Criptografia e assinatura digital com GnuPG - Eriberto.pro.br
Criptografia e assinatura digital com GnuPG - Eriberto.pro.br
Criptografia e assinatura digital com GnuPG - Eriberto.pro.br
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
<strong>Criptografia</strong> e<<strong>br</strong> />
<strong>assinatura</strong> <strong>digital</strong><<strong>br</strong> />
<strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
CISL 2012<<strong>br</strong> />
João <strong>Eriberto</strong> Mota Filho<<strong>br</strong> />
29 de outu<strong>br</strong>o de 2012<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
(Do grego: kriptos=escondido, grifo=grafia/escrever)<<strong>br</strong> />
Autenticidade.<<strong>br</strong> />
Integridade.<<strong>br</strong> />
Confidencialidade (ou sigilo).<<strong>br</strong> />
Não repúdio.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Simétrica<<strong>br</strong> />
Assimétrica<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Vantagens:<<strong>br</strong> />
Simplicidade no uso;<<strong>br</strong> />
Simétrica<<strong>br</strong> />
Grande velocidade nas operações.<<strong>br</strong> />
Desvantagens:<<strong>br</strong> />
Chave única;<<strong>br</strong> />
Segredo <strong>com</strong>partilhado;<<strong>br</strong> />
Necessidade de uma chave para cada relação de<<strong>br</strong> />
confiança;<<strong>br</strong> />
Não permite a <strong>assinatura</strong> e a certificação <strong>digital</strong>;<<strong>br</strong> />
A chave não pode trafegar livre em canais de<<strong>br</strong> />
<strong>com</strong>unicação.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Vantagens:<<strong>br</strong> />
Assimétrica<<strong>br</strong> />
Utiliza um par de chaves (privada e pública) para todas<<strong>br</strong> />
as relações de confiança;<<strong>br</strong> />
O segredo pessoal (chave privada) não é <strong>com</strong>partilhado;<<strong>br</strong> />
Permite a <strong>assinatura</strong> e a certificação <strong>digital</strong>;<<strong>br</strong> />
A chave pública pode trafegar em canais de <strong>com</strong>unicação.<<strong>br</strong> />
Desvantagens:<<strong>br</strong> />
Baixa velocidade nas operações;<<strong>br</strong> />
O seu uso requer conhecimentos mais específicos.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
BEGIN RSA PRIVATE KEY<<strong>br</strong> />
MIIEogIBAAKCAQEA440Is8WIpOvaJzptE91E0yCQt+TeFZIOf4KQTFOOtmwoxv77<<strong>br</strong> />
rLkM/3QDBl5VUYo3PRE4UyV2ldH+iY77pERHDz3e5SzptFclcc41YjG4AAOAlbKx<<strong>br</strong> />
97RMHh29qp30j5RVYo6WfS4G9+pIVbZCHt7aCVRIWMmNryIBWOLTDiwP2Be12Y0z<<strong>br</strong> />
6AOOTmZdRdzgu0zWJfo16TqtrsA7DRMZnM63a6sn7Kjhmd4i6ptgck3RVGs0E6gQ<<strong>br</strong> />
ZOCion9HJ14YoLPD85Mk8My8CAEI4QJ4vimbnVsawJ3725G5gAG5+l2HZHF8+YEZ<<strong>br</strong> />
bT5jLDGWoqErZuZaz61z05TdFpsE1alZR2BSQwIBIwKCAQBoBfVZft9hVeAR7tLH<<strong>br</strong> />
QJR9xb5/85i5Z1cVuAdzWWXPvGppmSKYGhSSCSX0SGGEXHEF+T5R5T2GUV5qxQ<<strong>br</strong> />
VS<<strong>br</strong> />
aFr/p0FS0rP6q37U8I1ut6SSSr5wUbBxPHqRbK554c7ijPPVSH9PKvvfDAPPaULM<<strong>br</strong> />
SJ4wJod5C6578knCO84yXUkSUx6tp53QGEEFEsBYpBCCMkIC94UXS6yiFeGWE2DI<<strong>br</strong> />
YmdVP9rX5ilClzHlrb5Rp7tUi+q4oTHBi6Ziy5S5huxYhl8WwuZgSvWqc8CEFwcC<<strong>br</strong> />
wYtUHQkFuWHjV80fveOuy48g1NgiBopyEpsZi2vxbVSMO0cdH98rqeHTQc+M+khq<<strong>br</strong> />
