservers I can encrypt a message for you -- using your public key. I could post this message on a public web page -- and still -- no one would be able to read it without your private key
that's the simple part
I could also sign the message for you, using my private key. And you could then download my public key from the keyservers, and with that -- your could verify my signature.
but this is where the subject gets deep: how do you satisfy yourself that you have MY public key -- rather than some sort of fake or error ?
you have to validate the digital fingerprint of the key:
Code:
EB17451DCBD3089F8095500EF6E941B14DEA0DAD
at this point the only information you have is: you got this key from someone who posts on the Linux Questions BBS
how are you going to validate my identity ?
phone call? meeting in the conference room? IT Security Officer checks it for you ?
you have to do something: no one is going to give you security.
once you have satisfied yourself that you have the correct key then: you sign my public key on your keyring. This will change its state to VALID -- indicating that you are satisfied that you know who the key belongs to.
do not confuse this with TRUST. Trust is another matter entirely, related to whether or not you trust me to validate other peoples keys for you. Be very careful at this point: it's here the entire x.509/SSL process breaks down.
a huge amount of computer hacking is facilitated by "phishing". The "phishers" compose and send e/mail messages that look official. These may even be spoofed to look like they are from your boss, or your insurance company, or your bank -- or even the IRS. In reality the "phish" contains HTML code with virus scripting, or documents containing bad scripts or vBasic or such that re-direct your browser to a criminal controlled source. You may not recognize that you have been re-directed to a criminal resource because unless you have proper authentication for sites that you should use. This can end up in bank fraud, or ransomware, black-mail or other crime, and, all too often, does.
and this is facilitated because e/Mail -- and too much of our electronic communication -- is NOT AUTHENTICATED
I'm a proponent of electronic authentication, and particularly, PGP/GnuPG -- which is why I'm writing this post.
Thanks. Interestingly, I have read all about everything above, truly. And I got to the point about authenticating the digital fingerprint. That's where I'm at now. I remember reading about "keyring", but have not delved deeply into it yet. I know nothing about it at this point.
So, if you send me a message with my public key to encrypt it, as it shows in wiki diagram, what is the "risk"for me to use my private key to unencrypt it? Thanks.
Thanks. Interestingly, I have read all about everything above, truly. And I got to the point about authenticating the digital fingerprint. That's where I'm at now. I remember reading about "keyring", but have not delved deeply into it yet. I know nothing about it at this point.
So, if you send me a message with my public key to encrypt it, as it shows in wiki diagram, what is the "risk"for me to use my private key to unencrypt it? Thanks.
The interesting thing about PGP is that while it provides the basis for authentication, integrity, and security for messages, e/mail, and documents of any sort it is not an easy concept: each user must make the commitment to VALIDATE KEYS.
a word about Operating Software: use a secure O/S. If your O/S is compromised encryption software will not be able to provide you with any protection.
You asked
Quote:
what is the "risk"for me to use my private key to unencrypt it?
In a secure environment this will be safe. If your O/S is running a root kit then you do not have complete knowledge regarding what you computer may be doing. A rootkit could steal your entire keyring, export your e/mail contacts list, steal your PGP password along with your other passwords along with the plain text of all the messages you have decrypted.
Thugs could break into your home and make off with your computer. Unless you are using whole disc encryption they can then easily steal most of the data on your machine. Your secret key would remain locked, and if you're using a good password manager such as Keepassx then you passwords file will also remain locked.
These are important things to think about in this "Digital Age".
Some operating software is reasonably well secured while some operating software is hopeless. Today we face questions regarding firmware. It is unclear as to the nature of the threats now presenting. Hopefully this will begin to clear up as more fines are levied against companies for lapses in security. These fines will, perforce, push responsibility onto the sources of insecure products.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.