共享密钥加密公开密钥加密_密钥库：发送，接收和共享加密的消息

最新推荐文章于 2024-01-15 23:55:08 发布

culh2177

最新推荐文章于 2024-01-15 23:55:08 发布

阅读量2.5k

点赞数

文章标签：网络 python java 大数据区块链

原文链接：https://www.sitepoint.com/keybase-sending-receiving-and-sharing-encrypted-messages/

版权

共享密钥加密公开密钥加密

Image via Keybase.io

图片来自Keybase.io

Given the ever-increasing concerns over data security, there’s a growing interest in the options for data encryption. But encryption isn’t new. Looking back at history, we can find that one of the most notable machines for encryption was Enigma, a machine used in World War II. Going back even further, we find the Caesar cipher, used by Julius Caesar to encrypt messages.

鉴于对数据安全性的日益关注，对数据加密选项的兴趣与日俱增。但是加密并不新鲜。回顾历史，我们发现最著名的加密机器之一是Enigma ，这是第二次世界大战中使用的机器。再往前看，我们发现Julius Caesar用来加密消息的Caesar密码。

Essentially, encryption involves hiding a message inside another message that usually contains gibberish words. Today, in our digital world, you can see encryption being used in many different areas, such in our browsers, our file systems, emails etc.

本质上，加密涉及将一条消息隐藏在通常包含乱码的另一条消息中。今天，在我们的数字世界中，您可以看到加密已在许多不同的领域中使用，例如在我们的浏览器，我们的文件系统，电子邮件等中。

Encryption can be a bit difficult in the beginning, especially to non-technical people. But encrypting information is a concern for everybody, and not just people in tech-related fields. (Consider investigative journalists, for example, for whom data protection can be critical.)

在一开始，加密可能会有点困难，尤其是对于非技术人员而言。但是，对信息进行加密是每个人的关注，而不仅仅是与技术相关领域的人们。 (例如，考虑调查性新闻记者，对于他们而言，数据保护可能至关重要。)

In this article, I’ll review a tool that makes encryption easy, and I’ll demonstrate how to send an encrypted text message.

在本文中，我将介绍一种使加密变得容易的工具，并将演示如何发送加密的文本消息。

密钥库简介 (Introducing Keybase)

Keybase is an open-source platform for encryption that works as a social network. It tries to make encryption easier, breaking down the barrier of technology and adding a social aspect to it. You can start encrypting by just using a social media username.

Keybase是一个用作社交网络的开源加密平台。它试图使加密更容易，打破技术壁垒，并为其增加社交性。您可以仅使用社交媒体用户名开始加密。

On Keybase, you can look up people and follow them just like on Twitter. Keybase also maps your identify to your public key: you can link your other social accounts such as Reddit, GitHub, Twitter to your Keybase profile.

在Keybase上，您可以像在Twitter上那样查找人员并关注他们。 Keybase还将您的标识映射到您的公钥：您可以将您的其他社交帐户(例如Reddit，GitHub，Twitter)链接到Keybase个人资料。

Keybase offers encryption via a web-based client, but also offers local, command-line clients for all major operating systems.

Keybase通过基于Web的客户端提供加密，但也为所有主要操作系统提供本地命令行客户端。

获取和设置帐户 (Getting and Setting up an Account)

At the time of writing this article, Keybase is still in its alpha phase, and you need an invitation to get an account there. (I do have invitations, so ping me on Twitter if you’re interested.) You can also sign up via the form, but there is a queue, so you may need to wait a while.

在撰写本文时，Keybase仍处于Alpha阶段，您需要邀请才能在那里建立帐户。 (我确实有邀请，如果您有兴趣，请在Twitter上ping我。)您也可以通过表单进行注册，但是有一个队列，因此您可能需要等待一段时间。

Quick tip: You may find a lot of people sending invites on Twitter.

快速提示：您可能会发现很多人在Twitter上发送邀请。

设定您的个人资料 (Setting up Your Profile)

Once you have got an account on Keybase, you should create your profile. Then head over to the downloads page. Keybase supports all three major operating systems, and there’s also source code. Follow the installation instructions for your operating system.

在Keybase上拥有一个帐户后，您应该创建自己的个人资料。然后转到下载页面。 Keybase支持所有三种主要操作系统，并且还提供源代码。请遵循您操作系统的安装说明。

Once you’ve done that, you can run Keybase:

完成此操作后，即可运行Keybase：

run_keybase

Yay, we got a squirrel. This confirms we have Keybase ready to encrypt.

是的，我们有一只松鼠。这确认我们已经准备好加密密钥库。

验证您的个人资料 (Verifying your profiles)

Keybase also tries to build this “web of trust” platform by linking your accounts to your Keybase profile. Since Keybase also offers a command line application, I’ll use that to verify my profile later, but you can also use the web version.

