Well its almost time for me to create a new PGP key. My current key for tyler at tylerburton dot ca is set to expire at the end of the year and I am trying to determine what the best way to migrate to a new key is. Some people suggest simply adding a new encryption sub key and then changing the original signing key’s expiry date so that individuals wishing to verify your signatures can continue to do so uninterrupted.
Public key cryptography is one of the most essential pieces to online security. It is at the root of what enables you to shop online, do secure online banking, and communicate securely. I will be focusing on the latter in this tip. But first a quick and simple refresher on what public key cryptography is and how it works.
How public key cryptography works Or rather how you use it. Cryptography allows you can lock any data or information inside of a digital safe.
In the world of computers interoperability is key. If I send you an e-mail from my machine I should hope that you’re e-mail client would be able to read it. This is why we have standards. Standards are a good thing. They allow people to focus on improving performance and driving down costs instead of splintering user base and polluting the world with… less than elegant designs.
But what if relying on a single standard is not the correct way to do things either?
I thought this little piece was amazing!
Moserware: A Stick Figure Guide to the Advanced Encryption Standard (AES)
Thanks for Bruce Schneier for spreading the news on this one.
In cryptography a key length refers to the digital size of the ‘key’ used to unlock the encryption algorithm. Over time the length of these keys has increased from DES’ modest 64 bit (really 56 bit) key size all the way to the new AES specified key lengths of 128 and 256 bit keys. Each bit increase in in the algorithm doubles the potential number of keys available to use, thus usually making it harder for an adversary to guess the right key.
I would like to start a series of non-regular posts related to basic computer security. Security and cryptography are two areas of computer science that I have a passion for and, unfortunately, are two areas that most computer users do a truly terrible job at. I will try to make these as straight forward as possible so anyone can follow along!
For the record, the suggestions I will be making in these tips are simply things that I have found to work for me.