NOTE: Most people don't need this tutorial - in fact no one truly "needs this".
But with Human Rights and Journalism under threat, war repressing rights around the world, this tutorial can serve as an example: "zero trust" communication method, no single point of failure alone, relied upon.
Does it enhance security/privacy over either PGP, or Tor Hidden Service, or Privatebin alone? Absolutely. Compartmentalizing and multiplying.To be completely honest: Most people should not go through such trouble!
Part of my effort to bring unique tutorials.
Big Thank You to the β€οΈ Supporters (this month):
G and T.
Tutorial now public!
First Shared with Supporters days ahead of time
(sometimes weeks ahead as with other tutorial in progress).
If you want to Support this, you can now "buy me a coffee β" at the bottom. 3 monthly membership options listed on frontpage "padlock Membership" button.
This displays an idea: combining multiple tools/security/privacy tricks we covered recently (avoiding each single point of failure + trust problem: seen in most encrypted communication)
TODAY WE COMBINE:
PGP Message 3072 bit RSA Encrypted PGP Message Pasted into:
PrivateBin 256bit zk-snark AES Encrypted (Stored on server without host having access)
Hosted As: Tor Hidden Service (RSA end to end encryption in transit - before reaching internet)
(All Videos/posts demonetized. No sponsors steer opinion / advice here. Support below.
Head's Up: If you saw the earlier Privatebin video, this post provides new info/ideas to share + Tip at end.
Previous video introduction to Privatebin's "zero knowledge AES 256bit Encrypted Pastebin" is shown below (in case you missed it):
Earlier, we covered benefits, and very basic usage of our "zero knowledge" 256bit AES Encrypted Pastebin.
This post gets more creative, mixing what we learned lately. π
(click picture below to watch aforementioned video on Peertube... deeper tutorial below this.)
Privatebin Video also available at:
[ Odysee ]
[ Peertube ]
[ Youtube Here and Plays Inside Page Below ]
https://www.youtube.com/watch?v=KDYuAibtcwo
In the above video, we shared a hypothetical situation, where a specific PGP key was shared.
Demonstrating sharing keys in the above video using privatebin pastebin is one option, all while selecting "burn after reading" to ensure only 1 person can possibly read that key.
But the conversation doesn't have to end there...
If sharing a public key uses Privatebin, we could just as easily be sending encrypted PGP notes inside the passphrase protected AES 256bit Encrypted Private Pastebin.
MORE SECURE THAN PGP ALONE?
For communications opsec (operational security), we take advantage of PGP Tutorials we recently covered, combining this with the ore recently shared "zero knowledge" encrypted pastebin knowledge.
Keep reading for a unique tutorial...
If you missed those, this tutorial requires recommends first learning the GPG / GPA ropes below:
CREATING PGP ENCRYPTED MESSAGES (in 11min):
MOVING PGP KEYS TO MULTIPLE MACHINES (OPTIONAL BUT USEFUL):
TUTORIAL
ASYMMETRIC + SYMMETRIC CRYPTO (PGP + PRIVATEBIN)
SECURITY TIP: We could share BOTH PGP public key AND the encrypted PGP messages within our AES password protected, "burn after reading" privatebin, for a more secure, compartmentalized situation.
OUR LOCAL KEYRING:
Open GPA ---> Windows ---> Keyring Manager ---> New Key:
Creating temp usage key (set expiration date):
Once this key expires it no longer can be used by anyone else to encrypt new messages. And thus can't be used to forge messages by you in future, if ever (somehow) compromised - as unlikely as that is.
Example Key Expiry: 2 Weeks
TIP: Setting the key to expire at the end of communication ensures no future messages will be encrypted by this key (in case it somehow became compromised in the future, however unlikely).
TIP: Expired key has no bearing on ability of private key to decrypt message.
We write our message in PGP Clipboard:
βοΈ We Have Our Temp Key
Choose: Who Is Our Message To And From?
(You may even write a message to yourself, if you like!)
After Hitting "OK" Our Encrypted Message Is Ready To Cut / Paste Anywhere:
Next: Pasting Into Tor Hidden Service zk-256bit AES Encrypted Pastebin:
(note we selected "burn after reading", added passphrase and only pasted encrypted message itself)
Next We Hit "Send" To Create Our New 256bit AES Encrypted Message.
Then we right click to copy the password protected encrypted paste onion address:
Benefits:
No Single Point Of Failure Relied Upon.
All requirements must be met to read message sent this way.
"ALL" BE FULFILLED SIMULTANEOUSLY, TO READ OUR MSG:
Control of PGP Keys + associated keys passphrase AND
Burn After Reading: only ONE can view pastebin message AND
AES Encrypted "zero knowledge" (even host can't read the encrypted PGP ciphertext - as little good that would do for them!) AND
256bit AES Encrypted Pastebin message passphrase further protects the PGP encrypted message itself
Tor Hidden Service providing End-To-End encryption for entire sequence of data
(RSA encryption, .onion making up public key)
As you can see, our message is quite secure! π
More than most would ever care to use, or need, but serves as an example: how we can use a little creativity + combinations to further increase the privacy/security of any given message/communication.
On the receipt of Privatebin message, loading the sharable link opens 1 time ("burn after reading" setting), and requires a password to decrypt.
Opening the link in Tor Browser will prompt for password before even displaying the encrypted PGP message, which will then still need to be decrypted in GNU Privacy Assistant / gpg using the correct keys/passphrase:
This post first dedicated/available to Buy Me A Coffee Supporters. Thank you for your Support.
To those who join as monthly coffees membership: thanks for joining! π
I release what I can, when in position to do so.
Help me share this.
Advanced Tip: For more insanely private secure messages (unnecessarily so), we could combine: airgap PGP machines, steganography + encryption to embed PGP messages inside images, finally attaching this picture file to AES encrypted zero knowledge pastebin.
This would be far"too much" for most. Security usability has its limits. I find that a bit too far.
Still, decided to share some related concepts as unlikely as it were to be used.
See previous post/video on combining hidden steganography + encryption: Here. (encrypted volume inside video files tutorial)
Coming up we take a look at privacy respecting open source alternatives to the
Social Media giants.
----------------------------------------------------------------------
π π€ SUPPORT π (If you like to: BTC listed here, Monero directly below)
π³ π EXTRAS: Support here, get something unique
π€ π΅ CASHAPP: $HumanRightsTech
β€οΈ πͺ π Membership
----------------------------------------------------------------------
π² FOLLOW: β¬
β π MASTODON
π¦ TWITTER
πΊ π PEERTUBE
πΊ π BITCHUTE
πΊ π ODYSEE
πΊ π YOUTUBE
----------------------------------------------------------------------
ποΈ LINKS / PUBLIC SERVICE π
----------------------------------------------------------------------
π§
π GITEA SERVICE (.onion): Books, Code/Scripts, Wiki, more (make a repository)
π§
π PASTEBIN (.onion): options- password protect, zk-256bit, "Burn After Reading" + more (use Tor Browser for .onion's)
---------------------------------------------------------------------
β CONTACT
-------------------------------------------------------------------------
THANK YOU for Sharing.
-------------------------------------------------------------------------
If you aren't registered for Odysee I'd love to see you over there.
Use my invite link: https://odysee.com/$invite/@RTP
----------------------------------------------------------