A few weeks ago, we published an article giving you 4 easy-to-follow pieces of advice to create a first line of defense for your data and your online private life. This month, we continue this path by reviewing encryption: a name which, in the collective imaginary, is often associated with complex processes, but guarantees data will only be readable by people it was meant for. Actually, for some years some efforts have been made for cryptography, although complicated in its conception, to be accessible and usable by anyone.
When you send an email, it is usually sent through networks to reach its recipient. Just like mail, it is readable by anyone having the ability to intercept the message. It means that if your connexion is compromised, it is absolutely possible for all your conversations to be read by third parties.
To prevent that, you can encrypt your mails. The methods to do so have been changing for a few years, progressively getting easier.
Before, only symmetrical encryption was used: there was only one password, known by both the sender and the recipient, allowing to encrypt and decrypt the message. An analogy could be made with a locked safe-deposit box: the sender has to have the right key to “drop” the message into the safe, and so does the recipient, to open the safe and get the message. The issue here is that to be able to communicate, both interlocutors have to exchange the password… Which is not easy to do in an secure way, without any third party also accessing it! That is “the chicken and the egg” phenomenon: one needs a key to share the key to share the message, and so on. To exchange the key in a perfectly secure way, a physical meeting and a good memory would thus be ideal… Since then, another method is being more and more used, which is much less complicated to set up: asymmetrical encryption.
Each interlocutor has its own particular pair of keys: a private key and a public key. The private key is never given to anyone, but the public key is: everyone can use it.
Indeed, the sender encrypts the message with the public key of its recipient. Only the private key matching the public key that was used can then decrypt the encrypted message: that is why only the recipient can read and understand it.
GnuPG, free and open source project, does that well and for free. You can use it with a simple, easy-to-use plugin, which interfaces with your mail system.
How to use cryptography for a file? GPG enables it, which can be useful if you share you machine with other people. You can be the only one entitled to access the file, which is password-protected. There again, you only have to install the GnuPG application, which is very easy to use.
Encrypting a hard drive
In line with what we said before, one can also encrypt one’s hard drive, whic can protect your data in case your equipment is stolen. Modern operating systems all natively offer this option, which is very easy to set up, clear, and very cheap in terms of resources. Usually, it is proposed, by default, during your machine’s configuration.
To do this you can use the following tools:
An encrypted USB key
To convey important or confidential files, USB keys using encryption are obviously safer than clear USB keys.
Datashur offers very well-thought encrypted USB keys: if your key is stolen from you, even if it is analyzed, your content will be completely unreadable as long as the right code is not given to the key. They can be used on any exploitation system, and no software installation is needed to read what is contains: it is like a normal USB key, but with an access code.
Encrypting one’s texts
Finally, a final word on texts or iMessages that are sent, just like your emails by default, without being encrypted. That is why we advise you to use tools that automatically encrypt your conversations end-to-end, such as Signal for instance. It is an open source application, the security of which one can thus be certain of. Today, most of text-sending tools encrypt the conversations of their users: get more information on the one you use!
Encryption, not that hard after all!
As you saw all along this article, encryption is not that complicated to set up, despite the complexity of the concept! However, this type of protection is extremely efficient and allows to guarantee that your data will not be read, even if there is an attack or a theft. A big advantage for a small additional constraint, it is worth it!
Our next and last article dedicated to the protection of your website will be published on August 17th, and will explain to you how to remain anonymous when you go on the Internet.
Source : Philippe Humeau & Julien Voisin