How Public Key Cryptography will continue to liberate a global society

Summary

Insidious Information Loss

When society demands we release our personal information to third parties but does not protect us against their loss of it we should question the equity of that arrangement. Eventually, I expect we will see that question asked in the courts. Regardless, there are some strategies we can adopt to improve our privacy.

Reliable Information Protection

Should anyone find a way to derive the private keys to those wallets they could presumably use the wallets as their own with impunity, the only governing law being the cryptography itself.

Our Opportunity to Protect Information

A Proposition

If one could have all the benefits of increased privacy and protection by always having one’s data encrypted, with practically no downside to convenience, would one? I think everyone would.

Encryption and Passwords

When to Encrypt?

Just because today your communications appear to be protected by access controls, don’t believe they are now or ever will be.

Encryption Tools

Password Managers

Data File Encryptors

File-by-File Encryption Approach

Cloud Services

Cloud Storage, Encryption and management of private keys

If your encryption strategy includes your service provider holding the private keys, that may seem very convenient but it does not provide sufficient assurance for most of us. I don’t think it should provide sufficient assurance for anyone.

So, if a cloud service provider advises that they encrypt data stored on servers, that is really of very little value unless the end user alone holds the private keys.

Automatic Directory Encryption and Cloud Services

Cloud Encryption Workflows Compared

Enterprise Class File Encryption

Social Identity, Web of Trust and Encrypted Communications

Just because an actor claims to be a certain person and holds a key pair, are they really that person or an imposter?

The problem with establishing identity and trusting certificate authorities

Keybase — Public Key Encryption, PKI, Chat ++

What I find exciting about Keybase is the concept that they are building a platform based on public key cryptography and PKI (specifically PGP) and then building the “Apps” on that platform — currently, team messaging and file storage. They also have Git and torr integration, but they don’t have to stop there. They could add a password manager and new protocols and services. It’s as if the internet should always have been built on a platform of PKI, but it wasn’t. Now that the demand for privacy and security are ever increasing, this seems to be the right strategy.

The Future of Public Key Cryptography

Public Key Tooling for the Decentralised Age?

Access via password or private key?

Passwords are weak; Private Keys are strong.

We can remember a password; We can’t remember private keys.

If we could remember private keys, and everything used public key cryptography with private keys which we alone held, the whole world would be a lot more secure.

Recommendations

Software Engineering, Cyber Threat Hunting and Intelligence, systems resilience and reliability.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store