What is encryption?
The best way to prevent others from snooping on your communication or accessing your private data is to use strong encryption.
Encryption locks data with a key, so that only someone with a suitable key can unlock it.
[In practice, a password will determine or provide access to the key.]
There are two kinds of encryption: symmetric and public-key.
In symmetric encryption, the key to lock and unlock are the same.
In public-key encryption, the key to lock and unlock are different. The enabling constraint of public-key encryption is that it is infeasible to unlock a message with only the locking key.
When using symmetric encryption between two parties, they must have previously agreed on a secret key to share. Symmetric key encryption is also useful when hiding data from other parties.
With public-key encryption, it is possible for two parties that have never met previously to communicate securely: they can exchange their locking keys with each other, but keep their unlocking keys secret.
Choosing and managing passwords
If your data is protected by a weak password (which is used to determine or access the encryption key), then the encryption is worthless.
In choosing a password, it's important to follow principles.
Never use the same password twice
For every account you have, you must use a different password.
Re-using a password between two accounts means that your password is only as secure as the least secure of the two accounts.
For example, if you use the password "foobar123" with both amazon.com and overnightwormshipping.com, then if overnightwormshipping.com is compromised and account passwords are obtained, the attackers have also compromised your amazon.com account.
Use a password manager
Password managers help securely store passwords for all of your accounts.
I recommend PasswordSafe and its derivatives:
Security expert Bruce Schneier developed PasswordSafe based on the strong, open Twofish encryption protocol.
There is no known cryptanalytic attack on Twofish.
The pwSafe applications support storing the encrypted password database on DropBox, which is convenient.
Be forewarned that if you keep the database on DropBox, you must choose a strong master password for the database.
Use a long password
Password-cracking technology has lept forward in recent years, so long passwords are critical.By long, I mean greater than 16 characters, and perhaps longer than 20.
Use a random password
Randomly generated passwords are more difficult to crack.
Don't use words or "clever" variations on words (e.g. l0ve) in your
passwords: this makes your password vulnerable to permutation-driven dictionary
attacks.
If you use a password manager, you're liberated from the constraint of having to remember it, so you can use randomly generated passwords.
Encryption tools
There are a variety of free and open encryption tools.
Many existing applications support open cryptographic standards, and many that don't often have plug-ins to enable this functionality.
I'll run through some tools and the functionality they offer.
GnuPG
GNU Privacy Guard (GnuPG or GPG) follows the OpenPGP specification and is interoperable with other PGP implementations.
OpenPGP is an encrypted message interchange format intended for but not restricted to email. It supports both symmetric and public-key encryption.
GnuPG packages are available for Windows, Linux and Mac OS X.
There are several email plug-ins that simplify sending and receiving encrypted mail:
- GPGMail: PGP for Apple Mail
- Mailvelope: Chrome/Firefox extension for Gmail/Yahoo Mail/etc.
- Enigmail: PGP for Thunderbird
Symmetric encryption
With GPG, it's easy to symmetrically encrypt a single file with a passphrase:
$ gpg -c filename
And, it's just as easy to decrypt:
$ gpg filename.gpg
In both cases, it will prompt you for a passphrase.
Generating your own public/private keypair
You can also create a public/private key pair which would allow others to send you encrypted email:
$ gpg --gen-key
Make sure you choose a strong passphrase to protect your private key!
I recommend having your key expire after 2-3 years. This gives you a measure of protection against advancing strength in cracking keys.
Exporting your public key
If you want to give an individual your public key, you can export it as text:
$ gpg --armor --export your@email.address > keyfile
Then, you can send keyfile to someone or post
it on your web page.
Importing someone's public key
My public key is available here and in the MIT PGP server.
If you obtain someone's public key, you can import it with:
$ gpg --import keyfile
Encrypting a message with a public key
You can encrypt a file named filename meant for her@email.address with:
$ gpg --output filename.gpg --encrypt \
--recipient her@email.address filename
And send them filename.gpg.
Backing up your secret key
You can back up your secrets keys with:
$ gpg --export-secret-keys > secret.gpg
Then, store secret.gpg
on an encrypted back-up drive or in a USB stick in a physical safe.
As an extreme measure, you could dump it out in ASCII form:
$ gpg --export-secret-keys --armor
and print it.
You must securely back up your secret keys. If you lose it, you will lose the ability to decrypt your messages and revoke your key.
You will also need to export your secret keys to transfer them to tools like Mailvelope.
TrueCrypt VeraCyrpt
TrueCrypt was mysteriously discontinued, but a new project, VeraCrypt has picked up where it left off.
VeraCrypt provides cross-platform virtual disk-encryption capabilities.
For instance, with VeraCrypt, you can create encrypted disk images and encrypted USB drives.
If you need to be able to read and write an encrypted disk image on multiple platforms, VeraCrypt is a good choice.
VeraCrypt also provides the ability to create hidden volumes within encrypted disk images.
