1
00:00:00,270 --> 00:00:02,970
Welcome to part six of this module.

2
00:00:02,970 --> 00:00:09,180
Now it's time to take a look at P G P which stands for Pretty Good Privacy.

3
00:00:09,180 --> 00:00:12,300
This video is actually broken into two parts.

4
00:00:12,300 --> 00:00:19,590
First we'll look at how to use P GP to send encrypted messages and talk about how it can be used as

5
00:00:19,590 --> 00:00:24,150
a way to create an anonymous yet verifiable identity.

6
00:00:24,150 --> 00:00:30,930
In the next video we'll look at how to use GP G for Windows to verify the author's authenticity of files

7
00:00:30,930 --> 00:00:31,880
that we download.

8
00:00:31,890 --> 00:00:36,350
All of this is going to be important as we move on into Tau and the deep web.

9
00:00:36,360 --> 00:00:43,930
This first look is going to be just the basics of how to use P GP and what it is.

10
00:00:43,980 --> 00:00:49,650
We'll be diving a lot deeper into it when we get to the video covering the tables operating system.

11
00:00:49,680 --> 00:00:55,590
So if you find this presentation to be a little bit oversimplified please refer to that video for more

12
00:00:55,590 --> 00:00:57,300
detailed instructions.

13
00:00:57,300 --> 00:01:03,120
Again this is meant to be an introduction to get the concepts down because it seems like people have

14
00:01:03,120 --> 00:01:06,740
a hard time with this and it is actually very easy.

15
00:01:06,750 --> 00:01:12,040
The first thing that we need to do is download GP G for windows from the Web site.

16
00:01:12,060 --> 00:01:17,520
The first thing that we need to do is download GP G for windows from the Web site.

17
00:01:17,730 --> 00:01:19,740
We'll want the latest version.

18
00:01:19,920 --> 00:01:24,690
They make this look a bit confusing but all you really have to do is click 0 dollars.

19
00:01:24,690 --> 00:01:30,930
If you do not wish to donate and then click the download link once download it will just go ahead and

20
00:01:30,930 --> 00:01:33,760
install it like any normal file.

21
00:01:33,870 --> 00:01:38,680
Just follow the prompts and make sure that GPA is checked.

22
00:01:38,880 --> 00:01:44,460
All of these should be checked and we will be looking at Cleopatra in the next video so make certain

23
00:01:44,460 --> 00:01:45,950
that that is checked as well.

24
00:01:45,960 --> 00:01:51,550
Browser integration is optional when you're ready click next.

25
00:01:51,740 --> 00:01:56,500
We're not going to run Cleopatra just yet so we'll uncheck this click finish.

26
00:01:56,630 --> 00:02:02,390
So with the installation complete let's go ahead and launch GPA key manager and the first thing it's

27
00:02:02,390 --> 00:02:07,180
going to do is it's going to say that it hasn't detected any private keys.

28
00:02:07,280 --> 00:02:12,560
And do we wish to generate one we're going to see do it later because we want to do this on the fly

29
00:02:12,770 --> 00:02:14,070
to start us off.

30
00:02:14,210 --> 00:02:19,320
We want to generate what is called a key pair for a little explanation.

31
00:02:19,370 --> 00:02:24,150
We are about to use our key manager to create two keys.

32
00:02:24,170 --> 00:02:27,880
These two keys are like two halves of the same coin.

33
00:02:27,890 --> 00:02:31,070
We will have a public and a private key.

34
00:02:31,310 --> 00:02:36,680
The public key is the one that we're going to give out to everybody and make available to anybody who

35
00:02:36,680 --> 00:02:40,080
wants to write encrypted messages to us.

36
00:02:40,280 --> 00:02:41,630
The private key.

37
00:02:41,690 --> 00:02:48,980
We're going to keep secret the private key will allow us to decrypt any messages that used the public

38
00:02:48,980 --> 00:02:50,960
key that is associated with it.

39
00:02:50,960 --> 00:02:55,890
To encrypt them might be a little easier to show this rather than to try to explain it.

40
00:02:55,910 --> 00:03:01,160
So let's go up to keys and select new key.

41
00:03:01,160 --> 00:03:03,170
Now you need to supply a name.

42
00:03:03,170 --> 00:03:06,820
This could be your personal real life name.

43
00:03:06,890 --> 00:03:12,530
If you don't wish to remain at all anonymous but simply want your communications to be encrypted it

44
00:03:12,530 --> 00:03:16,910
could also be an alias a handle or a code word.

45
00:03:16,940 --> 00:03:23,120
If you do not wish your real world identity to be tied to the key that you are about to generate for

46
00:03:23,120 --> 00:03:28,360
this demonstration I'm just going to say demo key one.

