On this information, I’ll clarify the choices at your disposal for encrypting information utilizing open-source software program on a Linux, Mac, or Home windows pc. You’ll be able to then transport this digital info throughout distance and time, to your self or others.
This system “GNU Privateness Guard” (GPG) an open-source model of PGP (Fairly Good Privateness), permits:
- Encryption utilizing a password.
- Secret messaging utilizing public/personal key cryptography
- Message/Knowledge authentication (utilizing digital signatures and verification)
- Non-public key authentication (utilized in Bitcoin)
Possibility One
Possibility one is what I’ll be demonstrating beneath. You’ll be able to encrypt a file utilizing any password you want. Any particular person with the password can then unlock (decrypt) the file to view it. The issue is, how do you ship the password to somebody in a safe manner? We’re again to the unique downside.
Possibility Two
Possibility two solves this dilemma (how-to right here). As a substitute of locking the file with a password, we will lock it with somebody’s public key — that “somebody” is the meant recipient of the message. The general public key comes from a corresponding personal key, and the personal key (which solely the “somebody” has) is used to unlock (decrypt) the message. With this methodology, no delicate (unencrypted) info is ever despatched. Very good!
The general public secret is one thing that may be distributed over the web safely. Mine is right here, for instance. They’re normally despatched to keyservers. Keyservers are like nodes that retailer public keys. They preserve and synchronize copies of peoples’ public keys. Right here’s one:
You’ll be able to enter my e mail and discover my public key within the outcome. I’ve additionally saved it right here and you’ll evaluate what you discovered on the server.
Possibility Three
Possibility three will not be about secret messages. It’s about checking {that a} message has not been altered throughout its supply. It really works by having somebody with a non-public key signal some digital information. The information is usually a letter and even software program. The method of signing creates a digital signature (a big quantity derived from the personal key and the info that’s getting signed). Right here’s what a digital signature appears to be like like:
It’s a textual content file that begins with a “start” sign, and ends with an “finish” sign. In between is a bunch of textual content that really encodes an unlimited quantity. This quantity is derived from the personal key (an enormous quantity) and the info (which is definitely all the time a quantity additionally; all information is zeros and ones to a pc).
Anybody can confirm that the info has not been modified for the reason that unique creator signed it by taking the:
- Public key
- Knowledge
- Signature
The output to the question shall be TRUE or FALSE. TRUE signifies that the file you downloaded (or message) has not been modified for the reason that developer signed it. Very cool! FALSE signifies that the info has modified or the fallacious signature is being utilized.
Possibility 4
Possibility 4 is like possibility three, besides that as a substitute of checking if the info has not been modified, then TRUE will imply that the signature was produced by the personal key related to the general public key provided. In different phrases, the one that signed has the personal key to the general public key that we have now.
Apparently, that is all that Craig Wright must do to show he’s Satoshi Nakamoto. He doesn’t have to truly spend any cash.
We have already got the addresses (much like public keys) which can be owned by Satoshi. Craig can then produce a signature together with his personal key to these addresses, mixed with any message corresponding to “I actually am Satoshi, haha!” and we will then mix the message, the signature, and the deal with, and get a TRUE outcome if he’s Satoshi, and a CRAIG_WRIGHT_IS_A_LIAR_AND_A_FRAUD outcome if he isn’t.
Possibility Three And 4 — The Distinction.
It’s truly a matter of what you belief. In the event you belief that the sender owns the personal key to the general public key you might have, then verification checks that the message has not modified.
In the event you don’t belief the personal key / public key relationship, then verification will not be concerning the message altering, however the important thing relationship.
It’s one or the opposite for a FALSE outcome.
In the event you get a TRUE outcome, then you already know that BOTH the important thing relationship is legitimate, AND the message is unaltered for the reason that signature was produced.
Get GPG For Your Laptop
GPG already comes with Linux working methods. In case you are unlucky sufficient to be utilizing a Mac, or God forbid a Home windows pc, then you definately’ll have to obtain software program with GPG. Directions to obtain and methods to apply it to these working methods will be discovered right here.
You don’t want to make use of any of the graphical elements of the software program, every little thing will be performed from the command line.
Encrypting Information With A Password
Create the key file. This is usually a easy textual content file, or a zipper file containing many information, or an archive file (tar). Relying on how delicate the info is, you would possibly think about creating the file on an air-gapped pc. Both a desktop pc constructed with no WiFi elements, and by no means to be linked to the web by cable, or you possibly can construct a Raspberry Pi Zero v1.3 very cheaply, with directions right here.
