You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
PGP<br />
Once you have installed PGP, launch PGPTray. PGPTray will keep PGP in permanent application,<br />
until you need to use it.<br />
Right-click on PGPtray (the grey keylock at the bottom right <strong>of</strong> the tool bar) and launch<br />
PGPtools.<br />
Step 1 : Creating keys (PGP)<br />
The first icon is the one that manages and generates keys. Creating a key is very simple,<br />
and the assistant only makes the process easier. If you haven't created one already, you can always<br />
create new ones:<br />
1. In the fields “Full Name” and “Electronic Address”, enter a user name (avoid entering true<br />
information), in “Electronic Address”, you can however put your own one.<br />
2. Then choose the type <strong>of</strong> key you wish to create. In our example we will choose RSA.<br />
3. Then choose the size <strong>of</strong> the key. We will choose 2048 bits. The larger the size (in bits) <strong>of</strong> the key,<br />
the greater its strength is. A small-sized key <strong>of</strong>fers little security guarantee when faced with<br />
decrypting methods: it is an eggshell.<br />
4. Then choose the expiration date <strong>of</strong> the pair <strong>of</strong> keys. Allowing a key to expire has both an advantage<br />
and an inconvenient. The advantage is that if your private key is one day found or your encrypting<br />
broken, renewing your keys will allow you to communicate once more without worrying about this,<br />
because the encrypting you will use, based on new keys, will not have been broken. The<br />
inconvenient is that you will have to send your public key to all your correspondents, update all your<br />
diffusion zones, etc. It is possible that one day a correspondent <strong>of</strong> yours will send you an encrypted<br />
message with an old public key that you will be unable to decrypt. So in this example we will not<br />
take an expiration date.<br />
5. Then enter a secret sentence, to be used as a password. By “sentence”, we mean that the user<br />
should enter a whole sentence (so a long succession <strong>of</strong> characters) rather than a simple word. A<br />
sentence has a greater security value than a word. PGP actually includes a sentence quality<br />
indicator that can guide you on the choice <strong>of</strong> the sentence's length. This sentence will be asked<br />
when you use your private key (when decrypting). What is the advantage here? Simply that if<br />
someone manages to copy your private key, he will not be able to use it without the proper<br />
password.<br />
6. Once generating a key is finished, you can send your public key to a key server. This will for<br />
example enable someone who only knows your email address to see if you have put a key online.<br />
This is in no way compulsory.<br />
7. The process is over, you are now in possession <strong>of</strong> your own new pair <strong>of</strong> keys.<br />
The <strong>Hack</strong>ademy DMP -188/209- SYSDREAM