s74LAoGBAPP0ChzT0sEz3ANsw1HPSCdP6NA3uHHOvf1mJ5RYsvWjWQuPT+ojmGy<<strong>br</strong> />
V<<strong>br</strong> />
1jv6ahg7LXGvQ70bQS4pcOhWLSrGwx7Sb8xe1yDzEaoqu2fc0+3GASE5S0tx3h8j<<strong>br</strong> />
voK5FTgRsz8wtLWNft1XP7l40ZS<strong>br</strong>Sn2O1iLrAJ3G1auDaHiPStVAoGBAO7JpG3c<<strong>br</strong> />
+77fcVUXMqrPNr5vk/KOjLI9cmAuoSGNxH+91m2lEX00mvkuWRQlRM9QS7Dwg7Zy<<strong>br</strong> />
PfiA8Ql7WcjYSrUfWQCfUaGwEimVVLGLTk0PWnXKzSpIY4mm09Uy6wY67KT+XhU<<strong>br</strong> />
G<<strong>br</strong> />
NtKNEOEJsG3Yd4VJvGMYZTyhX7gjODj7ufc3AoGBALwxSaE1sTX0zkvI7nJPciz0<<strong>br</strong> />
gGYcWxX3QhtALSlLvUEmPWCwYjhHWFPEC6qcmvy/79tbUYNA6SOcT8ksiT5BjzUI<<strong>br</strong> />
vKT4tJXC0xzfItsYETPEocksMsUr9H5sB/5xhWXEgvY7hBcGwPPkOHkisE4RsXgk<<strong>br</strong> />
Waq048djMljPaZojjkX/AoGADaUfVrwrpIHL9jvXAnI9pHtnijQICi9lnxibfkKd<<strong>br</strong> />
g6Rypy4A/9cezGkMZ40Z3/X1slbi9HuOgzqRbkGQGhr89Ggw+LillDXyaMa0Yeq0<<strong>br</strong> />
BGdG/2qso1SX+Ty7pchlM45Wqletms0ntEKTQA8upzDw4wuHG5r+eH4/++TBYleG<<strong>br</strong> />
+C8CgYEAv+a1mEn5UHonIUzCLg2H1UsK+XddKmuuFYtXyJiVzwbg2wVyeIXoMqrV<<strong>br</strong> />
Qdx+XcPxLMvBLAe1lNXh5g/PouwmNWT4lGnDTI8egJyvnOn1VBAX6uCguhelmwrb<<strong>br</strong> />
GpAkMlg1qXTLD09CoeMsfHi3W64cBxLcfuaxLmO6OchShsDNAa8=<<strong>br</strong> />
END RSA PRIVATE KEY<<strong>br</strong> />
Exemplo de<<strong>br</strong> />
chave privada<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
sshrsa<<strong>br</strong> />
AAAAB3NzaC1yc2EAAAABIwAAAQEA440Is8WIpOvaJzptE91E0yCQt+TeFZIOf4<<strong>br</strong> />
KQTFOOtmwoxv77rLkM/3QDBl5VUYo3PRE4UyV2ldH+iY77pERHDz3e5SzptFclcc<<strong>br</strong> />
41YjG4AAOAlbKx97RMHh29qp30j5RVYo6WfS4G9+pIVbZCHt7aCVRIWMmNryIB<<strong>br</strong> />
WOLTDiwP2Be12Y0z6AOOTmZdRdzgu0zWJfo16TqtrsA7DRMZnM63a6sn7Kjhmd<<strong>br</strong> />
4i6ptgck3RVGs0E6gQZOCion9HJ14YoLPD85Mk8My8CAEI4QJ4vimbnVsawJ3725<<strong>br</strong> />
G5gAG5+l2HZHF8+YEZbT5jLDGWoqErZuZaz61z05TdFpsE1alZR2BSQw==<<strong>br</strong> />
teste@antares<<strong>br</strong> />
Exemplo de chave<<strong>br</strong> />
pública (par da<<strong>br</strong> />
privada anterior)<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Hash<<strong>br</strong> />
Hash é um algoritmo que transforma uma grande<<strong>br</strong> />
quantidade de informações em uma pequena quantidade<<strong>br</strong> />
de informações.<<strong>br</strong> />
Cada tipo de hash gera um resultado hexadecimal, de<<strong>br</strong> />
tamanho fixo, baseado em cálculos, bit a bit, so<strong>br</strong>e o<<strong>br</strong> />
conteúdo de um arquivo qualquer.<<strong>br</strong> />
Teoricamente, dois arquivos, <strong>com</strong> conteúdos diferentes,<<strong>br</strong> />
não poderiam <strong>pro</strong>duzir o mesmo hash. Caso essa falha<<strong>br</strong> />
ocorra, dizse que houve uma colisão.<<strong>br</strong> />
Algumas aplicações: armazenamento de senhas em<<strong>br</strong> />
sistemas, tráfego de senhas, conferência rápida de dados e<<strong>br</strong> />
conteúdo.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Hash<<strong>br</strong> />
Exemplo de hash MD5 (16 bytes):<<strong>br</strong> />
# md5sum /etc/<strong>pro</strong>file<<strong>br</strong> />
fc332c57412df8923bf0632bdcda30e0<<strong>br</strong> />
Exemplo de hash SHA256 (32 bytes):<<strong>br</strong> />
# sha256sum /etc/<strong>pro</strong>file<<strong>br</strong> />
e4dbac2698e0e9c0248ee52bf11537ea10a65e8b64d020826d9d003f8434599e<<strong>br</strong> />
