On Encryption

E-mails

Sending e-mails is not like sending a letter. Everybody knows that. Letters are made of paper, they have to be printed, they need a stamp but most of all, letters are closed and unreadable to the transmitter. E-mails are not: every server an email is send to, before it reaches the recepient, can read, copy and even change the contents and all attachments. This, of course, is not what I want. I want to send a letter, that is closed and sealed so that it will reach the recepient unread and unchanged. Since I don't want to print my e-mails out, I use encryption.

A very strong and widely used way to encrypt e-mail is to use the OpenPGP algorithm as implemented in GnuPG. PGP is an asynchronus end-to-end-encryption, which means that there are two keys:

• The public key is shared with everyone. It works like an open lock which is distributed around and is used to encrypt the messages.
• The private key is to be kept secure. It functions like the key to the distributed locks and only it can decrypt the messages.

To send someone an encrypted message, you need to know their public key. Then you use it to encrypt the message (1). After that you can no longer read the message yourself. Now the message is send to the recepient. Any attacker trying to read or change the message on its way will fail. The recepient can then use their private key to decrypt the message (2) and read the message.

How to send me encrypted messages

Sending encrypted messages is fairly easy once you have everything set up. All you really need is an email client and an encryption plugin. Here it is explained for Enigmail in Thunderbird.

My keys can be found on this server: https://lorenz-sieben.com/public/keys

Keys

All my public keys are stored on the server at https://lorenz-sieben.com/public/keys. Below are also sha-256 hases of all stored keys. To check the keys after the download run $ sha256sum key.asc (Linux) or $ shasum -a 256 key.asc (macOS).