(How to exchange confidential information and feel protected?)
Negotiations of parties face-to-face is an ancient method to be secure in communication if you have some private or commercial secrets.
But this method is not enough secure due to modern spy equipment which allow listen conversation from distance more than 400 meters. With very high quality of content. Cellular and Internet channels of communications are also not secure. Mobile operators can determine your location by triangulation and without your permission switch on microphone and listen your conversation.
Windows operating system (from Windows 8 and may be Windows 7 too) can scan any your document you create from pressing your keyboard, printing in World or typing as Email and send all of this via Internet if will be found sensitive content.
In modern World any human activity is under monitoring, especially if you are politic, businessmen, man or lady with strong financial background.
Modern fast supercomputers allow decrypt encrypted messages during several days, months or years when they are encrypted up to 128-bit password.
In this Article we will study how to encrypt your communications in Internet with secure, military grade algorithm without possibility decrypt by third party during several hundred years with using most fast super computers and qualified personal.
This method is more secure than face-to-face conversation because exclude listening from long distance and prevent use your computer and Internet channels for extraction sensitive content.
Part 1. Equipment. Use any computer with Linux installed. Linux is open source software and does not include spy modules which are able monitor your activity.
For our purposes applicable are such types of Linux:
Ubuntu, Debian, openSUSE, Fedora, Oracle Linux – all they are free and you find them with Google and download from Internet.
Here
http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html
You can find applicable version of Linux. Install Linux to your hardware directly.
Using indicated above link download VirtualBox – it is virtual machine.
Install inside VirtualBox one of the next operating system, but never connect them to Internet:
Windows XP, Vista, Windows 7, Windows 8.
Windows XP, and Windows Vista are preferable. Never connect them to Internet !!! They must live in VirtualBox as isolated from external World. Even if they contain spy tools and will steal your sensitive information they never will be able transfer it outside VirtualBox.
If you have old separate computer or you can buy old cheap computer you can use especially for encryption needs you can install Windows XP or Windows Vista directly on hardware, but never link this computer to Internet. Never it mean never. In this case Linux and VirtualBox is not necessary for you. Windows where we will make all eccryption/decryption operations we will name as Secure Windows.
Use any other computer, which has Internet connection. If you have computer with Linux installed or if you have smartphone with Android it is applicable.
Part 2. Software. Go to website http://www.gpg4win.org/ and download free open source software pgp4win
If you have any difficulties you can download this software from here.
Manual for this package exists inside but you can see also download from here (in English and German languages).
Install pgp4win into Secure Windows.
Using software Kleopatra (located inside of packed and after installation exist on desktop of Secure Windows) create New Certificate (select 4096 bytes). Your certificate will include two type of keys – Public Key and Private Key.
Send your Public Key only to your business partner. Newer provide him your password never send him Private key. Send public key in most possible secure way. For example, you can create two Certificates. One of them use only for purpose secure transfer of second Public key of second certificate.
If you will read manual for PGP Software you can find they never hide public key. They offer place public key to special pgp server. We reach more security if make public key unavailable for general public.
Using Public Key of your business partner you can encrypt any your file. It can be text file, World document, file of music in any format, any image, voice or video file or file of any other format.
Encrypted file you can send as attachment of your Email or locate into any Internet Drive. Only person, who provided you his public key will be able extract content of your file.
Two cycles of encryption. You will make impossible to decrypt your message by third parties if will use two cycles of encryption – internal and external. Internal encryption mean encryption of original document with first pgp Public key, or encryption of first level by others words. Next you must to use result of first level of encryption and encrypt it with second Public Key. Two cycles must to be enough to make file impossible for any decryption modern technology because all of them based on attempts to receive some content with contain known words or other known elements. PGP file of first level of encryption does not contain any information which can determine that internal file is decrypted in this current moment and supercomputer which seek possibility to decrypt file never can make this task correct. If external level of encryption will be braked the positive results will be lost among billions others decryption versions. Human cannot verify it manually, computer cannot recognize internal PGP file, will recognize it as incorrect decryption and will erase.
About Key size. Most instruction recommend to use 2048 bytes key maximum. It is all correct if for decryption third party will use typical loptop or desktop computers. But if decryption will try to do government enforced agencies they can use fast supercomputers and for prevent their intervention into your privacy 4096 key is enough, but 2048 have some risk for you.
