Cryptography

Skip to navigation.

This page contains a few things related to cryptography (obscuring information) and steganography (hiding information), including my introduction to PGP and the steganography challenge.

You might also be interested in steg-encode.pl, my attempt at a basic steganography tool.

An Introduction to PGP

What is That Mumbo Jumbo at the Bottom of Your Email, Toby?

That, my friend, is a PGP signature. It probably looks something like this:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)

iD8DBQE8fU94dS33bVJ0/loRAsznAJ9Xqwgd+n+gAzrmmVZckWPBRenoWACfSp0q
z5Fjj2G+0UoZm6yxOjCWKL0=
=Gc4C
-----END PGP SIGNATURE-----

It is possible that your email client displays it as an attachment. Outlook (and Outlook Express) displays the main body of my messages as an attachment as well. This behaviour is incorrect. (See this page for further details)

If this does happen it is a problem with your mailer. Your problem not mine. Write to the vendor and tell them to support the Internet standard called "RFC3156", which is an updated version of "RFC2015" which was first proposed in 1996. Otherwise try using different email software. See the "Where Can I Get PGP" section below.

What Is PGP?

PGP is short for Pretty Good Privacy. There is a version of PGP called GPG, which is the version I use.

PGP lets you do two main things:

Encrypt email so that no-one except the person you want to read it can; and
Sign email, so that the person you send it to knows that it's from you.

Why Do That?

Contrary to popular belief, email is not private. It's like sending a postcard without an envelope. Plenty of people have the opportunity to read it on the way to its intended recipient. By encrypting your mail, they can't tell what it says.

A lot of those people who have access to read it, also have access to change it if they want to. By signing your mail, they won't be able to change it without damaging the signature.

How Does It Work?

While it's actually pretty complicated mathematics, here's a simple explanation...

PGP uses something called a "public key algorithm". This means that you have two keys - a "public key" that people use to "lock" an email before they send it to you, and a "private key" that you use to "unlock" the email.

Alternatively, if you want to sign an email instead of encrypting it (you can do both too!) you use your private key to lock the signature and then they use the public key to unlock it.

Because it is impossible to figure out the private key from the public key, you can give the public key to as many people as you want without damaging your security. My PGP public key is here.

I Need More Info!

This page is only intended to act as an introduction. To learn how to use PGP well, you'll need to look elsewhere.

PGP for ABSOLUTE Beginners
A really good guide on how to set up and start using PGP. Better than my guide :-)
Introduction To PGP
Mainly links, but some good links!
An Introduction to GNU Privacy Guard
This article is mainly about using the PGP clone "GPG" on Linux, but contains a lot of general information on the technology too.

Where Can I Get PGP?

Here's some information on where to get PGP and an email program that understands PGP.

OS	PGP	Mail Client
	PGP 6.5.8 for Windows 95/98/NT	Becky 2 or Eudora
	PGP 6.5.8 for Mac - requires StuffIt Expander 5.5 (not version 6). Classic Mode (not OS X).	Eudora
	PGP 6.5.8 for Linux (RPM) or GPG 1.0.6 Source Code	Sylpheed, Ximian Evolution or Mutt
	PGP 6.5.8 for Unix source	Most Linux email clients should be fine. In particular, Mutt will.
	PGP 5.0 for BeOS	PGPforBeMail - plugin for BeMail.

The Steganography Challenge

What is Steganography?

Steganography is the art of hiding information. It is closely related to cryptography.

With cryptography, you scramble information so that no-one can understand what it means unless they have the right key to unscramble it. They know it's there — they just can't read it.

With steganography they don't know it's there. One basic example of steganography is putting files on a floppy disc and then hiding the disc under your matress. There are (of course) more sophisticated ways.

Combining the two gives you a very powerful way of keeping things secure.

The Challenge

The challenge is to find the picture of the cat on this page. If you can find it, email me :-)

Here is a nice picture of a dog for you to admire while you're searching for the cat (note: the cat picture is much better than the dog picture!)

Search

Or try the site map or home page.

Navigation

You are here:
Toby A Inkster → Miscellaneous → Cryptography

Site News

Tue, 6 Apr 2004: Finally a new release. More configurable. More: Opera 7
Sat, 27 Mar 2004: New alpha version of jukebox.pl available. More: jukebox.pl
Sat, 24 Jan 2004: Updated jukebox.pl page to include requirements and future plans More: jukebox.pl
Fri, 9 Jan 2004: RSS feed added. More:
Older news items, .

Site Style

Page Information

Permanent URL
Modified: Mon, 20 Oct 2003.
Created: Mon, 28 Apr 2003.

Site policy: This page is designed to be accessible and standards compliant. Your use of it may be affected by the copyright and privacy statements, content filtering policy and disclaimer.

Contact me.
Edit page [private].