47
00:03:28,970 --> 00:03:30,710
And press forward.

48
00:03:30,710 --> 00:03:33,770
Next were prompted to give an email address.

49
00:03:33,770 --> 00:03:37,950
I want to stress you don't need to supply a real address here.

50
00:03:38,030 --> 00:03:41,690
You can type in gobbledygook and it will work just fine.

51
00:03:41,690 --> 00:03:48,610
Whether or not you supply a real account will depend largely upon your intentions for this demonstration

52
00:03:48,620 --> 00:03:55,190
I'm just going to type in a string of useless nonsense.

53
00:03:55,190 --> 00:04:01,220
Keep in mind that we can generate as many keys as we would like you may in fact have dozens of different

54
00:04:01,220 --> 00:04:05,600
keys that you use for different online identities and accounts.

55
00:04:05,600 --> 00:04:09,420
Now we're being asked if we wish to create a backup copy of our key.

56
00:04:09,440 --> 00:04:11,230
We can do this later.

57
00:04:11,300 --> 00:04:12,370
It is your choice.

58
00:04:12,380 --> 00:04:17,020
I recommend that you make sure your backup is saved to a secure location.

59
00:04:17,030 --> 00:04:24,440
You may wish to create a very crypt or True Crypt file container to store your keys in rather than having

60
00:04:24,440 --> 00:04:27,050
them unencrypted on your computer.

61
00:04:27,050 --> 00:04:33,110
Some people even go so far as to store their G.P.S. installation on an encrypted non system partition

62
00:04:33,230 --> 00:04:37,240
or an encrypted U.S. B device or something like that.

63
00:04:37,250 --> 00:04:41,840
Now we're prompted to enter a password for our private key.

64
00:04:41,840 --> 00:04:48,440
This will be used whenever we use that private key to decrypt messages that were sent using our public

65
00:04:48,440 --> 00:04:49,150
key.

66
00:04:49,160 --> 00:04:53,400
You want this to be a strong password once don't press.

67
00:04:53,410 --> 00:04:53,720
Okay.

68
00:04:55,450 --> 00:04:59,680
And re-enter the password for verification.

69
00:04:59,680 --> 00:05:00,990
One thing to notice here.

70
00:05:01,000 --> 00:05:07,150
Although it isn't immediately obvious when you generate a key pair they are listed in the key manager

71
00:05:07,180 --> 00:05:08,400
as a single entry.

72
00:05:08,950 --> 00:05:14,830
But notice that the icons for that entry are a gold and silver key.

73
00:05:14,890 --> 00:05:20,820
A Gold Key is your private key and a silver key is a public key.

74
00:05:20,830 --> 00:05:28,570
You may also use the import button to import someone else's public key for your key manager.

75
00:05:28,750 --> 00:05:33,030
In which case the icon should only be a single silver key.

76
00:05:33,100 --> 00:05:36,920
So let's go ahead and create our first secret message.

77
00:05:36,940 --> 00:05:46,510
The simplest way to do this is going to be to open up the clipboard and will type out our super secret

78
00:05:46,990 --> 00:05:53,230
message and now say we want to encrypt this message.

79
00:05:53,230 --> 00:06:01,680
We press the encrypt button and we select the private key that we wish to use from our key manager list.

80
00:06:01,700 --> 00:06:07,520
Keep in mind there might be several and that's one of the reasons why you do need to name your key something

81
00:06:07,520 --> 00:06:16,260
that you will recognize press OK and now our secret message has been transformed into this seemingly

82
00:06:16,320 --> 00:06:18,070
nonsensical text.

83
00:06:18,090 --> 00:06:20,400
Our message is now encrypted.

84
00:06:20,400 --> 00:06:32,550
We now highlight all of this copy it and then we're ready to paste it into our email or our other messaging

85
00:06:32,550 --> 00:06:33,520
service.

86
00:06:33,600 --> 00:06:40,590
Anyone with access to the public key associated with the private key we just used to encrypt this message

87
00:06:40,920 --> 00:06:43,080
will be able to decrypt it.

88
00:06:43,110 --> 00:06:49,380
So let's say that we just got this encrypted message from someone else who used our public key.

89
00:06:49,500 --> 00:06:59,490
We paste the message into the clipboard we press the decrypt button and we would normally be prompted

90
00:06:59,490 --> 00:07:00,990
to select the key.

91
00:07:00,990 --> 00:07:06,170
But since there's only one we will enter our passphrase for that private key

92
00:07:09,500 --> 00:07:10,950
and the message is decrypted.

93
00:07:11,000 --> 00:07:11,440
Great.

94
00:07:11,510 --> 00:07:15,290
But sending a message to ourselves isn't really all that useful.