Keybase还尝试通过将您的帐户链接到Keybase个人资料来构建此“信任网络”平台。由于Keybase还提供了命令行应用程序，因此稍后我将使用它来验证我的个人资料，但您也可以使用网络版本。

使用密钥库加密 (Encryption with Keybase)

The key part of Keybase is encryption. You can encrypt your message through the Keybase web platform:

密钥库的关键部分是加密。您可以通过Keybase Web平台加密消息：

If it’s your first time encrypting information, and you don’t have PGP key, Keybase can generate keys for you.

如果这是您第一次加密信息，并且您没有PGP密钥，则Keybase可以为您生成密钥。

Click on add a PGP key.

单击添加PGP密钥 。

To generate a key, we need to use the open-source application provided by Keybase:

要生成密钥，我们需要使用Keybase提供的开源应用程序：

keybase pgp gen    # if you need a PGP key
keybase pgp select # if you already have one in GPG
keybase pgp import # to pull from stdin or a file

You can easily generate a key, or import one.

您可以轻松生成密钥或导入密钥。

If you’ve chosen to generate a key, it will ask for a public name and email addresses. After entering your information, it will ask if you want to push a copy of the encrypted secret key to the keybase.io servers. This part is optional, but if you want to sign your message (proving that the message is from you) or decrypt them directly from the web application, you’ll have to add it.

如果您选择生成密钥，它将要求提供公共名称和电子邮件地址。输入信息后，它将询问您是否要将加密密钥的副本推送到keybase.io服务器。这部分是可选的，但是如果您想对消息进行签名(证明消息是来自您的)或直接从Web应用程序对其解密，则必须添加它。

First, we need to add the recipient of the encrypted message. Here is one of the features of Keybase. In traditional PGP encryption, you have to look for the person’s key, depending where the person shares their key (personal website, email, public key repositories etc.), then download the person’s key. Keybase offers a very nice search option that looks for the person’s key in Keybase’s database.

首先，我们需要添加加密邮件的收件人。这是Keybase的功能之一。在传统的PGP加密中，您必须根据个人共享密钥的位置(个人网站，电子邮件，公共密钥存储库等)来查找个人的密钥，然后下载该个人的密钥。 Keybase提供了一个非常不错的搜索选项，可以在Keybase的数据库中查找人员的密钥。

Let’s encrypt this message: “Hello from SitePoint”.

让我们加密以下消息：“ SitePoint的Hello”。

It can take a couple of seconds, and it will output the encrypted text:

这可能需要几秒钟的时间，它将输出加密的文本：

This message can be sent now via email or any other communication platform, and the only person who can see (decrypt) it is the recipient. Nobody else can read or understand this message even if they have access to our emails.

现在可以通过电子邮件或任何其他通信平台发送此消息，并且唯一可以看到(解密)该消息的人是收件人。即使其他人可以访问我们的电子邮件，也无法阅读或理解此消息。

使用密钥库解密 (Decryption with Keybase)

Click on the Decrypt button and paste your encrypted message. You’ll also need to type your Keybase passphrase. Click Decrypt.

单击解密按钮，然后粘贴您的加密消息。您还需要输入Keybase密码。单击解密。

It can take some seconds to decrypt the message, and it will output the original text “Hello from SitePoint”.

解密消息可能需要几秒钟，并且它将输出原始文本“ Hello from SitePoint” 。

You might notice that, above the secret message, there’s a question mark complaining that the author of the message is unknown. That means the author hasn’t signed the message with their key, and therefore we don’t know the sender. If you want to prove your identify, you should sign your keys. This time, besides adding our message, we’ll also need to put our Keybase passphrase to sign our message (This only works if you’ve added the private key to the keybase.io servers).

您可能会注意到，在秘密消息上方，有一个问号，抱怨消息的作者未知。这意味着作者尚未使用其密钥对邮件签名，因此我们不知道发件人。如果您想证明自己的身份，则应在密钥上签名。这次，除了添加我们的消息外，我们还需要放入我们的Keybase密码短语来对我们的消息进行签名(仅当您将私钥添加到keybase.io服务器时，此方法才有效)。

It pretty much looks the same. Now let’s decrypt this message:

看起来几乎一样。现在让我们解密此消息：

Note: I am using two accounts here.

注意：我在这里使用两个帐户。

Let’s view our decrypted text now:

现在让我们查看解密的文本：

Now we can see our message is signed by user ardianh.

现在，我们可以看到我们的消息已由ardianh用户ardianh 。

Keybase命令行应用 (Keybase Command Line App)

Now let’s try the Keybase command line application. With the Keybase app installed on your system, you can run run_keybase to verify that it’s installed.

现在，让我们尝试Keybase命令行应用程序。在系统上安装了Keybase应用程序之后，您可以运行run_keybase来验证它是否已安装。

Your first step is to log in to Keybase with keybase login:

第一步是使用keybase login到Keybase：

1. [computer]    macbook-pro
2. [computer]    ubuntu-digitalocean-vps
3. [paper key]    crunch lyrics
4. I don't have access to any of these devices.

