I’ve been doing a lot of research this week on encryption. GPG, PGP, RSA, DSA.. all that good stuff. I’ll admit I don’t understand the extent of HOW it works. I’m mainly looking at ways to implement it without completely changing the way I interact with my machine & others.
If you and your recipients both need complex apps to encrypt/decrypt messages it becomes too cumbersome to implement. The more bothersome it is the less ‘worth-it’ it seems to be.
Now I’ll admit that none of what I do NEEDS encryption–my emails are just as bland as the next guys–but I like the idea of being able to use it. For that reason I’ve been looking at easy ways to implement encryption & signatures for my email & instant messages. Implementations that don’t require me to change the way I use my machine & don’t impose bothersome requirements on my recipients.
One implementation that I’ve found is for gaim instant messenger. It uses a system similar to ssh to encrypt your messages. Each client generates a key (up to 4096) and shares the fingerprint at connection. Each key is listed in trusted_keys (similar to the ssh known_hosts file). Assuming the recieved key at connection matches, your messages are then secure & encrypted. If they don’t match you’ll be notified.
This is available via a plugin for gaim with simple install packages for most major distributions (including source, CVS, Fedora, Mandriva, Gentoo, Debian, Ubuntu, XP & Linux iPaQ)
Another option that I’ve used is using your GPG key with the Gajim client. This has the benefit of using more trusted GPG keys, however I find this option harder to implement as it requires others to switch clients and also requires the generation of a GPG key. Gajim is also a Jabber-only client, so those using gaim for its multi-protocol support are confronted with another problem.
Until gaim supports encryption via trusted GPG keys I think the ssh-type implementation is the least painful and, at least in my circle, the easiest to implement using existing clients.
Check out OTR for gaim:
http://www.cypherpunks.ca/otr/
It has some intriguing features such as deniability and perfect forward secrecy.