I’ve recently started using GnuPG to encrypt email transmission with the aid of the new FireGPG extension to firefox which allows one to use public key encryption in gmail. The extension can be found at it’s homepage. My public key can be found here if you would like to communicate with me securely. But what is public key encryption? I’ll give a layman’s introduction here. Hopefully I’ll explain it in a way you can understand.
Let’s start with the problem. Say you need to send a message to your lawyer about your cheating wife/husband and you need to make absolutely sure that she/he can’t read it, because she/he doesn’t know you know she/he’s cheating (that bitch/bastard). Let’s say the whore/asshole works at the post office and delivers the lawyer’s mail, so she/he’s sure to be able to read the message if you just sent it on a post card. To get around this, we give the lawyer an open lock to which we possess the only key. He will then place an open lock of his choosing to which only he possesses the key inside a box, lock it using your lock, and mail it to you. When this box is delivered to you, you can unlock it, as you have the key to it, and remove his open lock. You will then place your message in the box, as well as your open lock (so he can send you another message back), and lock the box with his lock. Now only your lawyer can open the box you have just locked. The only way the lying bitch/bastard can then read the message is if you either copied it before you locked it up, or ask him to send it back once he’s unlocked it.
In this example, the locks we selected are our “public keys”, and the keys to those locks are our “private keys”. We don’t need the key to the lock to secure it, only to open it. Of course, in the digital world, we can duplicate the lock (public key) before we lock it down as many times as we need to, so there’s no reason to exchange that lock each time. There is never an exchange, or even presentation of the keys to open our locks (private key), so we never give anyone the ability open our locks! The only way to access the information stored in our locked box other than having the key, would be to pick the lock. To prevent this we use locks with great complexity. Were these keys physical, and each pin in our lock was 1/8th of an inch apart, our typical 1024 bit key would be over 10 feet long. Try picking that. I dare you.
Of course there’s no real limit to the size of the lock/key pair that your use, but if you want to keep it sane, 1024 bits is practically impossible to break these days. 2048 is without question enough for the next 5 years. 4096 is crazy.
Please, send me a digitally encrypted message here in the comments and I’ll get back to you, just don’t forget to link your public key!