Channels of communication. Never use for transfer encrypted messages such known public Email services as www.gmail.com Yahoo mail, Mail.ru etc. All of them have installed spy software which scan suspected activity make copies of suspected files and send them for human analyze. You will keep third party attention to your encrypted messages they can qualify it as terrorists’ messages and will work hard to decrypt them. Some organizations and Agencies have not limit of time and money. In this case to do some steps for prevent investigations of your communication will be very appreciated.
1. The best way is to register your own domain. It cost only $10/year. Most domain registrators (www.mydomain.com, for example) provide for free possibility to create unlimited mailboxes to your domain. Create such mailbox for himself and for your partner. Transfer login and password with such service as Viber (Never use Skype for this reason, all conversations are recorded and all messages are scanning). You can send also as SMS – login by using one phone number and password – another from both sides. Without any explanation what is it.
2. Use small Email service providers like www.swissmail.net
3. Use FTP protocol to place encrypted files into some directory and provide for your partner address and method to get (for example with www). It is for more advanced users. But most secure option !
4. If you have Android based smartphone please install free software RedPhone from PlayMarket. This software provide encrypted channel of communication and you can provide verbal transfer of password.
5. For Android platform you can fid also sms encryption tools. They are applicable also for one time password transfer.
Mac OS X users. There are several ways for Mac OS X user to use pgp based encryption technology:
1. Install VirtualBox on your Mac OS X host operation system and inside VirtualBox Install Windows XP as was written above. Others steps are the same as written above for Linux.
2. You can use Portable PGP software after download from here http://ppgp.sourceforge.net/ or from here. Pen Drive (USB Drive) version available also here. This software written on java and can work with any operation system with Java installed. Only limitations are for this software – small and unsecure PGP key up to 1000 bits only, easy to decrypt by using modern super computers. But you can create one time secure 4096 bits key using described above methodology and later import Public and Private keys by Portable PGP. Portable PGP without any problem can use 4096 keys created by any other software. For correct work please always use “Ascii Armored” format for full compatibility with any other PGP software. So you can execute Portable PGP software with your Mac OS X without any virtual machines. Vmware virtual machine also can be used anywhere instead of VirtualBox, but it’s commercial software. If you have Vmware image of Windows XP, you can use Vmware Player to use it for free.
3. If you have operation system Mac OS X 10.6 or later you can use from website https://gpgtools.org/ GPG Suite. It’s free and open source software. Best instruction how install and use this software “For Dummies” you can read here http://notes.jerzygangi.com/the-best-pgp-tutorial-for-mac-os-x-ever/ We do not know maximum key size can be generated with this software. 4096 bit key is preferable, as minimum for strong protection of your information.
Most cheap
solution: With
Chinese market of electronic you can buy up to
$100 price Windows based Tablet (based on Intel Chipset inside) with
Windows
8.1 and sometimes dual boot Tablet (Windows/Android). Without
connection to
Internet you can use it as very cheap cryptography tool with install
software
described above.
Android Users.
Android is Linux Operating system. As was written above
we can trust any Linux because Linux based on open source code we can
verificate
if any back door present. For Android platform exist “APG for Android”
software
which we offer as only good software foe pgp encryption information for
secure
transfer using Internet. It is open source software and you can instect
source code here
(https://github.com/thialfihar/apg). If some organizations do not
respect our
rights for
privacy of correspondence we must to use encryption software to protect
such
our rights. APG allow you create
4096 bytes key pairs, Public and Private, also allow encrypt and
decrypt any
file and any Email. APG very
good compatible with K-9 Mail for
Android,
one of
the best Email client. Using APG is most easy way to encrypt your
correspondence in comparison with all described above in this document.
You can find APG for Android at Google Play or download here.
Other operating systems do not indicated here. You can use Portable PGP software in this case because written on Java with is compatible with all known operating systems.
Conclusion. If somebody offer for you business meeting to discuss some sensitive subjects, not hurry to buy ticket for aircraft and fly. Modern military grade encryption technologies can help you make more secure negotiation and save your time and efforts also save you from additional risks of transportation. Traveling always contain risks to be serious injured, become goal of terrorists, to be involved in others conflicts. Last 20 years governments of different countries predominantly use secure channels of communications instead of travel each time. Let’s we will study and replicate their positive experience.
Written by security specialist
of US financial corporation