Email encryption

[BrentMc]

Hello, as a reader of wilwheaton.typepad.com I sometimes think of emailing Wil. He says that he prefers encrypted email. He talks about it at <http://wilwheaton.typepad.com/wwdnbackup/contact.html>.

For internet privacy reasons I really like the idea of encrypting email. The problem I am having is that the web site for the program he recommends is confusing. It is at <http://www.gnupg.org/>. I don't know what they mean when they say I have to "build" the setup. I am using windows and I am used to just clicking install. Does anyone here know about this program? I think I would like to try email encryption. Thanks -Brent

 

[BrentMc]

Update: I downloaded the Gpg4win and installed it. I am now looking at the user guide for novices.

I am wondering if I should use one of the extra emails comcast allows me and create a specific email like "brentencrypted@" or "BrentSecure@". It looks like it works with outlook. I am hoping that it won't screw up my father's email in outlook express under his XP user acount.

I'll keep looking at the user manual, but if anyone has any advice or tips please let me know. -Brent

 

[Marc]

Update: I downloaded the Gpg4win and installed it. I am now looking at the user guide for novices.

I am wondering if I should use one of the extra emails comcast allows me and create a specific email like "brentencrypted@" or "BrentSecure@". It looks like it works with outlook. I am hoping that it won't screw up my father's email in outlook express under his XP user acount.

I'll keep looking at the user manual, but if anyone has any advice or tips please let me know. -Brent

There's one important thing you need to consider - before you start sending people e-mail that's been encrypted you're going to have need so send them your public key so they can actually decrypt your messages or it's going to come out as gobbledygook.

And sending the public key is best down by disc or USB thumb drive sort of defeats the purpose if you send the key by e-mail.

 

[BrentMc]

Wil Wheaton has his public key on his website. Maybe I can put mine up online rather than email it. Thanks for the reply. I am trying to learn something new and I appreciate the help. -BrentMc

 

[Brolan]

Public keys are just that - public. You don't keep them secret. You can't figure out the private key from the public key. Not without banks of supercomputers and a lot of time anyways.

 

[Marc]

Public keys are just that - public. You don't keep them secret. You can't figure out the private key from the public key. Not without banks of supercomputers and a lot of time anyways.

True but if you read some of the books on computer security they do talk about using media like floppy disks to give out your public key. It's called a public key because you give to people, not because you give it to the whole world.

And think about it for the a minute.

If some-one has got your public key, they don't need to break your private key. They just decrypt with your public key.

 

[eastman23]

Public keys are just that - public. You don't keep them secret. You can't figure out the private key from the public key. Not without banks of supercomputers and a lot of time anyways.

True but if you read some of the books on computer security they do talk about using media like floppy disks to give out your public key. It's called a public key because you give to people, not because you give it to the whole world.

And think about it for the a minute.

If some-one has got your public key, they don't need to break your private key. They just decrypt with your public key.

Yes.... except that's only verifying who sent the thing, not encrypting the message for privacy.

If you want privacy between user A and user B, then user A encrypts the message with user B's public key. Thus, only user B can decrypt the message with their private key (assuming the keys were chosen correctly).

So if BrentMc wanted to send an encrypted email to Wil Wheaton , he would obtain Wil's public key (which is apparently posted on his website), encrypt the message, and send it. Then Wil would use his private key to decrypt the message.

Public-key cryptography (wikipedia)

 

[BrentMc]

Public keys are just that - public. You don't keep them secret. You can't figure out the private key from the public key. Not without banks of supercomputers and a lot of time anyways.

True but if you read some of the books on computer security they do talk about using media like floppy disks to give out your public key. It's called a public key because you give to people, not because you give it to the whole world.

And think about it for the a minute.

If some-one has got your public key, they don't need to break your private key. They just decrypt with your public key.

Yes.... except that's only verifying who sent the thing, not encrypting the message for privacy.

If you want privacy between user A and user B, then user A encrypts the message with user B's public key. Thus, only user B can decrypt the message with their private key (assuming the keys were chosen correctly).

So if BrentMc wanted to send an encrypted email to Wil Wheaton , he would obtain Wil's public key (which is apparently posted on his website), encrypt the message, and send it. Then Wil would use his private key to decrypt the message.

Public-key cryptography (wikipedia)

This sounds correct to me. I think you use the private key to decrypt, so even if someone has your public key they cannot open anything without the private key of the recipient.

Thanks for the replies and tips-Brent