Before giving the PGP key details of Neelabh Rai, let us first understand what is PGP, GPG, how to do the key management by using different tools especially Enigma, and Gpg4win.
PGP (Pretty Good Privacy) is the protocol we use for email encryption. This protocol allows us to digitally sign and encrypt mail messages. It works on an end-to-end basis: messages will be encrypted on your own computer and will only be decrypted by the recipient of the message. There is no possibility for a ‘man-in-the-middle’ to decipher the contents of your encrypted message. This excludes the subject lines and the ‘from’ and ‘to’ addresses, which unfortunately are not encrypted in this protocol.
Hands-on Guide to Installation
After having introduced these basic concepts, we will give you a hands-on guide to install the necessary tools on your operating system and get encryption up and running. We will focus on using Enigmail which is an extension for Thunderbird that helps you manage PGP encryption for your email. The installation process for Engimail / PGP is different for Mac OSX, Windows and Ubuntu so please see the quick start guide here for instructions.
Using a key-pair to encrypt your mail
A crucial concept in mail encryption is the usage of so-called key-pairs. A key-pair is just two separate files sitting on your hard disk or USB stick. Whenever you want to encrypt mails for a certain mail-account, you will need to have these files available to yourself in some form. If they are sitting at home on your computer, you will not be able to decrypt mail at the office. Putting them on a USB stick should provide a solution to this problem.
A key-pair consists of the two different keys: a public key and a secret key.
The public key: you can give this key to other people, so they can send you encrypted mails. This file does not have to be kept secret.
The secret key: this basically is your secret file to decrypt emails people send to you. It should never be given to someone else.
Sending encrypted mails to other people: you need their public key
Let’s say that I have five colleagues at work and I want to send encrypted mails to them. I need to have public keys for each of their addresses. They can send me these keys using ordinary mail (by putting them on CD), or they can give them to me in person, or put them on a USB stick, or they can have their keys on a website. The better way is to upload their public keys on the global servers of PGP / GPG. It doesn’t matter, as long as I can trust those keys really belong to the person I want to correspond with. My software puts the keys on my `keyring’, so my mail application knows how to send them encrypted mails.
Receiving encrypted mails from other people: they need my public key
For my five colleagues to be able to send me encrypted mails, the process goes the other way around. I need to distribute my public key to each of them. Hence, I had hereby published my public keys not only on this website but also on the public PGP Key Servers existing globally.
Conclusion: encryption requires public key distribution!
All the people in a network of friends or colleagues wanting to send each other encrypted emails, need to distribute their public keys to each other, while keeping their secret keys a closely guarded secret.
Software required for key management
The software Enigmail will help you do this key management. It is better to install Gpg4win software, a secure solution for file and email encryption, which is specifically made for Windows platform. Gpg4win stands for GNU Privacy Guard for Windows.
More about Gpg4win
Gpg4win enables users to securely transport emails and files with the help of encryption and digital signatures. Encryption protects the contents against an unwanted party reading it. Digital signatures make sure that it was not modified and comes from a specific sender.
Gpg4win supports both relevant cryptography standards, OpenPGP and S/MIME (X.509), and is the official GnuPG distribution for Windows. It is maintained by the developers of GnuPG. Gpg4win and the software included with Gpg4win are Free Software (Open Source; among other things free of charge for all commercial and non-commercial purposes).
Creation of Gpg4win was supported by the German Federal Office for Information Security (BSI).
More about Enigmail
Updated: Saturday, May 30, 2014
About this Key: Neelabh Rai generally uses his PGP key to:
He signs his important emails in order to let the receiver know that the important email received is actually sent by Neelabh Rai only, and is not a case of MITM (Man-in-the-middle).
