Ask Slashdot: How Do I Request Someone To Send Me a Public Key?

First time accepted submitter extraqwert writes "An organization wants me to send them my personal data by email. I certainly do trust them. However, I would like to politely ask them to send me their public key for encryption. The secretary probably does not know what it is. But they do have a pretty good IT department, so they can figure out. My question is, what is the proper wording for such a request? What is the right terminology to use? Should I say ``please send me your RSA key''? ``Public key''? ``PGP key''? Is there a standard and reasonable wording for such a request? (On my end, I am using GNU PGP: http://www.gnupg.org/ ) Any suggestions on how to be polite in this case?"

Re:This is why encryption isn't popular

[Octorian]

And heaven help you if you're using a web-based Email system, which basically breaks all these options. You know, like nearly all "normal" people are now doing.

It's a lost cause

[symbolset]

If the secretary can find somebody to decrypt your info, she will handle it improperly. Probably scan it directly to their compromised CMS. This is not a company you want to work for.

Switch to an easier technology

[mysidia]

PGP is beyond the grasp of the average secretary or other end user. Unless you know for a fact that the person disseminating the data is familiar with PGP; you should probably not be asking them for their public key.

I strongly recommend an encrypted PDF, Word Document (.DOCX), or Excel file (.XLSX); make sure to choose a strong password.

I like the Office 2010 strong encryption and use of key stretching to make brute force password attacks hard --- but there is a free of charge reader available for PDF documents, and you should pick a strong password for encrypted documents anyways.

Technically, you could implement DRM rights management services on your end, so the user has to contact your organization's RMS server over HTTPS for a license every time the document is opened, but it requires a trust relationship between orgs, or you having an account for the user.

But the simple password protection is a very nice way to protect it. You can include a note in the e-mail message that you will be calling them to give them the password, so they can see the document.

Then there is no confusion about what a 'PGP key is'. If you _regularly_ exchange a lot of documents with them, then you might ask to discuss using PGP

Re: This is why encryption isn't popular

[shitzu]

The key pair is generated INSIDE the card. This is the norm with most PKCS11 cards. The private key never leaves the card, your public key is signed by state. So the state does not have your private key per se.
But that does not necessarily mean they have no means to decrypt it some other way - i don't even pretend to know that.

Re: This is why encryption isn't popular

[shitzu]

In Estonia these id cards are used for everything. You can log into banks, you can communicate with any state official. You can sign any contract digitally with them. You can encrypt documents to another person's public key. Etc. This is much simpler than banks and everyone giving out their own cards - i only need one.

Re:Extensions needed!

[joshuao3]

Your first paragraph is already implemented in something called SPF. It already works using the existing DNS infrastructure. The problem is that creating SPF records is effectively voluntary, so operators of mail servers are only able to use existence of the records as a way to increase trust, and not using the absence of the records as a way to decrease trust. Until everybody is on board with it, unfortunately, it's usefulness will be limited.

And, just for clarity, a POP3 "server" doesn't accept mail. POP3 is a protocol for retrieving mail from a mail server that likely received the mail from another mail server via SMTP. SMTP is the problem, not POP3.

And no, it won't solve the NSA problem, or the Google problem. They'll just build bigger and faster computers to decrypt the emails.

Re:Extensions needed!

[I'm New Around Here]

The problem I see is that you can send all the encrypted emails you want, but the recipients have to decrypt them. So they need your public key. Everyone needs your public key, and everyone will have your public key. Don't you think the NSA has already started compiling public keys as well?

What you need to do is have a system that has others' public keys stored, and applies the proper one for whatever email address a message is meant for. Then your message is as safe as the recipient's private key is. Note, this is what the submitter is asking about.

Re: This is why encryption isn't popular

[shitzu]

You mean a standard e-mail client like for example Thunderbird that has existed for more than a decade and could check all your 8 accounts easily and with more functionality than you could ever imagine on a mobile device and has zero advertisements?

Re:Extensions needed!

[anagama]

Is there a reason you would use your private key to send encrypted emails to someone? I don't understand.

My understanding is this:

A uses B's public key to send message to B, B decrypts with B's private key.

A slot safe is a better analogy than keys -- anyone can put stuff in the safe's slot, but only the owner who knows the combination can open it and read the messages people put in there.

But -- maybe you're describing a use scenario I'm not familiar with. And if that is the case, I'd like to understand it.

Re:Extensions needed!

[Immerman]

The common term is signing, I should have mentioned that. If you encrypt with your private key it does nothing to hide the message since anyone can decrypt with your public key, but it does let everyone verify that the message did in fact come from you and hasn't been tampered with - the signature is exactly as secure as the encrypted communication channel because it is the exact same mechanism.

As an example, let's say the president wanted to send nuclear missile firing orders by email. Now maybe he'd want to keep the orders secret, and he'd encrypt with the missile silo's public key for that. But far more important would be a mechanism in place to verify that the orders actually came from him and not some script kiddie spoofing his email account. That's where the signing comes in - he *also* encrypts his email with his own private key, and the silo can now confirm that the message came from the right person.

It's sort of the next step beyond the "secret codeword" confirmation - with a codeword everybody who needs to be able to confirm their orders has to know what the codeword is, and that's a large attack surface for those looking to compromise the system. With digital signing only the president needs to know the codeword, and never tells it to anyone else. Everybody else just needs his public key to confirm that he does in fact know the codeword - thus the system is much more difficult to compromise. That such functionality comes essentially for free with any public/private key encryption channel is an added bonus.