LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   using mail with PGP (https://www.linuxquestions.org/questions/linux-newbie-8/using-mail-with-pgp-927167/)

xeon123 02-02-2012 10:24 AM

using mail with PGP
 
I'm thinking in sending email with PGP, but I've a question.

If I cipher an email using PGP and send to someone, the receiver has to decipher the email with a public key. How the recipient receives the key to decipher the email?

anomie 02-02-2012 10:26 AM

You've got it backwards.

You encipher using his/her public key. S/he deciphers using the corresponding private key.

http://en.wikipedia.org/wiki/Public-key_cryptography

Public keys are often distributed 1) via keyservers; or 2) in person; or 3) through some other sufficiently trusted channel.

If you're sending an email to Alice, she would have already generated her keypair in advance, and gotten the public key to you.

xeon123 02-02-2012 10:35 AM

So if I send a ciphered mail to someone, I need the recipient public key?

If so, I think that PGP is not very easy and practical to use, because I can only send ciphered message to someone that created a public key.

anomie 02-02-2012 03:40 PM

Quote:

Originally Posted by xeon123
So if I send a ciphered mail to someone, I need the recipient public key?

Absolutely.

Quote:

Originally Posted by xeon123
If so, I think that PGP is not very easy and practical to use, because I can only send ciphered message to someone that created a public key.

Look at it this way: how can you (effectively) encipher a message without a key? Same problem would apply with symmetric encryption, except those keys are more difficult to safely distribute.

chrism01 02-02-2012 07:08 PM

This++. The point is that a public key is 'public'; with symmetric keys you have to maintain secrecy and that's hard...

xeon123 02-03-2012 03:27 AM

But PGP implies that someone must have already the recipients public key. From what I understood from the previous mail is that, I can't send a ciphered mail to someone for the first time that I contact him, and if the recepient doesn't use PGP, I also can't send ciphered mail.

This why I think that PGP is not very pratical. Right?

jebe88 02-03-2012 04:39 AM

What you say has nothing to do with PGP in particular.
Why would you want to encipher an email? Because you want only the intended recipient to be able to read that mail and nobody else shall be able to decrypt the message successfully. So the recipient and you must have exchanged some sort of secret like a special cipher algorithm or a key to use for ciphering or a special hardware or something.
Of course, you can't send a ciphered mail to someone you have never exchanged a secret with. If no such secret would be needed to decipher your mail, anybody would be able to do it.
So, to send encrypted mails to somebody, you first send her/him an unencrypted email containing your public key. The recipient verifies, that the received public key really belongs to you, maybe by calling you on the phone or so. Then she/he sends her/his public key in return. Now that you both have the public key of each other, you encrypt mails to her/him with the public key you received and she/he uses your public key.
To make the initial key exchange a little bit easier, public key servers are available. Once you've created you public/private key pair, you can upload your public key to those servers. If someone want's to send you an encrypted email, she/he can search on the servers for your public key by typing your email address.

xeon123 02-04-2012 11:50 AM

So imagine, that someone (Eve) found that user Alice uses PGP.

Eve can monitoring Alice communications 24/7 to get the public key. After Eve get the public key from Alice, she can decipher all the mail that Alice will send.

If this is right, PGP is not really useful. Right?

jebe88 02-04-2012 12:08 PM

No, that's wrong. Remember you have a pair of keys, the public one which everybody can have free access to and your private one, which only you have and which you'll never ever give to anybody else.
Everybody can encrypt mails with your public key, but only you will be able to decrypt them, because you are the only one who has the _private_ key which is required for that operation.
Eve may get the public key of Alice from a key server as well without the need of monitoring Alice's traffic or she can even ask Alice for her public key and it's perfectly safe for Alice to give it to her. Eve can send encrypted messages to Alice then but only Alice will be able to decrypt them, because only Alice has the private key that matches her public one.


All times are GMT -5. The time now is 06:03 PM.