I’ve been meaning to write a quick post on PGP/OpenPGP related settings that you can use to increase your overall security even more. Simple things like changing your preferred cipher and digest algorithms. In fact I even started writing just such a post about a year and a half ago but never got around to finishing it. Luckily I was recently linked to the following website that deals with essentially everything I was going to write about anyway.
I logged onto my desktop the other day, for the first time in a couple of weeks – I’ve been away travelling, and was surprised to notice that my PGP key was set to expire. Long story short I have generated a brand new key.
OpenPGP Key
Name: Tyler Burton
Key ID: 0x1CD3E3D8
Key Fingerprint: 96ED 6B13 10B1 69C1 8299 693C 2921 6D80 1CD3 E3D8
Keyserver: pgp.mit.edu
Key Algorithm: RSA
I have been meaning to write up a short post about this for a while, but thanks to the start of a new school term I have been a bit busy.
If you have seen the security news in the last month or so you will know that RSA-768, a 768bit or 232 decimal digit asymmetric key, has been broken (factored). This has important security repercussions for all of us because it is these public key algorithms like RSA, or ElGamal, that guard our online transactions, and e-mail conversations.
Well GPG to be more accurate 😉
As my existing key was set to expire at the end of this year I have issued myself a brand new one! After much though I finally decided that creating a new key from scratch was the best idea, rather than simply adding a new subkey, because I wanted to move away from DSA/ElGamal toward RSA primarily because of the weakening of SHA1. If this all sounds like gibberish to you then don’t worry, the details aren’t nearly as important as the security provided by my new key.
Well its almost time for me to create a new PGP key. My current key for tyler at tylerburton dot ca is set to expire at the end of the year and I am trying to determine what the best way to migrate to a new key is. Some people suggest simply adding a new encryption sub key and then changing the original signing key’s expiry date so that individuals wishing to verify your signatures can continue to do so uninterrupted.
Public key cryptography is one of the most essential pieces to online security. It is at the root of what enables you to shop online, do secure online banking, and communicate securely. I will be focusing on the latter in this tip. But first a quick and simple refresher on what public key cryptography is and how it works.
How public key cryptography works Or rather how you use it. Cryptography allows you can lock any data or information inside of a digital safe.