1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
# Basic Concepts
If you don't know GPG, or PGP, you may need to learn some basic concepts here before using Gpg Frontend. This reduces
the chance of you making mistakes, such as distributing your private key to the world.
## The most basic concepts you must know
First, you need to generate a key pair, which you can imagine as a key ring. Each key pair has at least two keys, a
public key and a corresponding private key. These two keys form a key pair. There can also be multiple public keys and
their (one-to-one correspondence) private keys in a key pair, which will be described later. The public key can be
released to the outside world. Others can use your public key to encrypt the information they want to give you. The
private key is kept by yourself. If it is leaked, your encryption will no longer be meaningful.
What you need to know is that the public key is used to encrypt information, and the ciphertext encrypted by others
using the public key you released is guaranteed to be decrypted only by the corresponding private key of your key pair.
This process involves some The principle of cryptography, you can trust this process unless no one knows your private
key except you. The reverse of this process is also valid, you can encrypt a message with your private key, and someone
else decrypts the message with your public key. The significance of this inverse process is that if the person using the
public key cannot normally decrypt a message encrypted with the private key, then it is certain that the message does
not come from the person who owns the private key corresponding to the public key. . This process can also be trusted.
It can be seen that this reverse process establishes a process of signing and then verifying. Information encrypted with
the private key can be seen as a signature. Others can use the public key to verify that the signature is valid.
If you just want to use the tool, you don't need to understand the cryptography behind it, you just need to remember the
above.
If you want to know more, you can read on.
## Multiple pairs of public and private keys in a key pair
In a key pair, there is at least one pair of public key and private key, but there is no limit to the maximum number of
pairs. You can generate another pair of public and private keys (we call them subkeys), and then add them to the key
pair, but it is worth noting that the newly added public and private key pairs are the same as the first pair. Pairs
have a public key and private key (which we call the primary key) pair associated.
You can specify which process a subkey pair is used for. For example, the first key pair is used for encryption and
decryption, the second key pair is used for signing and verification, or the third key pair can be used for encryption
and decryption. Used to do the above two key pairs at the same time. Please specify these things when generating the
subkey.
The master key is automatically generated when the key pair is generated, and the subkey can be added by the user at
will.
When generating the master key or subkey, you can choose some algorithms such as RSA, DSA, etc. You do not need to
understand the specific principles of these. You just need to know that subkeys generated by certain algorithms cannot
perform certain processes (such as encryption and decryption), but can only perform certain processes (such as signing
and verification). It is worth mentioning that for RSA, you can choose the key length when using the algorithm, you can
think that the key
## The first pair of public and private keys in a key pair (primary key)
The first pair of public and private keys (master key) in a key pair is very critical, because subsequent public and
private keys (sub-keys) are linked to them, you can think that if someone else gets yours Master key (including public
and private key information), he can generate sub-keys based on the information of the master key, and then he can use
the sub-keys he generated to impersonate you and communicate with others.
Therefore, the private key of the master key (the public key can be released to others) must not be leaked. The
disclosure of its private key means that the entire key pair is no longer safe and must be stopped immediately.
|