Enter your Keybase username or email address. Then you have to provision your device. If you’ve already logged in via another machine and have access to it, you can use that machine to do the provision. Another option is to use the paper key (which you initially get when you sign up at keybase.io). If you don’t have access to either those, you can still use your Keybase passphrase.

输入您的Keybase用户名或电子邮件地址。然后，您必须配置设备。如果您已经通过另一台计算机登录并可以访问它，则可以使用该计算机进行配置。另一个选择是使用纸质钥匙(您在keybase.io上注册时最初获得的钥匙)。如果您无权访问其中任何一个，则仍可以使用Keybase密码。

You’ll see something like this:

您会看到以下内容：

Enter a public name for this device: digitalocea-vps
✔ Success! You provisioned your device digitalocea-vps.

Now that you’re logged in, the magic can start. I’ll first prove (verify) my Twitter account.

现在您已经登录，魔术就可以开始了。我将首先证明(验证)我的Twitter帐户。

keybase prove twitter

This will ask you to tweet a specific tweet that’s connected with your Keybase username. It’s nice that this process doesn’t require any oAuth authorization from Twitter. You get an email from Keybase letting you know that the identify proof has succeeded. If you were to go to my profile, you’d see that my Twitter profile is added, and you can even view the tweet. The process of linking other social accounts to your Keybase account is mostly the same, and Keybase provides instructions for each of them.

这将要求您发布一条与您的Keybase用户名关联的特定鸣叫。很好，这个过程不需要Twitter的任何oAuth授权。您会从Keybase收到一封电子邮件，通知您身份证明成功。如果您要转到我的个人资料，则会看到已添加我的Twitter个人资料，甚至可以查看该推文。将其他社交帐户链接到您的Keybase帐户的过程基本相同，并且Keybase为每个社交帐户提供了说明。

You also don’t have to go to Keybase’s website to encrypt your messages. They can be done directly from the command line application.

您也不必去Keybase的网站来加密您的消息。它们可以直接从命令行应用程序完成。

keybase pgp encrypt username -m "Hello from SitePoint"`

If you don’t follow the person you’re sending a message to, it will give you information on the username so you don’t pick the wrong person:

如果您不关注发送消息的人，它将为您提供用户名信息，因此您不会选择错误的人：

▶ INFO Identifying recipient ardian
✔ "ardian" on github: https://gist.github.com/61fed84ba846d4b9055e150818c69e7f [cached 2016-10-27 13:34:33 UTC]
✔ "ardianhaxha" on twitter: https://twitter.com/ardianhaxha/status/782818852442873860 [cached 2016-10-27 13:34:33 UTC]
Is this the ardian you wanted? [Y/n]

-----BEGIN PGP MESSAGE-----
Comment: https://keybase.io/download
Version: Keybase Go 1.0.17 (linux)

wcFMAydk+tkSN8tFARAAgnJZ8YcsqLuIC9FJ9rwXYbrTHMZQo5HWFiltNp/Vue+i
ctptzdBqjuEnCCeonrRunfYTKXgUcB/Aa5edTe84ujyqRaZtrQKwCfSqgKZt9Hyf
q5G8d9jTG/6mKAcUXN2DlErX8FMeUt4HfyNBC4Eq7LAVPdCZW6QsLWZDgbh7jlcO
⋮
Kk4fU13kExGs9zbIIuQ1/Gx0lc3ZUo8zau3XeKtwhFH0n1MgVBE+wNe6o8HJ4tLg
AeSLQdU0tgm370Awi5Y7WFbi4UST4JDg0+E6VeAD4rbLtZPgCuSc6AsauN/BVynG
/fWuKmvC4LfiZvhw2+BB5OSpwUb7tnFgCnLK+wIVUIXih/oQ/uH5KwA=
=i9kE
-----END PGP MESSAGE-----

Keybase will now output the encrypted message. Likewise, decryption can also be done from the command line.

密钥库现在将输出加密的消息。同样，也可以从命令行进行解密。

keybase pgp decrypt -i encrypted-message.txt

Hello from SitePoint

您好，SitePoint

The command line application has many more functionalities. Use keybase help to get the list of all the available options.

命令行应用程序具有更多功能。使用密钥库帮助获取所有可用选项的列表。

结论 (Conclusion)

Keybase has turned encryption into an easy and friendly option for newcomers.

Keybase已将加密功能变成了新手轻松而友好的选择。

The Keybase team has recently launched a new service called Keybase filesystem, a special place where you can store and share encrypted data. Every user has 10GB of space, and the file system comes installed with the Keybase application.

Keybase团队最近启动了一项名为Keybase文件系统的新服务，该服务是您可以存储和共享加密数据的特殊位置。每个用户都有10GB的空间，并且文件系统随Keybase应用程序一起安装。

So, what do you think? Is this something you would use? Have you tried it already? If so, what did you think? Feel free to discuss or ask any questions below.

所以你怎么看？ 这是您会使用的东西吗？ 你已经尝试过了吗？ 如果是这样，您是怎么想的？ 请随意讨论或询问以下任何问题。