WEBVTT

0
00:01.520 --> 00:08.720
In this lecture I want to show you how to symmetrically encrypt a file for our recipient and sign it

1
00:08.810 --> 00:10.400
in one step.

2
00:10.400 --> 00:16.370
This will attach the signatures to the encrypted file. To asymmetrically encrypt a file

3
00:16.370 --> 00:23.870
you need the public key of the recipient who will decrypt the message with the corresponding private

4
00:23.870 --> 00:24.840
key.

5
00:24.860 --> 00:28.670
We've seen a lot of examples in the previous lectures.

6
00:28.740 --> 00:34.850
I'm creating a new file called topsecret.txt.

7
00:35.710 --> 00:38.720
I'm using an output redirection!

8
00:38.890 --> 00:41.620
You can create the file in any way you want!

9
00:44.620 --> 00:45.410
This is the file.

10
00:46.720 --> 00:53.670
I'm gonna encrypt and sign the file for the other user on Kali Linux.

11
00:53.740 --> 01:06.110
I've already imported its public key in the gpg keyring. Let's see the keyring gpg --list-keys 


12
01:06.320 --> 01:07.640
This is the public key.

13
01:09.650 --> 01:11.300
Let's see its id.

14
01:19.270 --> 01:21.790
And the keyid on the other machine!

15
01:26.870 --> 01:35.510
We notice that this public key is also in the gpg keyring of the user on Kali Linux and I'm executing

16
01:35.600 --> 01:45.200
gpg -e -r and the key id; - r comes from  recipient

17
01:50.980 --> 02:03.320
--sign and the file; it's asking for a confirmation and I'm choosing yes; the file will be signed

18
02:03.590 --> 02:06.610
with my private key so I must unlock it.

19
02:14.280 --> 02:23.160
The generated file called topsecret.txt.gpg is encrypted and contains the signature

20
02:23.400 --> 02:29.870
of the original file. Let's transfer the encrypted and signed file to the recipient, 

21
02:29.970 --> 02:32.940
the one that has the private key to decrypt it.

22
02:36.050 --> 02:37.630
This is the IP address

23
02:41.170 --> 02:51.030
and I am checking if ssh is running; I'm gonna copy the file using asp and acp uses ssh; I am starting

24
02:51.030 --> 02:54.140
ssh systems stl.

25
02:54.440 --> 02:55.860
start ssh

26
03:00.930 --> 03:10.650
ssh is running so acp, the file, Kali, the user at the IP address of the server.

27
03:17.110 --> 03:19.340
And the file was copied.

28
03:19.440 --> 03:22.110
It's in the home directory of user

29
03:22.210 --> 03:24.610
kali, here; this is the file!

30
03:25.640 --> 03:33.800
It's encrypted and signed! Let's decrypt and verified the signature of the file.

31
03:34.700 --> 03:47.150
So gpg --decrypt and the name of the file topsecret.txt.gpg; the file will

32
03:47.150 --> 03:51.620
be decrypted with the private key and I must unlock it.

33
03:55.600 --> 04:02.710
-d or -- decrypt option will automatically verified the signature, if there is one,

34
04:03.100 --> 04:08.070
detect if the symmetric or asymmetric encryption was used,

35
04:08.260 --> 04:14.240
choose the appropriate private key, if available, and prompts for the passphrase,

36
04:14.290 --> 04:21.800
if the encryption was symmetric and the private key is locked with a passphrase! Okay.

37
04:21.850 --> 04:22.770
Perfect.

38
04:22.780 --> 04:27.040
This is the information, the clear text content of the file,

39
04:27.100 --> 04:30.450
top secret information and the signature is good.

40
04:32.060 --> 04:39.950
If you want to create a new file that contains only the content you add -0 or --output

41
04:40.010 --> 04:50.220
option like this.

42
04:50.310 --> 04:51.250
Perfect!

43
04:51.270 --> 04:57.540
It's a good signature in the new file called file.txt was created.

44
04:57.540 --> 04:59.880
It contains the secret content,

45
05:03.300 --> 05:04.370
the same content.