Upgrade to Pro — share decks privately, control downloads, hide ads and more …

PGP Encryption and Signing

Avatar for Jeff Carouth Jeff Carouth
October 29, 2014
Technology
0
97

PGP Encryption and Signing

Personal privacy and security are important. This talk covers what PGP encryption is and how you can use it as a developer. This deck is designed to be used as a lightning talk.
Avatar for Jeff Carouth

Jeff Carouth

October 29, 2014
Tweet

More Decks by Jeff Carouth

See All by Jeff Carouth
Anti-Patterns Found in Your Object-Oriented Codebase
Avatar for Jeff Carouth jcarouth
0
640
Fundamental OOP in PHP
Avatar for Jeff Carouth jcarouth
7
420
Conference Speaking 101 & 102
Avatar for Jeff Carouth jcarouth
0
91
A Gentle Walk Towards SOA
Avatar for Jeff Carouth jcarouth
1
160
Hours Long Deployment to CD
Avatar for Jeff Carouth jcarouth
0
300
Dependency Injection, Dependency Inversion, and You
Avatar for Jeff Carouth jcarouth
5
970
Git and Github: Working Effectively on a Team at php[tek] 2014
Avatar for Jeff Carouth jcarouth
0
730
JavaScript's Difficult Concepts – php[tek] 2014
Avatar for Jeff Carouth jcarouth
2
550
Guiding Object-Oriented Design with Tests
Avatar for Jeff Carouth jcarouth
5
1.1k

Other Decks in Technology

See All in Technology
LT Slide 2025-04-22
Avatar for Shigeki Shoji takesection
0
100
日経電子版 for Android の技術的課題と取り組み(令和最新版)/android-20250423
Avatar for 日本経済新聞社 エンジニア採用事務局 nikkei_engineer_recruiting
1
590
地味にいろいろあった! 2025春のAmazon Bedrockアップデートおさらい
Avatar for みのるん minorun365
PRO
2
540
品質文化を支える小さいクロスファンクショナルなチーム / Cross-functional teams fostering quality culture
Avatar for とうま toma_sm
0
170
AndroidアプリエンジニアもMCPを触ろう
Avatar for Shinnosuke Kugimiya kgmyshin
2
510
CodePipelineのアクション統合から学ぶAWS CDKの抽象化技術 / codepipeline-actions-cdk-abstraction
Avatar for k.goto gotok365
5
330
OpsJAWS34_CloudTrailLake_for_Organizations
Avatar for h-ashisan hiashisan
0
220
AIエージェント開発手法と業務導入のプラクティス
Avatar for Yoshinori Kosaka ykosaka
9
2.5k
SnowflakeとDatabricks両方でRAGを構築してみた
Avatar for camay kameitomohiro
1
530
DjangoCon Europe 2025 Keynote - Django for Data Science
Avatar for William S. Vincent wsvincent
0
310
Azure Maps Visual in PowerBIで分析しよう
Avatar for なかしょ nakasho
0
170
Microsoft の SSE の現在地
Avatar for skmkzyk skmkzyk
0
250

Featured

See All Featured
Rebuilding a faster, lazier Slack
Avatar for samanthasiow samanthasiow
81
9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
160
15k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
177
9.7k
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
61k
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
270
27k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
51
3.2k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
23
1.5k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
53k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
6
520
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
75
5.8k
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
91
6k

Transcript

  1. PGP Encryption and Key Signing

  2. PGP stands for Pretty Good Privacy. It is a trademarked

    program for encryption and decryption.

  3. OpenPGP is the standard for PGP encryption. PGP and other

    programs comply with this standard.

  4. Gnu Privacy Guard is an open source implementation of OpenPGP.

    It is abbreviated as GPG.

  5. What are you trying to hide? nothing.

  6. Aspects of Security Privacy Integrity Authenticity

  7. Nobody except the intended recipient can read the contents of

    the message. Privacy

  8. The message that is delivered is the exact message that

    was sent. integrity

  9. The sender and receiver can be sure of the other’s

    identity. authenticity

  10. PGP security features Encrypt/Decrypt messages Sign and verify messages Validate

    and sign keys

  11. encryption basics Symmetric Asymmetric

  12. Both parties use the same secret to encrypt and decrypt

    the message. Symmetric

  13. One half of a key pair is used for encrypting

    and the corresponding other half for decryption. Asymmetric

  14. Symmetric Fast Not resource intensive Useful for messages of various

    sizes Requires sharing the secret password

  15. Symmetric Does not requiring sharing the whole key Can be

    used for both encryption and signing Very resource intensive Useful on only small messages

  16. PGP Encryption Symmetric Asymmetric +

  17. PGP encryption uses symmetric encryption to encrypt the data using

    a generated secret key.

  18. It uses asymmetric encryption to encrypt the generated secret key

    using the recipient’s public key.

  19. http://en.wikipedia.org/wiki/Pretty_Good_Privacy

  20. Use Cases Email Encryption Document Signing Commit Signing Password Sharing

    File Encryption

  21. Email Encryption

  22. Git Commit Signing

  23. Shared Password Encryption

  24. Next Steps Generate a key pair if you do not

    have one or have forgotten the passphrase. ! Distribute your public key. Consider sending it to a public key server. ! Verify keys with people here. Sign and distribute these keys. ! Use your key.
  25. None

  26. Resources http://carouth.com/blog/2014/05/04/keysigning-at-php-tek-2014/ http://www.phildev.net/pgp/gpgkeygen.html https://alexcabal.com/creating-the-perfect-gpg-keypair/ http://carouth.com/blog/2014/05/25/signing-pgp-keys/ http://openpgp.quelltextlich.at/slip.html