95
00:07:15,290 --> 00:07:22,160
What if we want to send a secret message to let's say Satoshi Nakamoto the creator of bitcoin.

96
00:07:22,220 --> 00:07:30,560
Well all we need to do is find his public key online and import it into our key ring a key can come

97
00:07:30,560 --> 00:07:40,940
in one of three forms a file with a dot PPA extension a file with a dot a S C extension or a block of

98
00:07:40,940 --> 00:07:42,960
text that looks like this.

99
00:07:43,100 --> 00:07:49,430
If you're dealing with a file all you need to do is press the import button and select the file.

100
00:07:49,550 --> 00:07:55,240
The key will be imported normally and appear in your key manager as a silver public key.

101
00:07:55,520 --> 00:08:02,850
If on the other hand you have a big block of text like this you simply highlight it copy it and then

102
00:08:02,850 --> 00:08:11,690
we'll go ahead and we're going to paste it into a notepad file or leaf pad or whatever else you might

103
00:08:11,690 --> 00:08:12,660
like to use.

104
00:08:12,740 --> 00:08:14,540
And then we're going to save the file

105
00:08:19,630 --> 00:08:23,870
as Satoshi ki dot.

106
00:08:24,040 --> 00:08:33,830
And we could save it as either SC or PDP so here you can see we've saved Satoshi is key onto our desktop.

107
00:08:33,860 --> 00:08:42,470
Gonna close the clipboard for now and we're gonna click the import button we'll select the key and open

108
00:08:42,470 --> 00:08:46,930
it one public keys have been red and one have been imported.

109
00:08:46,930 --> 00:08:50,800
Now the key appears on our list the time and date it was created.

110
00:08:50,800 --> 00:08:56,110
Satoshi Nakamoto and his email he chose to include those in this particular key.

111
00:08:56,110 --> 00:09:02,050
Now you may receive a message at this point some versions and programs do give you a message and some

112
00:09:02,050 --> 00:09:02,800
do not.

113
00:09:02,800 --> 00:09:09,790
It will warn you that although you have just imported this key the owner trust level is not yet set.

114
00:09:09,790 --> 00:09:18,800
We don't really know for certain that the key came from the real Satoshi so the default level is going

115
00:09:18,800 --> 00:09:24,420
to be unknown keys that you create yourself will have the ultimate trust level.

116
00:09:24,500 --> 00:09:31,850
We'll be talking at greater lengths about signing keys and trust levels when we get details.

117
00:09:31,850 --> 00:09:35,740
For now we are just going to keep things simple.

118
00:09:35,810 --> 00:09:39,990
So let's go ahead and pretend that we're going to write Satoshi an email.

119
00:09:40,250 --> 00:09:45,390
We'll open up our clipboard and we'll say hello.

120
00:09:45,400 --> 00:09:53,730
Toshi thanks for creating Bitcoin.

121
00:09:53,770 --> 00:10:00,790
We might even wish to include our own public key so that he can write us back either by exporting the

122
00:10:00,790 --> 00:10:01,270
key

123
00:10:08,290 --> 00:10:15,810
and then attaching this file either the PDP or AFC as an email attachment.

124
00:10:16,000 --> 00:10:23,910
Or we might select our own public key copy it and then paste it into the body of the message.

125
00:10:23,950 --> 00:10:26,030
These are just different ways we can do this.

126
00:10:26,080 --> 00:10:33,380
Then we click the encrypt button and we select Satoshi is key and again we will be given this warning

127
00:10:33,380 --> 00:10:36,500
because the trust level of this key has not yet been set.

128
00:10:36,710 --> 00:10:41,590
However in this case we do happen to know that it is from Satoshi so we're going to click yes.

129
00:10:41,900 --> 00:10:46,310
And now the message along with our own public key has been encrypted.

130
00:10:46,310 --> 00:10:53,420
So anyone with Satoshi is private key which will hopefully only be the real Satoshi we'll be able to

131
00:10:53,510 --> 00:11:00,470
decrypt this message in the way that we've seen by entering the password and then they will see our

132
00:11:00,470 --> 00:11:08,120
public key either in the message itself or as I said attached as a file to the email and we'll be able

133
00:11:08,120 --> 00:11:14,500
to write back using BGP encryption then we can decrypt using our private key.

134
00:11:14,510 --> 00:11:20,630
So in this case we would just highlight the entire encrypted text from top to bottom leaving nothing

135
00:11:20,630 --> 00:11:28,550
out copy it and then paste it into the email PDP keys are not only a way of sending secret messages

136
00:11:28,970 --> 00:11:35,090
they are also a way of verifying an identity while also remaining anonymous.

137
00:11:35,120 --> 00:11:42,380
Let's say that someone on a web forum uses the alias Zero Cool there could be a million people out there

138
00:11:42,380 --> 00:11:44,870
using that same alias.