Neelabh Rai, hereby requests to send all the sensitive contents to him by using his PGP key and send email to neelabh [AT] cybercops [DOT] IN
Expires: Until forever
Fingerprint: 5D6F E136 1E95 5186 14BB 08F7 12C1 F491 5D7D B6C1
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: SKS 1.1.4 Comment: Hostname: pgp.mit.edu mQENBE8DMmoBCACWU6non4ifEfqpB85qgwwxeh+pz+G8SIPWjNk3AqX6cNUsjJP7R23Qs4c9 zqg6S7TMS0avZUtgZqSSUJSLhJYSYN/SAlon+Jr4PjqnOGupGijRwmIkoQANMz1jvBSSZCv7 cTZZvE/psR5Txg4zIHy7B2YVCVdyD5hMi/gedyqWT5f9E8PvYUYO7+vedKm6N9L4nR74G9wh kY31CfKniKxrxFFMHfOQTrdRSrKnr6FakBSgTTUJMGqAH3u0ASa+yJBZ0DGGwx1o0y7Sek1l M6JVwqDcanwO/9m/hQiMn+j5gB8wqw99h2bV6Hh2IyODwdHjFmP6axktbPx3MSQT39rFABEB AAG0Xk5lZWxhYmggUmFpIChDWUJFUiBDT1BTIEluZGlhICAtIEluZGVwZW5kZW50IEN5YmVy IFNlY3VyaXR5IFJlc2VhcmNoZXIpIDxuZWVsYWJoQGN5YmVyY29wcy5pbj6JATgEEwECACIF Ak8DMmoCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEBLB9JFdfbbBsvgH/jCHgQb5 6O9Up5h8XzDvjkBnYUv3Lb9e1MkrplZfG+EzkUns47EdgxzhNlrdaEZmzxpkGAEBjh0p4Wfo rRDODSFO5kvMoj4xeS1GPSEzSmfsU4VwAmvKW+EVVP0Fj4v1Zv/vi38j89kOt3BS5MuXmB48 ocXaraDKx0Ee/GKGe9QwzLNoz08EV14z2c50rJH3DCdRS0mRxMQ0E8Wh6fpHWrHVZp/YkDhr rrhiryro1cg+wp9YlaVzK3pP7yzHoz81DMqczE2xv+a9sMcHQj/HXl9AhcRr/cnQN/3RH+HJ 4Ng4zEeP8F3EnRZbdWJqH9n1VXye2Fegfpj3TUK5HMt2ruu5AQ0ETwMyagEIAM9By9Y0EoMU DFjbsFWusvj7VoR47QLlfNvFsuCSlvSjBvJtC/oXZoWtDpMNZx5fH/WGhHcdMlfsp5URw3ed xsyJWYk6+wbg92W6N3wz+IJMRWy3Jv4O46c0NnbwLSkiOK1jsuDjj1XbBq5frTIOg6JwHpRv 2OAFXW6w+Lbty6RdWlFHOPmfIi8amWBEslG2Zvn7l+3R/T5uDvPlEYnTIWVzEUY296LSnQy+ IrWR50RhoJt7dDTHAMSe+vHcauMddNnEbA3JHVZ4LffKYm5adrKvNMvz9Fu1CtnSJpsANTBN tn6Yqz000LGCbL0uoAFywPxqc5B//32ldKkfGSj5jpUAEQEAAYkBHwQYAQIACQUCTwMyagIb DAAKCRASwfSRXX22wZjzB/0XxGbI5dSej39w9aO6iJyJEjiZ//Fp379lI9NF8ovyN38ws5tl xxZFxbWZhql8MYTSzwGH0FDM2r3tUIDCgz+RW1CeIxU5ajVntxzxHpBJRLyjKr2Kf7egLYyR hyWABss6CnGkucigIo4kqh7KdIM9Yh7N3mFpQ1jjiee+eaXqVR8Foyx02YC62x4Fx0gULAyI Gf0/KxPK7MQCRDuog1ebLseX8mzzlgVPsui3t+2xlgBh7CXqOB67MrHboBPh/c4IUZc8B55y fTWh6a9d709rqmt5uE2zkQHddlxgVFxh8DYIede948Yb980cePXrM+2xDjN2AXOVyH1jdUVU nZ5S =+A/I -----END PGP PUBLIC KEY BLOCK-----