summaryrefslogtreecommitdiff
path: root/pgptalk2.md
diff options
context:
space:
mode:
Diffstat (limited to 'pgptalk2.md')
-rw-r--r--pgptalk2.md167
1 files changed, 167 insertions, 0 deletions
diff --git a/pgptalk2.md b/pgptalk2.md
new file mode 100644
index 0000000..a1bd5f9
--- /dev/null
+++ b/pgptalk2.md
@@ -0,0 +1,167 @@
+# Goals of this talk
+
+* Why is cryptography important?
+* How does cryptography work, conceptually?
+* How do I use cryptography, specifically?
+* What should I do next?
+
+![cat](Anca.jpg)
+
+---
+
+* Why would anyone attack **you**?
+ * you, your data, or your computing resources might be valuable
+ * you might be a stepping stone to another target, such as
+ your employer
+ * you might be an easy target
+
+![cat](Bancho.jpg)
+
+---
+
+* An attacker may want to...
+
+ * **impersonate** you to someone else, or someone else to you
+ * **falsify** a file you need or provide, such as a software
+ download
+ * **eavesdrop** your communications to steal sensitive information
+
+![cat](Sphynx.jpg)
+
+---
+
+* An attacker may be...
+
+ * a government: US, UK, Russia, China, etc
+ * law enforcement or espionage, in any country
+ * a large private organisation
+ * a criminal organisation
+ * a minor criminal
+ * someone with too much time and a twisted sense of humour
+ * someone you know who doesn't like you
+ * in all cases, the attack may be illegal, but might not be
+
+![cat](Lizard.jpg)
+
+---
+
+# Defences
+
+* cryptography, especially widespread use (HTTPS is almost everywhere!)
+
+* tools, training, infosec, opsec, good habits
+
+* compare with driving: errands vs F1
+
+* a sufficiently motivated or well-funded attacker will eventually win
+
+![cat](Chat.jpg)
+
+---
+
+# Everyday uses of cryptography
+
+* email: sign as much as possible, encrypt at least sensitive
+
+* git: signed tags for releases, maybe sign (some) commits
+
+* software releases: sign downloadable files (.tar.gz, etc)
+
+* amaze people at parties, be an international celebrity
+
+![cat](Down.jpg)
+
+---
+
+# Cryptography concepts
+
+* Symmetric: one key
+
+* Asymmetric: two linked keys
+
+![cat](June.jpg)
+
+---
+
+# History
+
+* 1977: first public invention of public key cryptography
+
+* 1991: PGP or Pretty Good Privacy, first popular, freely usable
+ implementation of public key cryptography
+
+* 1990s: US crypto export restrictions; massive innovation boom
+
+* 1995: SSH, SSL
+
+* late 90s: crypto wars
+
+* 2000s, 2010s: crypto gets widely used and entrenched
+
+* 2020s: second crypto wars
+
+---
+
+# Crypto tooling
+
+* SSH, HTTPS are used everywhere
+
+ * use for connections, transfers: "data in transit"
+
+* PGP went proprietary, GnuPG (gpg) is a free replacement
+
+ * use for messages, files, signatures: "data at rest"
+ * OpenPGP standard, GnuPG most popular implementation
+ * versions exist for all popular computer operating systems
+
+![cat](Box.jpg)
+
+---
+
+# Demos
+
+* generating a key
+* signing or certifying a key
+* sharing keys and signatures
+* encrypting and signing a message
+* decrypting a message and checking its signature
+
+---
+
+# Now what?
+
+* Make a key, start using it, get it signed by co-workers
+
+ * Ask for help or hands-on training if you need it
+
+---
+
+# Legalese
+
+Copyright 2020 Wikimedia Foundation
+
+This content is licensed under the Creative Commons
+Attribution-ShareAlike 4.0 International ([CC BY-SA 4.0][]) licence.
+
+[CC BY-SA 4.0]: https://creativecommons.org/licenses/by-sa/4.0/
+
+Pictures from Wikimedia Commons:
+
+
+
+* [June_odd-eyed-cat_cropped.jpg](https://commons.wikimedia.org/wiki/File:June_odd-eyed-cat_cropped.jpg)
+* [Cat_into_the_box.jpg](https://commons.wikimedia.org/wiki/File:Cat_into_the_box.jpg)
+* [Banho_de_Sol_(2422073851).jpg](https://commons.wikimedia.org/wiki/File:Banho_de_Sol_(2422073851).jpg)
+* [Anca_the_Weasel_(26984433186).jpg](https://commons.wikimedia.org/wiki/File:Anca_the_Weasel_(26984433186).jpg)
+* [Cats_lying_down;_March_2016_(01).jpg](https://commons.wikimedia.org/wiki/File:Cats_lying_down;_March_2016_(01).jpg)
+* [Chat_import_1.jpg](https://commons.wikimedia.org/wiki/File:Chat_import_1.jpg)
+* [Cat_playing_with_a_lizard.jpg](https://commons.wikimedia.org/wiki/File:Cat_playing_with_a_lizard.jpg)
+* [1_adult_cat_Sphynx._img_047.jpg](https://commons.wikimedia.org/wiki/File:1_adult_cat_Sphynx._img_047.jpg)
+
+
+---
+title: "Basics of cryptography"
+subtitle: "OpenPGP and GnuPG"
+author: "Lars Wirzenius / Wikimedia Foundation"
+date: "Version 2.0 for 2020-04-29"
+...