In this case, there will be two passwords for the disk image: one to unlock the decoy data, and a hidden volume password that unlocks the real data.
Critically, it is impossible to tell if a VeraCrypt image contains a hidden volume, unless you know the hidden password.
Secure Shell
For secure access to and administration of remote systems, secure shell (SSH) is a powerful tool.
In its basic usage, SSH provides an encrypted terminal session on a remote machine.
But, SSH also provides services like secure file transfer and secure proxying.
I've written a separate article on SSH that covers this tool in more depth.
Private browsing
Encryption can keep your web browsing safe from eavesdroppers, but caution must be taken.
Using encrypted connections: HTTPS
Most major websites support HTTPS--an encrypted, authenticated communication protocol for the web.
Using HTTPS is as simple as changing
http:// to https:// most of the time.
If the site supports HTTPS, it should work, and your connection to the site is now encrypted.
And, it should provide reasonable certainty that you have connected to the true owner of that domain.
Certificate errors
Sometimes, connecting via HTTPS yields a certificate error.
A certificate error means that the browser could not validate that the site to which you are attempting to connect is the true owner of that site.
Certificates rely on digital signatures to authenticate.
In general, don't proceed if you get a certificate error.
If the certificate is expired, contact the site administrator (by phone or in person).
If the certificate is unsigned, then you can't be sure that you're connecting to the real site -- an attacker in the middle could be posing as the real site.
If the certificate is signed for the wrong domain, then there is probably a configuration error on the other end, and you should not continue the session. [These days, this error is most commonly seen when you're connected to a public wi-fi network, but before you authenticate.]
Of course, it's possible (if unlikely) that an attacker could obtain a forged, signed certificate and pose as the site to which you're attempting to connect.
If you're concerned, you can contact the site administrator (preferrably by phone) to request the SHA1 and MD5 fingerprints of their real certificate.
Check that those fingerprints match the certificate on your computer.
Avoiding tracking
HTTPS will hide the content of your communication, but it will not hide the metadata: to whom you connected, when you connected and how much data you exchanged.
If you need to hide the fact that your computer is connecting to a particular site, you can use either a virtual private network (VPN) or a system like Tor.
A virtual private network routes all of your traffic through a remote machine, so that your computer will appear to be the remote machine from the perspective of an eavesdropper.
Be careful in your selection of a VPN provider, and note their logging policy and any legal restrictions they face in their home country.
Tor is an open network of encrypted relays similar to a virtual private network. Tor routes your traffic through several intermediate nodes so that the machine from which your traffic ultimately emanates does not even know whom you are.
In theory, Tor provides truly anonymous browsing, but precautions must be taken (e.g. routing DNS through Tor and disabling browser plug-ins, cookies, javascript and java) to ensure that no information is coerced from your machine.
Non-cryptographic privacy concerns
Web sites often use "cookies" to store data on your web browser.
Every time you connect to a web site, your browser transmits cookies associated with that web site.
Cookies have a legitimate purpose in allowing sites to pre-populate login information and maintain session state.
Unfortunately, malicious agents can abuse them to track you.
It is worth reviewing the cookie (and general privacy settings) in your browsers to ensure minimal leakage of your browsing habits.
Cloud services
There are now some privacy-conscious cloud providers that employ encryption to ensure that your data is protected, even in the cloud.
Be warned that any time you're putting data in the cloud, you're putting trust in the provider, even if your data is encrypted.
You're trusting that they won't include a monitor in their client software, and that they've chosen strong and proper encryption.
That said, if you must keep your data in the cloud, you're certainly better off with one that emphasizes encryption over one that doesn't use any.
SpiderOak
SpiderOak operates much like DropBox, except that your data is encrypted in the cloud. SpiderOak cannot see your data, and could not provide access to it, even under duress.
Clipperz
Clipperz is a browser-based password manager.
It stores your passwords, encrypted, in the cloud, and decrypts them only on the client using JavaScript.
Tarsnap
For an online, encrypted backup service, Tarsnap or Least Authority seems to be the best option, but I have not used either myself.
Mac OS X security tools
Mac OS X comes with several encryption tools and features.
Disk utility
With Disk Utility, you can create encrypted disk images (but these will only be readable on Mac OS X).
Disk Utility can also create entire encrypted partitions.
FileVault
Under System Preferences, you can enable FileVault full-disk encryption.
FileVault can perform the initial encryption while you work, so there's no loss in productivity. It works silently behind the scenes.
I've used FileVault for years without even noticing its operation.
FileVault provides peace of mind that data is secure in the event of a lost laptop.
However, FileVault is only as strong as the weakest account password: if any user account has a weak password, then it will decrypt the entire disk.
Make sure all users have strong passwords!
Secure text entry
For extra protection against keyloggers, applications like Terminal support Secure Text Entry, which routes keyboard input directly to the application.
You must enable Secure Text Entry.
Further reading
Bruce Schneier's
Applied Cryptography
The EFF's surveillance self-defense project provides an excellent overview of many practical aspects of protecting your privacy.