139
00:11:44,870 --> 00:11:51,380
And if all you know about that identity is the name Zero Cool then you have no way of knowing that you're

140
00:11:51,380 --> 00:11:55,670
actually talking to the quote unquote real zero.

141
00:11:55,670 --> 00:12:04,310
Cool but if Zero Cool uses PDP you can always be sure you're communicating with the correct person if

142
00:12:04,310 --> 00:12:10,510
they can decrypt the messages that you send them using their public key in this way zero.

143
00:12:10,580 --> 00:12:15,070
Cool can always verify that he or she is the real zero.

144
00:12:15,080 --> 00:12:21,520
Cool without having to give up any information that could link back to their real world identity.

145
00:12:21,770 --> 00:12:28,580
The person behind the Zero Cool persona might have dozens of such online personas each with its own

146
00:12:28,730 --> 00:12:32,000
private and public key pseudo review.

147
00:12:32,000 --> 00:12:34,940
You have a private and a public key.

148
00:12:34,940 --> 00:12:42,380
You keep your private key secret and you use it to decrypt the messages that other people send you using

149
00:12:42,380 --> 00:12:46,610
your public key which you freely give out to everyone.

150
00:12:46,730 --> 00:12:53,660
You can have as many private and public key pairs as you like and these keys are useful to verify the

151
00:12:53,660 --> 00:12:57,990
identity of the person or persons with whom you are communicating.

152
00:12:58,020 --> 00:13:01,780
Alright I realize this was all very oversimplified.

153
00:13:01,820 --> 00:13:09,920
We will be taking a much closer look at TGP key managing signing keys and trust levels and all of that

154
00:13:09,920 --> 00:13:13,240
fun stuff when we get to the tail's operating system.

155
00:13:13,250 --> 00:13:20,330
As I said for right now it is absolutely essential that you understand the basic concept of the public

156
00:13:20,360 --> 00:13:24,300
and private keys before moving on to Tor and the deep web.

157
00:13:24,380 --> 00:13:30,860
Since these keys are one of the principal ways in which people communicate and verify their personas

158
00:13:30,860 --> 00:13:37,880
while also remaining anonymous for now I encourage you to practice with just these basics create some

159
00:13:37,880 --> 00:13:45,440
keys send a few messages to yourself for a friend and decrypt them and just get your feel for it.

160
00:13:45,540 --> 00:13:49,200
PDP is important for one other reason.

161
00:13:49,370 --> 00:13:56,090
In the 21st century there are many forms of mass data collection and surveillance being employed by

162
00:13:56,090 --> 00:13:58,670
government agencies and corporations.

163
00:13:58,670 --> 00:14:05,390
Generally speaking you can never be 100 percent sure that communications that you send over the Internet

164
00:14:05,420 --> 00:14:13,420
particularly via email or instant messenger are not being scooped up and processed in route.

165
00:14:13,430 --> 00:14:20,720
This can even be true or more true when you're using a service that claims to be encrypting your data

166
00:14:20,750 --> 00:14:27,140
and keeping it safe using an email or instant messenger application or other communication method that

167
00:14:27,140 --> 00:14:34,170
employs its own encryption is all well and good but can you really trust it completely.

168
00:14:34,220 --> 00:14:42,380
Adding P GP is an additional layer of security for both you and the person with whom you are in communication.

169
00:14:42,380 --> 00:14:44,960
There are many forums of open GP.

170
00:14:45,080 --> 00:14:52,100
This key manager that we're looking at here is just one of those such programs.

171
00:14:52,100 --> 00:14:59,120
It is also possible to download browser extensions and while these do make life a little easier when

172
00:14:59,120 --> 00:15:05,570
you're dealing with a lot of emails because they make things more automatic it is up to you to do your

173
00:15:05,570 --> 00:15:09,530
due diligence and make certain that they are actually trustworthy.

174
00:15:09,530 --> 00:15:10,580
Some of them are not.

175
00:15:10,580 --> 00:15:18,560
Finally it is worth pointing out that you could edit your keys by clicking on the key and pressing the

176
00:15:18,890 --> 00:15:19,940
edit button.

177
00:15:20,150 --> 00:15:25,940
You can change your password and you can also add an expiration date if you wish.

178
00:15:25,940 --> 00:15:32,530
Again we are going to be talking about owner trust levels and how to sign keys get to tales as well

179
00:15:32,530 --> 00:15:36,880
as looking at tales built in key management system for right now.

180
00:15:36,880 --> 00:15:43,150
It is enough to understand the basic concepts of public and private keys and how they work.

181
00:15:43,150 --> 00:15:44,780
Thank you for your attention.

182
00:15:44,800 --> 00:15:46,060
I hope this was all clear.