通信安全 隐私
by Radu Raicea
由Radu Raicea
漂亮隐私的工作原理,以及如何使用它进行安全通信 (How Pretty Good Privacy works, and how you can use it for secure communication)
Sending sensitive information through the internet is always nerve-racking. What if somebody else sees the bank information I’m sending? Or even those dank memes that should not be spoken of?
通过互联网发送敏感信息总是令人费解。 如果其他人看到我发送的银行信息怎么办? 甚至不应该谈论的那些模棱两可的模因?
Fortunately, there’s a pretty good solution to this problem: Pretty Good Privacy (PGP).
幸运的是,有一个很好的解决此问题的方法: 很好的隐私(PGP) 。
A software engineer named Phil Zimmermann created PGP back in 1991. He was an anti-nuclear activist, and wanted a way to transfer information securely over the Internet.
1991年,一位名叫Phil Zimmermann的软件工程师创建了PGP。他是一名反核活动家,他希望找到一种通过Internet安全传输信息的方法。
Zimmermann got into trouble with the US government in 1993 because PGP travelled international waters and reached a vast number of countries around the globe, violating US export restrictions for cryptographic software.
齐默尔曼(Zimmermann)于1993年与美国政府发生纠纷,因为PGP穿越国际海域并到达了全球许多国家,这违反了美国对加密软件的出口限制。
Today, PGP is “owned” by Symantec, but OpenPGP, an e-mail encryption standard, is implemented by multiple software.
如今,PGP是赛门铁克 “拥有”的,但是电子邮件加密标准OpenPGP是由多种软件实现的。
You might also hear a lot about GPG. It is another software tool that implements the OpenPGP standard.
您可能还会听到很多有关GPG的信息 。 它是另一个实现OpenPGP标准的软件工具。
PGP实际如何工作? (How does PGP actually work?)
PGP is very easy to understand, on the surface. Imagine you want to send your credit card information to a friend and you write it on a piece of paper. You then put the paper in a box and send it by mail.
从表面上看,PGP非常容易理解。 假设您要将信用卡信息发送给朋友,然后将其写在纸上。 然后,您将纸张放在一个盒子中并通过邮件发送。
A thief can easily steal the box and look at the paper that contains your credit card information. What could you do instead?
小偷可以轻松地偷箱子并查看包含您的信用卡信息的文件。 您能做什么呢?
You decide to put a key lock on the box, but you realize that you have to send the key along with the box. That’s no good.
您决定将钥匙锁放在盒子上,但是您意识到必须将钥匙与盒子一起发送。 不好
What if you meet your friend in person to share the key beforehand? That could work, right? It could, but then both of you have a key that allows to unlock the box. You, as the sender, will never need to open the box again after closing it. By keeping a copy of a key that can unlock the box, you are creating a vulnerability.
如果您遇到朋友亲自分享密钥怎么办? 那行得通,对吧? 可以,但是你们俩都有一个可以打开盒子的钥匙。 作为发件人,您无需在关闭后再次打开该盒子。 通过保留可以打开盒子的钥匙的副本,您可以创建漏洞。
Finally, you found just the right solution: you’ll have two keys. The first key will only be able to lock the box. The second key will only be able to open the box. That way, only the person who needs to get the content of the box has the key that allows them to unlock it.
最后,您找到了正确的解决方案:您将拥有两个密钥。 第一个钥匙将只能锁定该盒子。 第二把钥匙只能打开盒子。 这样,只有需要获取盒子内容的人才具有使他们能够解锁盒子的钥匙。
This is how PGP works. You have a public key (to lock/encrypt the message) and a private key (to unlock/decrypt the message). You would send the public key to all your friends so that they can encrypt sensitive messages that they want to send to you. Once you receive an encrypted message, you use your private key to decrypt it.
PGP就是这样工作的。 您有一个公共密钥 (用于锁定/加密消息)和一个私有密钥 (用于解锁/解密消息)。 您会将公钥发送给所有朋友,以便他们可以加密他们想要发送给您的敏感消息。 收到加密的消息后,就可以使用私钥对其进行解密。
一个简单的例子 (A Brief Example)
There are plenty of software tools that implement the OpenPGP standard. They all have different ways of setting up PGP encryption. One particular tool that works very well is Apple Mail.
有许多实现OpenPGP标准的软件工具 。 它们都有不同的设置PGP加密的方式。 一种非常有效的特殊工具是Apple Mail 。
If you are using a Mac computer, you can download the GPGTools. This application will generate and manage your public and private keys. It also integrates automatically with Apple Mail.
如果您使用的是Mac计算机,则可以下载GPGTools 。 该应用程序将生成和管理您的公钥和私钥。 它还与Apple Mail自动集成。
Once the keys are generated, you will see a lock icon in the subject line, when composing a new message in Apple Mail. This means that the message will be encrypted with the public key you’ve generated.
生成密钥后,在Apple Mail中编写新消息时,您将在主题行中看到一个锁定图标。 这意味着消息将使用您生成的公共密钥进行加密。
After sending the e-mail to someone, it will look like this. They will not be able to see the content of the e-mail until they decrypt it using the private key.
将电子邮件发送给某人后,它看起来像这样。 在使用私钥解密电子邮件之前,他们将看不到电子邮件的内容。
Note that PGP encryption does not encrypt the subject line of an e-mail. Never put any sensitive information in the subject line.
请注意, PGP加密不会加密电子邮件的主题行 。 切勿在主题行中放入任何敏感信息。
If you are using software that automatically decrypts the message using your private key, like Apple Mail, it will look something like this:
如果您使用的软件(例如Apple Mail)使用私钥自动对消息进行解密,则它将类似于以下内容:
综上所述… (In summary…)
Pretty Good Privacy (PGP) allows you to send files and messages securely over the Internet
相当好的隐私 (PGP)允许您通过Internet安全地发送文件和消息
PGP generates a public key (to encrypt messages) and a private key (to decrypt messages)
PGP生成一个公共密钥 (用于加密消息)和一个私有密钥 (用于解密消息)
OpenPGP is an e-mail encryption standard
OpenPGP是电子邮件加密标准
GPG is an open-source implementation of OpenPGP
GPG是OpenPGP的开源实现
You can find a brief list of software that have PGP capability here
您可以在此处找到具有PGP功能的软件的简要列表。
参考文献 (References)
For more updates, follow me on Twitter.
有关更多更新,请在Twitter上关注我。
翻译自: https://www.freecodecamp.org/news/how-does-pretty-good-privacy-work-3f5f75ecea97/
通信安全 隐私
1982
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