Utilizing a terminal (Linux/Mac) or CMD.exe (Home windows), change your working listing to wherever you set the file. If that is unnecessary, search the web and in 5 minutes you possibly can discover ways to navigate the file system particular to your working system (search: “YouTube navigating file system command immediate” and embrace your working system’s title).
From the right listing, you possibly can encrypt the file (“file.txt” for instance) like this:
gpg -c file.txt
That’s “gpg”, an area, “-c”, an area, after which the title of the file.
You’ll then be prompted for a password. This can encrypt the brand new file. In the event you’re utilizing GPG Suite on the Mac, discover the “Save in Keychain” is checked by default (see beneath). You would possibly wish to not save this password if it’s significantly delicate.
Whichever OS you utilize, the password shall be saved for 10 minutes to the reminiscence. You’ll be able to clear it like this:
gpg-connect-agent reloadagent /bye
As soon as your file is encrypted, the unique file will stay (unencrypted), and a brand new file shall be created. You should resolve if you’ll delete the unique or not. The brand new file’s title would be the identical as the unique however there’ll be a “.gpg” on the finish. For instance, “file.txt” will create a brand new file known as “file.txt.gpg”. You’ll be able to then rename the file if you want, or you may have named the file by including additional choices within the command above, like this:
gpg -c –output MySecretFile.txt file.txt
Right here, we have now “gpg”, an area, “-c”, an area, “–output”, an area, the filename you need, an area, the title of the file you’re encrypting.
It’s a good suggestion to apply decrypting the file. That is a technique:
gpg file.txt.gpg
That is simply “gpg”, an area, and the title of the encrypted file. You don’t have to put any choices.
The GPG program will guess what you imply and can try and decrypt the file. In the event you do that instantly after encrypting the file, you is probably not prompted for a password as a result of the password remains to be within the pc’s reminiscence (for 10 minutes). In any other case, you’ll have to enter the password (GPG calls it a passphrase).
You’ll discover with the “ls” command (Mac/Linux) or “dir” command (Home windows), {that a} new file has been created in your working listing, with out the “.gpg” extension. You’ll be able to learn it from the command immediate with (Mac/Linux):
cat file.txt
One other solution to decrypt the file is with this command:
gpg -d file.txt.gpg
This is identical as earlier than however with a “-d” possibility as nicely. On this case, a brand new file will not be created, however the contents of the file are printed to the display.
You too can decrypt the file and specify the output file’s title like this:
gpg -d –output file.txt file.txt.gpg
Right here we have now “gpg”, an area, “-d” which isn’t strictly required, an area, “–output”, an area, the title of the brand new file we wish, an area, and at last the title of the file we’re decrypting.
Sending The Encrypted File
Now you can copy this file to a USB drive, or e mail it. It’s encrypted. No person can learn it so long as the password is nice (lengthy and sophisticated sufficient) and may’t be cracked.
You would ship this message to your self overseas by storing it in e mail or the cloud.
Some foolish folks have saved their Bitcoin personal keys to the cloud in an unencrypted state, which is ridiculously dangerous. But when the file containing Bitcoin personal keys is encrypted with a powerful password, it’s safer. That is very true if it’s not known as “Bitcoin_Private_Keys.txt.gpg” – Don’t try this!
WARNING: It’s vital to grasp that under no circumstances am I encouraging you to place your Bitcoin personal key info on a pc ({hardware} wallets had been created to will let you by no means want to do that). What I’m explaining right here is for particular circumstances, underneath my steering. My college students within the mentorship program will know what they’re doing and can solely use an air-gapped pc, and know all of the potential dangers and issues, and methods to keep away from them. Please don’t kind seed phrases into a pc until you’re a safety knowledgeable and know precisely what you’re doing, and don’t blame me in case your bitcoin is stolen!
The encrypted file can be despatched to a different particular person, and the password will be despatched individually, maybe with a unique communication machine. That is the less complicated, and fewer safe manner, in comparison with possibility two defined at the start of this information.
There are literally all types of how you possibly can assemble the supply of a secret message throughout distance and time. If you already know these instruments, assume arduous and thoroughly about all of the dangers and eventualities, a very good plan will be made. Or, I’m out there to help.
Good luck, and joyful Bitcoining!
This can be a visitor submit by Arman The Parman. Opinions expressed are totally their very own and don’t essentially replicate these of BTC Inc or Bitcoin Journal.
