Anti-tampering and anti-sp, sending PGP encrypted emails on OS X
Bitcoin researchers have heard of PGP encrypted email communication. It is said that Satoshi Nakamoto and his friends used PGP encryption to send emails. Even in the popular CZ vs OKCoin events over the past few days, PGP has been involved in the discussion.
PGP-encrypted email communication allows the recipient to determine who sent the email without tampering, this allows the sender to make sure that only the recipient of the email can read the email.
On OS X, how can we use PGP to encrypt email communication conveniently?
Install
Install GPG Suite first. This is a set of tools to help us with PGP-related operations.
If you use Homebrew, you only need to execute a line of command to install GPG Suite.
brew install Caskroom/cask/gpgtools
If you do not need Homebrew, you can download the Installation File of GPG Suite.
Add your own key
After the GPG Suite is installed, an app named GPG Keychain will be added to the Launchpad. Open it and add a key that represents your identity.
Click the new button in the upper-left corner of the page to display the new key pair window. Fill in your own information in the full name and Email respectively. The full name cannot be less than 5 characters, so the Chinese name cannot be used. Email is the Email address used for encrypted communication. Check Upload public key so that someone else can directly find your public key through your email address.
Set shortcuts
GPG Suite will install some OpenPGP-related services in the system. We can set shortcuts for them to facilitate our use.
Choose System Preference Settings> keyboard> shortcut key> service. We mainly set text-related shortcuts. My settings are as follows. It is convenient to use with the Hyper key.
Send email
When sending an email, you generally need to sign and encrypt the email.
The signature allows the recipient to verify the sender of the email and ensure that the email is not tampered. Encryption ensures that only the recipient can read the email, and others cannot read the content even if they intercept the email.
In actual use, we can also choose to only perform one of the two steps as needed.
Signature
In the email writing window, select the full text of the email we have written, use the shortcut key or right-click to call OpenPGP: Sign Selection, enter the password, and click OK. The email signature is automatically added.
Note that we can only sign plain text in this method. Formatted text is lost after the signature.
Encryption
When encrypting an email, we need to know the public key of the other party so that the other party can use its own private key to decrypt the email.
Open the GPG Keychain and click the Lookup Key. Enter the recipient's email address, and search for the recipient's public Key on the server. If the other party has uploaded the public key, we can find it and retrieve it. If the other party uploads too many public keys, we generally use the latest one. If the other party has not uploaded its own public key, we can only contact the other party to ask him to upload the public key or send the Public Key directly to us.
After adding the public key of the other party to the GPG Keychain, you can exit it.
Return to the email writing window, select the full text of the email (if the email has been signed, it also contains the signature information), and use the shortcut key or right-click to call OpenPGP: Encrypt Selection, in the pop-up window, check the recipient. If you want to send emails to multiple users, you can select multiple ones here. After clicking OK, the email becomes ciphertext.
Now we can safely send this email with our secret.
Receive email
When we receive an email starting with ---- begin pgp message ----, we know that we have received a PGP-encrypted email.
If the email starts with ----- begin pgp signed message -----, it indicates that the email contains the PGP signature.
Decryption
To Decrypt the PGP ciphertext, you only need to select all ciphertext (including ---- begin pgp message ---- and ----- end pgp message -----), use the shortcut key or right-click to call OpenPGP: Decrypt Selection, and enter the password, the decrypted plaintext is displayed.
Of course, decryption can be performed only when we have the corresponding private key.
Verify signature
Select the MESSAGE and its SIGNATURE (from ----- begin pgp signed message ----- to ----- end pgp Signature -----), and use the shortcut key or right-click to call OpenPGP: Verify SIGNATURE of Selection, in the pop-up dialog box, we can see the information of the signatory.