I want to communicate with a friend (he lives in another country so we can’t exchange fingerprints or keys physically, I could post him a USB disk but I’m sure I can do it through the web). I’m pretty familiar with public key cryptography but this is the first time I’ve decided to use a::Listen
I want to communicate with a friend (he lives in another country so we can’t exchange fingerprints or keys physically, I could post him a USB disk but I’m sure I can do it through the web).
I’m pretty familiar with public key cryptography but this is the first time I’ve decided to use a symmetric approach. There are a few things I’m wondering:
- Do I need to generate a special type of key for this, or can I just generate a 4096 bit RSA key pair with
gpg --full-gen-key like I usually would?
- Does it make a difference whether I use my private key or public key? Is there any real difference between these two keys. meaning if I encrypted a file using my private key would it be the same quality as if I had used the public key?
- So in addition to the password for the message I sent him, my friend needs a copy of the key I use to decrypt it so we then have a shared key. Would it be a good idea to send both keys (the private and public) so when a third party encrypts something with our public key, we can both decrypt it. Have I got the right idea there, or would that introduce any security risks to this symmetric communication system?
This is just a practice exercise, we’re both interested in cryptography and want to make our online communications 100% encrypted and secure, in order to develop a practical understanding of cryptography, steganography and security. This is step 1, we will send exchange email addresses and secure IM service account details. And from there we can discuss how to step things up and gradually reach our goal of being 100% encrypted and secure. I would greatly appreciate any tips, insights, methods, pointing out flaws in my methods and things I haven’t thought about yet.
One challenge which is a fun one is getting the key to him. I’m not gonna complicate it too heavily, but heres what I’m thinking:
- Compressing the key pair into a password protected zip archive, and embedding it into a PDF file or PNG, or whatever file type won’t seem weird with the extra size.
A more secure way would be to post a USB key to him of course, but we wanna do this entirely via the web for now.