This time in English: How to explain the principles of PGP, looking for metaphors

Fraser Tweedale frase at frase.id.au
Thu Jul 3 15:08:06 CEST 2014


On Thu, Jul 03, 2014 at 02:06:04PM +0200, Daniel Krebs wrote:
> Sorry!
> I picked the wrong language / list last time...
> So in English:
> What metaphors do you use when explaining people PGP? Two examples:
> 1. A lock with two keys?
> 2. A lock (public) and a key (private)
> Something completely different?
> 
> Problems with both:
> 1. Seems to be kind of hard to understand for most people, because a 
> lock with one key to open and one key to close is rather special.
> 2. Signing emails is hard to explain this way. Signining by putting a 
> lock on it?
> 
> Any ideas are appreciated.
> 

The way I attempt to explain public key encryption and signing:

    Each key in the keypair - one kept private to the owner, the
    other made public - is both:

    a) A set of instructions for building a lock that *only* the
       other key can unlock; and
    b) The key for such a lock as could be built with the other key.

    Therefore, a encrypted message can be sent to someone by using
    their public key to build a "lock" for the message.  Only the
    private key is able to "unlock" it.

    Similarly, a sender of some message can authenticate it by using
    their private key to "lock" the message.  If it can be
    "unlocked" by their public key, only a person who possesses the
    private key could have built that lock.

I hope this explanation makes sense.  Let me know if you could
suggest improvements to this analogy.

Cheers,

Fraser

> An Interesting approach (Thanks Neal for the link): Using 4 items: key, 
> lock, seal and imprint.
> https://freedom-to-tinker.com/blog/randomwalker/why-king-george-iii-can-encrypt/
> 
> 
> -- 
> kind regards
> daniel krebs
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20140703/bb6b47ac/attachment.sig>


More information about the Gnupg-users mailing list