Encrypting, signing, verifying stuff

Alice, Bob, GCHQ

December 28, 2014 — June 9, 2020

computers are awful
confidentiality
cryptography
Figure 1

tl;dr: Cryptography is complicated and it should be made easier, since easier is harder to mess up, and is feasible for normal humans, and seems likely to me that even people who think they are doing it right the hard way may not be.

UX for most manual methods is terrible. You have to know too many details about how it works, remember too many commands, select too many options and work out how to do it using antiquated manuals written for übergeeks. The entire field is laced with rabbit holes of confusing research, FUD and incompetence. AFAICT, a little knowledge is wildly dangerous. We are likely, most of us Dunning-Kruger cypherpunks, because it looks just hard enough, if you squint to imagine that, having heard a podcast about the basic principles in outline, we understand how to behave in detail in reality In cryptography terms, we are hoping our communications are secure from surveillance if we cover them with lemon juice.

Or, more cynically, encryption is not encouraged to be easy, because we want to normalise the idea that people who are not terrorist nerds have no right to have secrets from the state. And then there is stuff like Daniel J. Bernstein, Making sure crypto stays insecure speculating that the usability flaws of crypto have been engineered to restrict safe crypto to experts.

Some of the chat programs do ok at making things secure by default even for us idiots. The most general magically functional program is keybase which leverages social media for identity verification of encrypted chat.

Also, choice of algorithm is a moving target. Post quantum algorithms are important and are getting urgent now that quantum supremacy is (probably sorta) attained opening up various quantum computing options for code-breaking. There are options for asymmetric cryptography, but none AFAICS realistically available right now.

1 Theory

Figure 2

The Joy of Cryptography

2 Encrypting things with a nice GUI

This is, IMO, a more plausible way to interact with encrypted than the inhuman level of anal-retentiveness that trying to practice good privacy hygiene requires if you are doing things manually.

2.1 Keybase

Keybase might be a good option. It has the friendliest approach to GUIs and to identify verification I’m not 100% clear on the threat profile — What happens if your keybase machine is compromised? — but holy hell it is easy, slick, friendly and well-documented compared to competitors. Also, their identity verification (via your public web presence) is maybe not watertight but geez you would surely need to work pretty hard to fake being someone with their system.

3 File systems

You want to read and write files and do complicated things with them generally, then make it hard for other people to access them.

This is a convenient type of “nice GUI” for encryption, insofar as file systems have nice GUIs, and as such I am into it.

Of course, the moment we decide this is a good idea the infrastructure rapidly gets nerdy and confusing and the documentation is patchy.

Do we trust the author of zulucrypt? Their software seems to make some of the various options below less tedious.

Anyway, there are several ways you can encrypt a bunch of stuff.

3.1 For your linux machine

See linux FS encryption.

3.2 For your cloud storage

See synchronising files for a selection of natively encrypted options, plus also encrypting via rclone and cryptomator.

4 File transfer

4.1 Firefox send

According to the intro blog post:

[Send] is a free encrypted file transfer service that allows users to safely and simply share files from any browser.

See the diagrammed explanation of mozilla encryuption.

4.2 Magic wormhole

The minimal viable sorta-decentralised transfer, magic wormhole. Read more under decentralised networks.

5 Bareback GPG

GPG, aka GnuPG, the cyberhippy version of PGP, that classic, and venerable, encrypt-my-email-or-whatever thingy. This is an unpleasant way of encrypting things because the documentation is purest nerdview, and it is complicated and easy to mess up It may be worth learning because GPG is ubiquitous and therefore a good fallback for emergencies. It has useful tricks, such as various flavours of encryption and identity verification/signing. And it’s worth learning to do those things properly, because doing it badly exposes you to other risks.

6 Asymmetric encryption

You have public keys and private keys - someone with your public key can write messages to you from their private key. You do not both need to know the same password.

There is a lot going on there; See Begriffs’ summary of Neal Walfield’s An Advanced Intro to GnuPG for a friendly-yet-deep explanation.

GnuPG 2.2 supports various more secure algorithms such as elliptic curve crypto in their ECC offerings, but these do not seem to be enabled on my build

AFAICT, none of the available are quantum-robust yet. See, e.g. post quantum crypto for some fretting about that. homomorphic encryption standardisation appears to be converging on post-quantum standards.

Set up GnuPG in the manner of github:

gpg --full-gen-key
gpg --list-secret-keys --keyid-format LONG

Now you actually need to send your public key to useful places. If you are using GUI apps this is realistically convenient if using the clipboard. (if using a clipboard manager make sure not to leave confidential data on the clipboard history.)

To export it to the clipboard:

gpg --armor --export LONGKEYIDIFOUND | \
  xclip -out -selection clipboard

To import someone’s public key from the clipboard:

xclip -out -selection clipboard | \
  gpg --import

To encrypt something:

xclip -selection clipboard | \
  gpg --recipient somoene@whosepublickeyihave.com \
    --local-user me@myhost.com \ #if you have multiple identities
    --encrypt --armor | \
  xclip -out -selection clipboard

To decrypt something:

xclip -out -selection clipboard | \
  gpg --decrypt - | \
  xclip -selection clipboard

Pro-tip: There are many different versions of gnupg. Anything less than version 2.2, as at 2019-10-01 is of concern.

  • gpgtools: macOS GUI for GPG. Seems to integrate keychain, which means trusting Apple if you use it.

  • Extra paranoia: offline master key, which also includes a HOWTO guide for keeping your key on a USB stick, which is great if you don’t want to get screwed every time your laptop dies. (otherwise it is hard to backup and one forgets)

6.1 Symmetric encryption

You encrypt a thing with a password. Anyone who has the password can decrypt it again.

Try this no-frills NASA guide:

Use GPG with the cipher AES256, without the –armour option, and with compression to encrypt your files during inter-host transfers.

# encrypt
$ gpg --output test.gpg --symmetric test.out
# decrypt
$ gpg --output test.out -d test.gpg

They also recommend --cipher-algo AES256 to ensure a robust cypher if you have not already set this as default.

7 OpenSSL

Also encrypts. Talks to the creaky but better-than-nothing global network of secure certificates that makes HTTPS go. Comparative advantages wrt gnupg? No idea.

# encrypt
$ openssl aes-256-cbc -a -salt -in secrets.txt -out secrets.txt.enc
# decrypt
$ openssl aes-256-cbc -d -a -in secrets.txt.enc -out secrets.txt

8 Online

If you trust a random browser app.

ROT-13 is a ROT-13 encoder.

GCHQ web-app for encryption, anyone? CyberChef. Cryptii includes lots of cute cyphers, including Enigma and, er, base64.