Before giving the PGP key details of Neelabh Rai, let us first understand what is PGP, GPG, how to do the key management by using different tools especially Enigma, and Gpg4win.
Introducing email encryption (PGP)
PGP (Pretty Good Privacy) is the protocol we use for email encryption. This protocol allows us to digitally sign and encrypt mail messages. It works on an end-to-end basis: messages will be encrypted on your own computer and will only be decrypted by the recipient of the message. There is no possibility for a ‘man-in-the-middle’ to decipher the contents of your encrypted message. This excludes the subject lines and the ‘from’ and ‘to’ addresses, which unfortunately are not encrypted in this protocol.
Hands-on Guide to Installation
After having introduced these basic concepts, we will give you a hands-on guide to install the necessary tools on your operating system and get encryption up and running. We will focus on using Enigmail which is an extension for Thunderbird that helps you manage PGP encryption for your email. The installation process for Engimail / PGP is different for Mac OSX, Windows and Ubuntu so please see the quick start guide here for instructions.
Using a key-pair to encrypt your mail
A crucial concept in mail encryption is the usage of so-called key-pairs. A key-pair is just two separate files sitting on your hard disk or USB stick. Whenever you want to encrypt mails for a certain mail-account, you will need to have these files available to yourself in some form. If they are sitting at home on your computer, you will not be able to decrypt mail at the office. Putting them on a USB stick should provide a solution to this problem.
A key-pair consists of the two different keys: a public key and a secret key.
The public key: you can give this key to other people, so they can send you encrypted mails. This file does not have to be kept secret.
The secret key: this basically is your secret file to decrypt emails people send to you. It should never be given to someone else.
Sending encrypted mails to other people: you need their public key
Let’s say that I have five colleagues at work and I want to send encrypted mails to them. I need to have public keys for each of their addresses. They can send me these keys using ordinary mail (by putting them on CD), or they can give them to me in person, or put them on a USB stick, or they can have their keys on a website. The better way is to upload their public keys on the global servers of PGP / GPG. It doesn’t matter, as long as I can trust those keys really belong to the person I want to correspond with. My software puts the keys on my `keyring’, so my mail application knows how to send them encrypted mails.
Receiving encrypted mails from other people: they need my public key
For my five colleagues to be able to send me encrypted mails, the process goes the other way around. I need to distribute my public key to each of them. Hence, I had hereby published my public keys not only on this website but also on the public PGP Key Servers existing globally.
Conclusion: encryption requires public key distribution!
All the people in a network of friends or colleagues wanting to send each other encrypted emails, need to distribute their public keys to each other, while keeping their secret keys a closely guarded secret.
Software required for key management
The software Enigmail will help you do this key management. It is better to install Gpg4win software, a secure solution for file and email encryption, which is specifically made for Windows platform. Gpg4win stands for GNU Privacy Guard for Windows.
More about Gpg4win
Gpg4win enables users to securely transport emails and files with the help of encryption and digital signatures. Encryption protects the contents against an unwanted party reading it. Digital signatures make sure that it was not modified and comes from a specific sender.
Gpg4win supports both relevant cryptography standards, OpenPGP and S/MIME (X.509), and is the official GnuPG distribution for Windows. It is maintained by the developers of GnuPG. Gpg4win and the software included with Gpg4win are Free Software (Open Source; among other things free of charge for all commercial and non-commercial purposes).
Creation of Gpg4win was supported by the German Federal Office for Information Security (BSI).
More about Enigmail
- Tightly integrated suport for OpenPGP with Mozilla Thunderbird and Mozilla Seamonkey (and other Mozilla-based mail clients)
- Encrypt/sign mail when sending, decrypt/authenticate received mail
- Support for inline-PGP (RFC 4880) and PGP/MIME (RFC 3156)
- Per-Identity based encryption and signing defaults
- Per-Recipient rules for automated key selection, and enabling/disabling encryption and signing
- Integrated OpenPGP key management user interface
- Automatically encrypt or sign attachments for inline PGP messages
- Powerful GUI for easy configuration and OpenPGP key management
- Detailed user preferences for advanced configuration
- Integrated OpenPGP PhotoID viewer
- Supports OpenPGP key retrieval via proxy servers
- Integrates with GnuPG, versions 1.4.x and 2.0.x
- Supports Mozilla’s Multiple Identities feature
- Official release available for: Windows, Mac OS X, Linux x86-32 and x86-64 (all in one release file)
- Contributed / distribution builds for other operating systems such as Linux, Solaris, *BSD and OS/2
- Many Language Packs, (mostly) included in the official releases, and available separately for localisation of contributed builds
PGP Key Details of Neelabh Rai
Updated: Tuesday, June 27, 2017
Please do not use the ID: 0x5D7DB6C1 for sending any emails. Due to the loss of Private Key, I’m unable to revoke it from the PGP Key Servers. Instead, now a new key is generated.
About this Key: Neelabh Rai generally uses his PGP key to:
- Signing emails & files
- Encrypting emails & files
- Certifying other Certificates
He signs his important emails in order to let the receiver know that the important email received is actually sent by Neelabh Rai only, and is not a case of MITM (Man-in-the-middle).
Neelabh Rai, hereby requests to send all the sensitive contents to him by using his PGP key and send email to neelabh [AT] cybercops [DOT] IN
Fingerprint: D208 85B5 6872 E292 3E90 9760 0351 090D 023C E8B5
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: SKS 1.1.5
Comment: Hostname: pgp.mit.edu
—–END PGP PUBLIC KEY BLOCK—–