Is there a tool that uses signal protocal or signal like algorithm (Double Ratchet Algorithm) to encrypt files
Basically looking for a replacement for PGP/GPG file encryption. Need “forward secrecy” feature.
Category Archives: GnuPG
Using GPG or PGP, is there a way to give another user (or key) access to decrypt a file for a limited time only?
I want to share encrypted files with someone else however it’s only for a short time only. What is the best way to do this?
More background: I’d like to add more people to be able to decrypt the file as time goes on and others “expire”… Continue reading Using GPG or PGP, is there a way to give another user (or key) access to decrypt a file for a limited time only?
GPG asks for Passphrase for new key
i want to know what to do after forgetting a passphrase. I’ve deleted and revoked all keys and made a new one but i was hoping that the passphrase would reset for me. to make a newer one. Do i need to uninstall the application to reset pas… Continue reading GPG asks for Passphrase for new key
Generating multiple gpg private keys (for provenance)
I’m learning about key management, encryption and GPG for provenance (verifying authorship). Using DevDungeon’s GPG Tutorial I learned that to export your GnuPG private key to your local computer, you use this command: $ gpg –export-secre… Continue reading Generating multiple gpg private keys (for provenance)
Compare fingerprints of gpg –verify for files download with / without TOR
From my understanding, except we meet the creator of an archive in person and verify the primary key fingerprint, we can never be sure, that the archive we download is really created by the person we think it is.
Therefore gpg warns us th… Continue reading Compare fingerprints of gpg –verify for files download with / without TOR
Whonix Image Download Bad Signature
Using gpgtools on MacOS, I have attempted multiple times to verify the signature of the Whonix image. I get:
$ gpg –verify-options show-notations –verify Whonix-*.ova.asc Whonix-*.ova
gpg: Signature made Sun Mar 8 14:38:51 2020 EDT
g… Continue reading Whonix Image Download Bad Signature
AES-256-GCM using GnuPG
Is there a way to encrypt files with AES 256 in the authenticated GCM mode using GPG?
I don’t see GCM in supported cipher modes. It seems that the GPG uses only one mode (its own modification of CBC), although libgcrypt supports GCM.
Does a revocation certificate leak information about the private key?
Kleopatra/ GPG can create revocation certificates, which look a lot like public/private keys. Obviously, these keys should not be shared or used unless one intends to revoke their keys. But assume that the revocation certificate were not s… Continue reading Does a revocation certificate leak information about the private key?
Fetching GPG private key from Linux server to decrypt files on a Win 10 computer in production
I have a need to fetch automatically the GPG private key from a Linux server to decrypt files on a Windows 10 computer in production.
There are a few challenges here:
How to assure SCP from the Windows 10 to the Linux server that not ev… Continue reading Fetching GPG private key from Linux server to decrypt files on a Win 10 computer in production
gpg – Cannot import public key from asc file
I’m using Windows 10 Home with GPG version 2.2.19.
Whenever I try to import the asc file for Tor Browser using the command gpg –import torbrowser-install-win64-9.0.7_en-US.exe.asc, I get this fancy error:
gpg: no valid OpenPGP data foun… Continue reading gpg – Cannot import public key from asc file