Silk Road forums
Discussion => Newbie discussion => Topic started by: cardcrash on August 06, 2013, 09:42 pm
-
Well I couldn't work out why after typing a message and then adding the PGP key my original message would still be there. So I tried using this Kleopatra business and it seemed to work for the addresses but not the main message itself. This PGP business in confusing as hell...
-
Use GPA. (when you install GnuPG, there's a tickbox during the install to choose GPA. It's not ticked by default - tick it and it will install).
Save your vendor's public key into a text file (notepad) and save as "whatever.asc"
Import that key file into GPA. Don't worry about creating your own key/pair.
Click on the "clipboard" button in GPA.
Use that clipboard as a notepad.. write whatever you want in there (your postal address), then click on "encrypt", and encrypt it with your vendors public key.
The resultant output can only be decrypted with that vendors private key - which only the vendor has. So copy and paste that encrypted text and give it to your vendor.
Easy.
(your vendor can't send you encrypted messages back this way, because he doesnt have your public key, in fact you don't have your own keys at this stage, but it's enough to send an encrypted address to a vendor).
-
Gees, this is better advice than the 300+ page pinned thread!! Someone give me some karma FFS ;)
Or double my post count.. :P
-
To explain the system (I'm wasted though..) each person wanting to receive encrypted communications has a "key set" (known as a public/private key pair. i.e they have a public key that ties in with their private key). As the name suggests, the public key is out in the public for the world to see. People wanting to write messages that only that "someone" can read, encrypts it with that person's public key - which like I said, is made public - they tell it to you. But it's a one-way encryption. The only way to de-crypt those messages is by being the person who has the private key! So the private key is the thing to keep private!
If you want your vendor to be able to send you encrypted messages that only you can see, then you must tell him your public key, the one that goes along with your private key.
It's pretty straightforward really. It's like a two-sided encryption thing. You can happily reveal the code that allows people to encrypt stuff for you (your public key) but this does not give them the ability to decrypt messages. It's not like a single cipher code (like the enigma code). A lot of us just assume that a code that is used for encrypting a message must therefore be the same code that can be used for decrypting the message, but that's not the case at all! I don't actually understand the technicalities of how this is achievable (I would feel the same - a cipher/encryption code must surely be reversible? but modern proper ones are not!)
-
It's not very hard to learn.
The other poster was right though use GPA it's much easier than that kleopatra thing.
Basically how it works is you will create a PGP keypair and then you will export your public key to a text file, Your PGP public key is what you will share with people you want to communicate with.
Like for example if you send me your PGP public key i can import it into my PGP client and then use it to encrypt a message than only you will be able to decrypt.
To encrypt and decrypt messages use the GPA clipboard, You type your message in there and then choose a key to create and encrypted message.
Hope that helps.