Obs: os hashes MD5 e SHA1 devem ser utilizados <strong>com</strong><<strong>br</strong> />
cautela por já terem sido que<strong>br</strong>ados.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
Calculase o hash de uma mensagem.<<strong>br</strong> />
O hash é assinado (criptografado <strong>com</strong> a chave privada).<<strong>br</strong> />
A mensagem e o hash assinado são enviados para o<<strong>br</strong> />
destinatário.<<strong>br</strong> />
Autenticidade, integridade e nãorepúdio.<<strong>br</strong> />
O conceito de <strong>assinatura</strong> <strong>digital</strong> não envolve o sigilo da<<strong>br</strong> />
mensagem. No entanto, este recurso poderá ser<<strong>br</strong> />
adicionado.<<strong>br</strong> />
Há a possibilidade de introdução de uma autoridade<<strong>br</strong> />
certificadora (AC ou CA) no <strong>pro</strong>cesso.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
O PGP (Pretty Good Privacy) foi criado, em 1991, por<<strong>br</strong> />
Philip Zimmermann.<<strong>br</strong> />
O <strong>GnuPG</strong> (GNU Privacy Guard ou GPG) é uma<<strong>br</strong> />
implementação livre do PGP.<<strong>br</strong> />
Segue o padrão OpenPGP (RFC 4880).<<strong>br</strong> />
O <strong>GnuPG</strong> e o PGP trabalham <strong>com</strong> o fundamento de<<strong>br</strong> />
confiabilidade mútua, mediante a <strong>assinatura</strong> de chaves<<strong>br</strong> />
das pessoas pelas pessoas (não há uma CA).<<strong>br</strong> />
O <strong>GnuPG</strong> usa chaves assimétricas, permitindo a<<strong>br</strong> />
criptografia (sigilo) e a <strong>assinatura</strong> <strong>digital</strong>.<<strong>br</strong> />
Pode ser utilizado em linha de <strong>com</strong>ando ou <strong>com</strong><<strong>br</strong> />
<strong>pro</strong>gramas especiais em inúmeros sistemas operacionais.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong> (alguns <strong>com</strong>andos)<<strong>br</strong> />
$ gpg help<<strong>br</strong> />
$ gpg genkey<<strong>br</strong> />
$ gpg listkeys | listsecretkeys<<strong>br</strong> />
$ gpg listsigs<<strong>br</strong> />
$ gpg fingerprint<<strong>br</strong> />
$ gpg a export | import | exportsecretkeys (perigo!)<<strong>br</strong> />
$ gpg signkey<<strong>br</strong> />
$ gpg e | d<<strong>br</strong> />
$ gpg clearsign | verify<<strong>br</strong> />
$ gpg editkey<<strong>br</strong> />
$ gpg sendkeys | recvkeys<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong> (addons)<<strong>br</strong> />
Servidores públicos de chaves públicas.<<strong>br</strong> />
Mozilla Thunderbird (Icedove) + Enigmail.<<strong>br</strong> />
Kgpg.<<strong>br</strong> />
Seahorse.<<strong>br</strong> />
Outras opções (inclusive para Windows e Mac):<<strong>br</strong> />
http://www.gnupg.org/related_software/frontends.html.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong> (exemplo)<<strong>br</strong> />
# cat texto.txt<<strong>br</strong> />
Este eh um teste.<<strong>br</strong> />
# gpg ear eriberto teste.txt<<strong>br</strong> />
# cat teste.txt.asc<<strong>br</strong> />
BEGIN PGP MESSAGE<<strong>br</strong> />
Version: <strong>GnuPG</strong> v1.4.9 (GNU/Linux)<<strong>br</strong> />
hQEMA95t4DnBz8JlAQgAjZHFIJlPK9b0aceLy0n1NkgoFbwovBsX1d/tsTzE3MU5z8FXcwo<<strong>br</strong> />
/9+z510Sd0BEhWXJtpUCOTsG0Ej5u+aLfpgEPJ+DSQJUN1d1lhGmuQBkSHDaVcKKMt7z<<strong>br</strong> />
