CryptopartyForInstructors/5

From Hackerspace Brussels
Jump to: navigation, search


CryptopartyForInstructors/5
Thu 12 Mar 2015 18:30
till Thu 12 Mar 2015 22:00
Cp.png
What:
cryptoparty for instructors
Tagline:
encrypt everything!
Where:
HSBXL Brussels,Belgium
Cost:
0
Who:
Gustavo, Dimi, Jeroen, you?
URL:


Test PGP key signing party[edit]

Going over the flow of a key signing party.


Useful links provided by Dimi:

An in depth howto for organising a key signing party:
http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html

Resources (like slides and artwork) for organising a
Cryptopoarty: https://www.cryptoparty.in/resource

Short text about keysigning party:
http://wiki.openrightsgroup.org/wiki/Keysigning_parties#How_to_take_part

A good step-by-step how-to on using PGP (for end users):
https://help.riseup.net/en/security/message-security/openpgp

A good e-book (for end users) on online security in general, also
covering PGP: https://basicinternetsecurity.org/

EFF's intoduction to PGP (for end user):
https://ssd.eff.org/en/module/introduction-public-key-cryptography-and-pgp

I wouldn't be up for organising a full on keysigning party using
the Zimmermann Sassaman key signing protocol as it is a lot of work
and only really useful if there are a lot of people participating,
like at FOSDEM or something similar.

I would go for the informal party or list based if there are more
people interested in participating:
http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html#choose_party_type

Great comic on the subject: https://xkcd.com/364/

Key signing tools

caff
http://pgp-tools.alioth.debian.org/
caff is perl and was a pain to install on my system, ymmv.

pius
http://www.phildev.net/pius/
lighter python alternative to caff
(jeroen: I haven't been able to get it to work yet :) https://sourceforge.net/p/pgpius/bugs/18/ --> gpg2 is to blame, should work with gpg1)
This guy also wrote an easy to understand "walkthrough" of pgp: http://www.phildev.net/pgp/

monkeysign
more for adhock signing with uid verification (which pius also makes easy)

Password - passphrase management:

Choosing a good passphrase (in stead of password):
http://www.iusmentis.com/security/passphrasefaq/

Choosing a good password by Bruce Shneier himself: 
https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html