Items tagged with: pgp

Search

Items tagged with: pgp


Getting started with XMPP/Jabber and PGP for federated, encrypted messaging

This is a short thread where I explain how I started using the XMPP protocol and PGP encryption for secure messaging. I am not a security expert, but I am a mathematician and I am confortable with the Linux command line. This guide is for people who want to use PGP for secure messaging easily. You will need to be okay with typing commands into the Linux command line in order to do this, but I will tell you exactly what to enter.

Part 1: XMPP

Mastodon is like email, but for social media. You sign up for an account with a server, and then you can talk with any other accounts that are signed up on other servers, as long as your servers are getting along. (No one wants emails from the sketchy spam server, and we want to be able to choose between Yahoo, Gmail, etc.) XMPP (a.k.a. Jabber) is the same thing for text messaging.

Just like signing up for an email/Mastodon account, you need to sign up for an account. You can find a list of servers at list.jabber.at/ and will probably at least need to provide an email addess when making an account.

Once you have made an account, you need a client. On Linux, I've been having a good time using Dino (dino.im/). You can then enter your account name and password to log into your XMPP account and start chatting! There are both public rooms and you can also message directly with your friends.

#security #PGP #XMPP #FOSS #Jabber #Dino #MonoclesChat

(1/4)



I just released versions 0.6.2 of rsop, a stateless #OpenPGP ("SOP") CLI tool based on @rpgp:

crates.io/crates/rsop/

Changes since rsop 0.6.0:

- decryption based on session keys is now supported,
- generation of man pages and shell tab completion has been added,
- some subtle semantics fixes for component key validity were implemented.

For more on #SOP, see datatracker.ietf.org/doc/draft…

#PGP #GnuPG


It is possible for #chatmail users to communicate with classic email users who have published their public key.

You just have to do manual chatmail registration, save your login details and private key securely, and use it with something that supports #pgp like #Thunderbird or #Mailvelope.


I just released version 0.1.0 of rsop-oct, a new stateless #OpenPGP ("SOP") CLI tool that focuses exclusively on use with OpenPGP card hardware devices:

crates.io/crates/rsop-oct/0.1.…

Like its sibling project #rsop, rsop-oct is based on @rpgp

In the next release of rsop, OpenPGP card functionality will be removed from it.
The goal is to offer clear UX in two distinct simple CLI tools, as opposed to one combined and confusing CLI tool.

For more on #SOP, see datatracker.ietf.org/doc/draft…

#PGP #GnuPG #SOP




Oha, das ist provokativ: Dieser Blogartikel sagt:

- Nutzt kein #PGP / #GPG
- Nutzt kein #XMPP + OMEMO
- Nutzt kein #Matrix (im Sinne: verlasst euch nicht auf die Verschlüsselung)
- E-Mails verschlüsseln ist sinnlos

Ich kenne den Autor nicht und würde ihn nicht erwähnen, würde der Artikel nicht in ernstzunehmenden ITSec-Newslettern zitiert

soatok.blog/2024/11/15/what-to…

Meinungen? #itsec #security



I just released version 0.4.1 of #rsop, a stateless #OpenPGP ("SOP") CLI tool based on @rpgp:

crates.io/crates/rsop/0.4.1

This release adds support for the 'revoke-key' command.

For more on #SOP, see datatracker.ietf.org/doc/draft…

#PGP #GnuPG #StatelessOpenPGP


rPGP is an #OpenPGP implementation in pure #Rust (crates.io/crates/pgp).

It serves as the end-to-end encryption engine for Delta Chat:
@delta, a secure decentralized messager for all major platforms (and then some).

rPGP implements all generations of the OpenPGP standard, up to and including the new RFC 9580.

#RustLang #Cryptography #PGP


New release today: #rPGP version 0.14.0 ✨

(#OpenPGP implemented in pure #Rust, permissively licensed)

github.com/rpgp/rpgp/releases/…

This release brings rather complete support for the excellent new OpenPGP RFC 9580 (also known as "crypto refresh", or "v6")

RFC 9580 standardizes modern cryptographic mechanisms for OpenPGP: AEAD-based encryption, Argon2, and SHA2 fingerprints for the new OpenPGP v6 key format (v4 keys use SHA1).

Thanks @NGIZero for supporting this work!

#RustLang #PGP #GnuPG



In the past few weeks, I spent a bit of time on a set of #OpenPGP hobby projects around #rpgp (github.com/rpgp/rpgp/). Today I'm happy to announce:

rsop v0.1.0 (crates.io/crates/rsop), an early stage "stateless OpenPGP" tool based on rpgp.

Relatedly, I also released rpgpie 🦀️🔐🥧 v0.0.1 (crates.io/crates/rpgpie), an experimental high level OpenPGP API based on rpgp (rsop is built on top of rpgpie).

#PGP #Rust #rustlang


Thunderbird is an email client with built-in support for PGP encryption.

Messages are encrypted/decrypted in the client and remain encrypted on email servers, this is client-side encryption.

Some email providers support PGP encryption server-side, this method could be vulnerable to third-party decryption of emails.

PGP: en.wikipedia.org/wiki/Pretty_G…
Client side encryption: en.wikipedia.org/wiki/Client-s…

Website: thunderbird.net
Mastodon: @thunderbird

#Thunderbird #Email #Encryption #OpenPGP #PGP


Having decidedly too much fun playing with ancient #PGP artifacts.

Note the two version 2 public keys from 1992. They were created just over a year after Phil Zimmermann first released PGP (on 6 June 1991), deep in the crypto war era.

These keys predate the #OpenPGP name by around half a decade.

At over 31 years old, nation-state actors can definitely factor John Gilmore's RSA 1024 key today.
However, I believe the cost still exceeds a hobbyist budget even now.


LibreOffice supports symmetric and asymmetric encryption for OpenDocument Format (ODF) files.

Select File > Save/Save As

The "Save with password" option encrypts the file with AES-256.
The "Encrypt with GPG key" option encrypts the file with a public key.

Symmetric encryption: en.wikipedia.org/wiki/Symmetri…
Asymmetric encryption: en.wikipedia.org/wiki/Public-k…

Website: libreoffice.org
Mastodon: @libreoffice

#LibreOffice #Encryption #OpenSource #OpenPGP #PGP #GnuPG #GPG #InfoSec #Privacy #Security



#thunderbird sadly lacks some basic functionality for me. #pgp is not an option in #xmpp chats and it doesnt really support #nextcloud I hope the will change in future updates and thunderbird will evolve in to my be all end all software for communication. but it still has a long way to come.




Great to see you around the Fediverse 🥳 :mastolove:
And I'm looking forward to see #Thunderbird on Android :mastolove:

However, I think that @Ahorn and @fuomag9 have raised two important points that I'd like to second:
Please plan to publish your app via #FDroid right from the start - and include encryption via #PGP and #SMIME :mastoinnocent:

Oh - and just drop the word here when you start looking for beta testers 😊