FRffHABHlZ1MsfUSGzKGzelxMaIYkVyqWtBuK+JNiAO06AYWdjJHfMdIsxEFqAf/bRr55lx<<strong>br</strong> />
+6yJa/ou96QawIET+LlrR8uNPtSFy6YjB4vvmRhVpe1y7lAtZezb3TJhzjdz91T1Tl1zWo48Z0<<strong>br</strong> />
ciy7kVZSgqrouZPhUqfO3ZSpzmvyFDM0AevxL+r0AzNk9raDT7k3m9AOnEC+X825IO0gLo<<strong>br</strong> />
K5fQBoJ9JRAb/89RyiRTgq4Y4+DJ47j4uqQdo9NhCDL0tGT8xi7FIIwf97XtFKN3ZeMRjd11<<strong>br</strong> />
YnbBcqW0FO2RZ1BBq+qyWkZ+CJCGvqKiYPaZV8klfqOinu=2VbY<<strong>br</strong> />
END PGP MESSAGE<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Criar um par de chaves (utilize o modo expert e RSA).<<strong>br</strong> />
Disponibilizar a chave pública em um servidor de chaves.<<strong>br</strong> />
Comparecer ao evento portando identidade ou carteira de<<strong>br</strong> />
motorista e cartões ou tiras de papel <strong>com</strong> o nome<<strong>br</strong> />
<strong>com</strong>pleto, email e fingerprint da chave.<<strong>br</strong> />
Oferecer o seu documento e o seu cartão para as pessoas,<<strong>br</strong> />
solicitando uma <strong>assinatura</strong>.<<strong>br</strong> />
Conferir, <strong>com</strong> critério, os dados de quem lhe pedir<<strong>br</strong> />
<strong>assinatura</strong>s.<<strong>br</strong> />
Depois, em casa, buscar as chaves alheias em servidores<<strong>br</strong> />
públicos, assinálas, exportálas e enviálas por email.<<strong>br</strong> />
No Debian, o pacote signingparty automatiza o <strong>pro</strong>cesso.<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Quando alguém lhe enviar a sua chave assinada, importá<<strong>br</strong> />
la para o seu chaveiro e enviar para um servidor público.<<strong>br</strong> />
Utilize um cartão ou tira de papel <strong>com</strong> os seus dados para<<strong>br</strong> />
facilitar a troca de informações. Exemplo:<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Sumário<<strong>br</strong> />
Componentes da criptografia<<strong>br</strong> />
Tipos de criptografia<<strong>br</strong> />
Hash<<strong>br</strong> />
Assinatura <strong>digital</strong><<strong>br</strong> />
O <strong>GnuPG</strong><<strong>br</strong> />
A utilização do <strong>GnuPG</strong><<strong>br</strong> />
Como participar de uma festa GPG<<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12
<strong>Criptografia</strong> e <strong>assinatura</strong> <strong>digital</strong> <strong>com</strong> <strong>GnuPG</strong><<strong>br</strong> />
Conclusão<<strong>br</strong> />
<strong>Criptografia</strong> não é sinônimo de “esconder coisas”.<<strong>br</strong> />
O <strong>GnuPG</strong> é uma forma simples, pessoal e rápida de<<strong>br</strong> />
utilizar a criptografia para obter o sigilo e a <strong>assinatura</strong><<strong>br</strong> />
<strong>digital</strong>.<<strong>br</strong> />
O <strong>GnuPG</strong> pode ser utilizado em linha de <strong>com</strong>ando ou <strong>com</strong><<strong>br</strong> />
<strong>pro</strong>gramas diversos, em vários sistemas operacionais.<<strong>br</strong> />
O <strong>GnuPG</strong> dispensa o uso de CA, uma vez que baseiase na<<strong>br</strong> />
confiança mútua.<<strong>br</strong> />
Esta palestra está disponível em:<<strong>br</strong> />
http://eriberto.<strong>pro</strong>.<strong>br</strong><<strong>br</strong> />
Sigame no twitter @eribertomota<<strong>br</strong> />
<strong>Eriberto</strong> - out. 12