Encrypting, signing, verifying stuff
Alice, Bob, GCHQ
December 28, 2014 — June 9, 2020
tl;dr: Cryptography is complicated and should be made easier since easier is harder to mess up, feasible for normal humans, and it seems likely to me that even people who think they are doing it right the hard way may not be.
UX for most manual methods is terrible. You have to know too many details about how it works, remember too many commands, select too many options, and work out how to do it using antiquated manuals written for übergeeks. The entire field is laced with rabbit holes of confusing research, FUD, and incompetence. AFAICT, a little knowledge is wildly dangerous. Most of us are likely Dunning-Kruger cypherpunks because it looks just hard enough, if you squint, to imagine that, having heard a podcast about the basic principles in outline, we understand how to behave in detail in reality. In cryptography terms, we are hoping our communications are secure from surveillance if we cover them with lemon juice.
Or, more cynically, encryption is not encouraged to be easy because we want to normalize the idea that people who are not terrorist nerds have no right to have secrets from the state. And then there is stuff like Daniel J. Bernstein, Making sure crypto stays insecure speculating that the usability flaws of crypto have been engineered to restrict safe crypto to experts.
Some of the chat programs do ok at making things secure by default even for us idiots. The most general magically functional program is keybase which leverages social media for identity verification of encrypted chat.
Also, the choice of algorithm is a moving target. Post-quantum algorithms are important and are getting urgent now that quantum supremacy is (probably sorta) attained opening up various quantum computing options for code-breaking. There are options for asymmetric cryptography, but none AFAICS realistically available right now.
1 Theory
2 Encrypting things with a nice GUI
This is, IMO, a more plausible way to interact with encryption than the inhuman level of anal-retentiveness that trying to practice good privacy hygiene requires if you are doing things manually.
2.1 Keybase
Keybase might be a good option. It has the friendliest approach to GUIs and identity verification. I’m not 100% clear on the threat profile — What happens if your Keybase machine is compromised? — but holy hell it is easy, slick, friendly, and well-documented compared to competitors. Also, their identity verification (via your public web presence) is maybe not watertight but geez you would surely need to work pretty hard to fake being someone with their system.
3 File systems
You want to read and write files and do complicated things with them generally, then make it hard for other people to access them.
This is a convenient type of “nice GUI” for encryption, insofar as file systems have nice GUIs, and as such I am into it.
Of course, the moment we decide this is a good idea the infrastructure rapidly gets nerdy and confusing and the documentation is patchy.
Do we trust the author of zulucrypt? Their software seems to make some of the various options below less tedious.
Anyway, there are several ways you can encrypt a bunch of stuff.
3.1 For your Linux machine
See Linux FS encryption.
3.2 For your cloud storage
See synchronising files for a selection of natively encrypted options, plus also encrypting via rclone
and cryptomator
.
4 File transfer
4.1 Firefox send
According to the intro blog post:
[Send] is a free encrypted file transfer service that allows users to safely and simply share files from any browser.
4.2 Magic wormhole
The minimal viable sorta-decentralised transfer, magic wormhole. Read more under decentralised networks.
5 Bareback GPG
GPG, aka GnuPG, the cyberhippy version of PGP, that classic, and venerable, encrypt-my-email-or-whatever thingy. This is an unpleasant way of encrypting things because the documentation is purest nerdview, and it is complicated and easy to mess up. It may be worth learning because GPG is ubiquitous and therefore a good fallback for emergencies. It has useful tricks, such as various flavours of encryption and identity verification/signing. And it’s worth learning to do those things properly, because doing it badly exposes you to other risks.
6 Asymmetric encryption
You have public keys and private keys - someone with your public key can write messages to you from their private key. You do not both need to know the same password.
There is a lot going on there; See Begriffs’ summary of Neal Walfield’s An Advanced Intro to GnuPG for a friendly-yet-deep explanation.
GnuPG 2.2 supports various more secure algorithms such as elliptic curve crypto in their ECC offerings, but these do not seem to be enabled on my build.
AFAICT, none of the available are quantum-robust yet. See, e.g. post-quantum crypto for some fretting about that. homomorphic encryption standardisation appears to be converging on post-quantum standards.
Set up GnuPG in the manner of GitHub:
Now you actually need to send your public key to useful places. If you are using GUI apps this is realistically convenient if using the clipboard. (if using a clipboard manager make sure not to leave confidential data on the clipboard history.)
To export it to the clipboard:
To import someone’s public key from the clipboard:
To encrypt something:
xclip -selection clipboard | \
gpg --recipient someone@whosepublickeyihave.com \
--local-user me@myhost.com \ #if you have multiple identities
--encrypt --armor | \
xclip -out -selection clipboard
To decrypt something:
Pro-tip: There are many different versions of GnuPG. Anything less than version 2.2, as of 2019-10-01, is of concern.
gpgtools
: macOS GUI for GPG. Seems to integrate keychain, which means trusting Apple if you use it.Extra paranoia: offline master key, which also includes a HOWTO guide for keeping your key on a USB stick, which is great if you don’t want to get screwed every time your laptop dies. (otherwise it is hard to backup and one forgets)
6.1 Symmetric encryption
You encrypt a thing with a password. Anyone who has the password can decrypt it again.
Try this no-frills NASA guide:
Use GPG with the cipher AES256, without the –armour option, and with compression to encrypt your files during inter-host transfers.
# encrypt
$ gpg --output test.gpg --symmetric test.out
# decrypt
$ gpg --output test.out -d test.gpg
They also recommend --cipher-algo AES256
to ensure a robust cypher if you have not already set this as default.
7 OpenSSL
Also encrypts. Talks to the creaky but better-than-nothing global network of secure certificates that makes HTTPS go. Comparative advantages wrt GnuPG? No idea.
8 Online
If you trust a random browser app.
ROT-13 is a ROT-13 encoder.
GCHQ web-app for encryption, anyone? CyberChef. Cryptii includes lots of cute cyphers, including Enigma and, er, base64.