encryption question (digital signatures..)
Results 1 to 4 of 4

Thread: encryption question (digital signatures..)

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    214

    Post encryption question (digital signatures..)

    Hello,

    I don't know much about encryption at all. I know this is possible, but I'm not sure how to set this up:

    I want to send e-mails to other people, (unencrypted, because its easier that way and its not top secret stuff anyway), but I do want have a way for them to be sure it was sent from me. Is this what a digital signature is? (Wow I feel stupid asking this, lol). How can I set this up (for free, I don't want to get anything from verisign or whatever...I could have them compare the keys/signature whatever on my website.)?

    Thanks
    -Mike
    Either get busy living or get busy dying.

    -The Sawshank Redemption

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Yanksfan,

    Yes, this is what a digital signature is. However, both you and the recipient both need some kind of encryption software to make it work. You need public-key encryption to make it work. With public key encryption, you woulf have two keys - a public key and a private key.It is then possible to encrypt a message to you with your public key which can only be decrypted with your private key and not vice-versa. These keys also contain a signing key, with which a message can only be signed with your private key and then the signature can be decrypted with your public key.
    It works by computing an MD5 hash of the message digest and then encrypting that hash with your private key. You would need to install public-key encryption software and generate yourself a keypair. You then send your public key to anyone who needs it. Those people could then verify your digital signature and encypt mail (or whatever) to you. They would not be able to sign in your name or decrypt mail encrypted to your private key. Each key has a unique fingerprint which you can use to verify that your key is actually yours, in a telephone call, for example.

    Files can also be signed in the same manner as email. The best software I have seen available to do this is PGP, the brainchild of Philip Zimmerman. It can be downloaded here: <www.pgp.com>. PGP 8 is currently in beta testing and so will disable itself sometime in December. However, they release a freeware version of thier software on the principle that everyone should have access to good, strong encryption. The software is open-source, so the entire world has had the chance to review it for holes, backdoors, and bugs. You could even compile it yourself, were you so inclined. They also run public keyservers to which you can upload your keys for easy dissemination. I have my email sign every outgoing message by default.

    So the short story -- yes, that is what a digital signature is, and you can set it up for free, and PGP is a very good way to do it.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    214
    Thanks for your response.

    I went to the website, and they had one for Windows, one for Mac, but nothing for linux??

    Would redhat.com have something similar or compatible that I could use instead (that's my linux distro.)

    -Mike
    Either get busy living or get busy dying.

    -The Sawshank Redemption

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    PGP 6.5.8 is available pre-compiled for Red Hat here. I do not know if it works under Red Hat 8. You could try that, or you could try compiling the program yourself from a more recent version. You'd have to make a few changes, but it don't think it would be too difficult I believe it is platform independent, save for the GUI. I could be wrong.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •