this post was submitted on 13 Sep 2023
41 points (93.6% liked)

Privacy

31894 readers
591 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

We all know PGP is old and got a myriad of problems, like key management.

Thus, I'm looking for a generic encryption and signing tool that also available on mobile devices, both Android and iOS.

I know age+minisign is the preferred choice but unfortunately there ain't an mobile app for them.

I know Magic Wormhole is great for P2P data transfer but it's slow and not reliable. I often have corrupted files even the size is small. I would much rather encrypt locally, upload to GDrive, and share it.

I know Signal, WhatsApp and other messaging apps now offers E2EE to exchange many data forms but the political sphere is shifting and given the current trend, they might forced to backdoor the protocol, drop E2EE entirely, or cease operation. Something independent from messaging tool is needed.

I'm not seeking perfect forward secrecy as that wasn't achievable for non conversations use case unless parties manually negotiate a session key.

I don't care the web of trust either. Putting PII on a key server for public viewing doesn't fit today's privacy trend.

Nor anonymity. I'm talking to my family members and friends and I don't find a reason to hide that. The only thing matters is the content.

While it will be great to follow some kind of widely used standards, it is not a requirement.

Thanks for the input.

EDIT: Added GPG to the title

all 24 comments
sorted by: hot top controversial new old
[–] [email protected] 10 points 1 year ago (1 children)

I think the reason you’re not finding what you’re looking for is because another widely agreed upon problem with pgp is that it is a generic encryption and signing tool and those turn out to be a bit of a UX nightmare. Building purpose-specific encryption into other applications tends to have much safer UX, that also tends to be less confusing.

That being said, age may do some of what you’re looking for. I don’t think it does signing but it does do encryption.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (1 children)

Yes, I do mentioned age and I wish I can use it. Unfortunately, there isn't a standalone app, at least on Android, performing age related operations.

[–] [email protected] 1 points 1 year ago

Ah sorry, I missed that!

This might be more of a hack than you’re looking for, but you could probably install age in termux and put together a small shell script to operate it.

[–] [email protected] 8 points 1 year ago* (last edited 1 year ago) (1 children)

GPG?

Gnu Privacy Guard and Pretty Good Privacy aren’t quite the same thing.

Otherwise, AES for encrypting and SHA256 for hashing; you can combine the two to use the SHA256 of an archive as the password for the encrypted version.

But if you want PKI, it’s either GPG or OpenSSL.

[edit] personally I like that I was able to generate a 4096-bit keypair with PGP in 1998 (it took a while) and I can still use it as my master keypair in GPG today.

[–] [email protected] 2 points 1 year ago (1 children)

I would treat GPG and PGP that same thing as they suffer the same problem like long lived root key, and problematic key management.

[–] [email protected] 12 points 1 year ago (1 children)

They don’t have to; that’s all in how you use them. You can set a short expiration rotating root key if you want.

Key management you can’t really avoid; either the key remains private or you have to trust someone to host the public key that multiple people trust. Again, you can set up an expiry cycle.

Personally, what I’ve done is kept a closely held 4096-bit keypair as a master, and then used that to sign my rotating keysets; that way, people can verify that it’s the same master key used to sign all of them, but it’s the short term public key I publish.

So if for some reason it expires before I can re-sign, I can still use the root key to get things working again.

In practice it’s worked for me for 25 years, so I’m happy.

[–] [email protected] 1 points 1 year ago (1 children)

So you have two keys: master and ephemeral key. Both are independent to each other. Mater doesn't expire and ephemeral will have a short period of validity.

You kept the master key secure, and using it to certify the ephemeral key with a expire date?

You still need to publish the master's public key to key server for everyone knows and verify you signed the ephemeral key isn't?

[–] [email protected] 2 points 1 year ago (1 children)

No, they just have to know that the signer hash is the same for each ephemeral key in the chain. If someone required more validation than that, I’d have to share the public key, but in real life that’s never come up.

[–] [email protected] 2 points 1 year ago

Please correct me if I misunderstood.

You have one master key (root). This key have strong connection to your identity. However, you kept this in secret.

You have one or more ephemeral keys (edge). You can dedicate each key for different purposes. You sign these keys with the root key.

If I'm not mistaken, it's essentially the "Web of Trust". How do people trust your edge keys without knowing the root's public key by "the signer hash is the same"? While I can see the certification on your edge key, I can't build a trust path as I don't have your root's public key.

I don't really understand "each ephemeral key in the chain". What chain actually? Chain as in " Web of Trust"? Or as in subkeys?

[–] [email protected] 7 points 1 year ago

There are plenty of technologies (age & minisign are indeed highly regarded) but what we are missing is standards. This is why you're not finding broad support. Especially in email, where there's X.509, PGP, and nothing else.

You mention a variety of use cases, some of which have accepted standards for encryption (eg OMEMO, S/MIMIE), but it sounds as if you're looking for one generic encryption app to use with everything, no matter how out-of-band or awkward?

[–] [email protected] 5 points 1 year ago (3 children)

Briar and SimpleX seemed decent the last time I looked into this.

I ended up using neither because I don't need privacy when talking to myself.

[–] [email protected] 4 points 1 year ago (1 children)

Thanks for the input, yet I'm looking for generic encryption and signing tool. Not mesaaging app.

[–] [email protected] 2 points 1 year ago

Got it. So more for data at rest rather than handling the sending too?

SimpleX does file transfer pretty well, not sure about Briar now that I think about it.

[–] [email protected] 3 points 1 year ago (1 children)

oh briar looks promising. I've been looking for a simple e2ee chat app that doesn't involve the internet. thanks!

[–] [email protected] 2 points 1 year ago

I'm the only one in my friend group who likes to try new messaging apps. The best I've done is bridge everything into matrix and try and get them on there.... None of them have moved.

[–] [email protected] 5 points 1 year ago
[–] [email protected] 3 points 1 year ago

If you don't care about PFS then PGP is what you want.

[–] [email protected] 3 points 1 year ago

I think PGP is the only player in town as a general purpose encryption and signing tool TBH... The other alternatives I hear get mentioned are just e2ee messaging apps and platforms

[–] [email protected] 2 points 1 year ago
[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Ain't Keybase dead already after aquired by Zoom? And using PGP/GPG underneath.

[–] [email protected] 1 points 1 year ago

The infrastructure is still maintained, and the client is still being developed/updated (slowly). . You might be able to keep adding PGP keys, but newly-generated device keys have been NaCl keys for a while.

[–] [email protected] 0 points 1 year ago

Xmpp/jabber mobile client https://github.com/iNPUTmice/Conversations

Or matrix protocol So clients like element,shildichat.