Sunday, January 24, organization Islamic State broadcast a video macabre glory of the terrorist attacks of 13 November in Paris. In the latter, between close-ups of beheadings and threats of future attacks, we can see a staging of the use of Pretty Good Privacy (PGP) data encryption software. Although several errors in representing this encryption -and enquête- of the elements seem to prove the fictitious nature and directed to its use in the context of the events of November 13, it is more than likely use all of Daech even methods to protect their online exchanges.
READ & gt; & gt; Video Daech: are encrypted messages terrorist authentic?
According to the opinion of several experts interviewed by Express, such as computer network engineer Stéphane Bortzmeyer, it is almost certain that even Daech be able to use encryption software as PGP. But what exactly is this program, how does it work and what is it for?
How does PGP
Pretty good privacy is software that has existed since the 1990s to encrypt – code – the data to make it incomprehensible, for example an email. Once encrypted, the message can only be read by the person with the right key. For the principle of PGP based on the creation of a pair of keys, one public and one private. These keys must be used together and created simultaneously.
https://www.ipbs.fr
The operation may seem complicated but it is actually very simple. A user created a key pair and then widely disseminate its public key on the Web -site, email etc. Anyone wishing to send an encrypted message using the public key. Once the received message, the user only has to use his private key to decrypt the message. The latter, as its name suggests, must obviously remain secret.
Sacha wrote a message. It encrypts it with the public key of John … who decrypts it with his private key. flossmanuals.net
Ensure the identity of the sender
But that’s not all, PGP provides another particularly interesting option: the cryptographic signature of a message. The goal: to allow the recipient to verify the identity of the sender, but the message was not modified in transit. To sign a message, the sender must encrypt both with the recipient’s public key, but also with its own private key. The recipient, he must decipher the message with its private key, but also with the public key of the issuer, as shown in the diagram below.
The orange color corresponds to the key “public”, the blue private keys. Guardian
A rather simple tool to use
Contrary to what one might believe, the use of PGP encryption through various tools readily available on the Internet, is particularly easy, even for novices. YouTube tutorials made by minors, even if they are laborious, are there to prove it. The popularity of PGP also lies in its reputation for sanctity. Decrypt an encrypted message without possessing -the decode clef- theoretically require tens or hundreds of years, depending on the level of the encryption key.
No wonder this method is praised by advocates of privacy -of increasingly battered on Internet- but also by malicious people. It could however soon be replaced by a new method for privacy protection more effective, the Pretty Easy Privacy . A system that automatically chiffrerait all email messages, as explained The World.
No comments:
Post a Comment