Token-based Encryption with Windows Keystore and OpenPGP

This lecture demonstrates how to use tokens to encrypt file archives with CrococryptFile.

Now I want to show you the token based ways of encrypting files with crawcrook file. As you can see, we’re in the same folder as when we use the password based encryption. In this example, I will only encrypt a single file. So, again, I choose encrypt via croco crypt file. And now I will use the Windows key store to show you what is installed on the system. To show you the Microsoft key store, I go to Internet Options. content and here you can find the certificates installed on your system. What you should know is what your trusted root certificates are, because these are used for SSL TLS or HTTPS connections. So these are all the certificates you automatically trust And as you have seen before, on a personal I have my own, in this case self signed certificate. It’s just for the demonstration purpose here. It could also be a token referencing a hardware token or something. And this can now be used by croco crypt file as you will see here. So I’ve just chosen to encrypt the file and because I have only a single certificate in here, it shows me just this one. And as you will notice, I can encrypt now of course, without any password because it’s a public key based encryption. This is an RSA certificate. And the public key is of course, not confidential, not secretly stored. This is why you don’t need a password for the encryption process. And as you can see, we have an encrypted archive here. If I want to decrypt it, because I have installed it that way under Windows. It’s also possible without a password and a Windows when you install the token you have several options to secure the key like, like Windows asked me if the private key is allowed to be used and stuff like that. But I have disabled that. So this is the simple way of using the Windows key store with crawcrook file. So we’ll remove these files and show you the second way of using public key encryption with Crockett file which is open PGP, PGP or new PG based keys. As you can see here, Windows Keystone only supports RSA. In the case of open PGP, all PGP key formats can be used, which is not limited to RSA. For instance, elgamal is also possible. Of course, when you use this you need an existing PGP key store. These are usually called PGP key rings. If crawcrook file doesn’t find them automatically, you can again choose to select them somewhere on your computer. In this case, I have selected the public hearing on my system, I can encrypt for multiple users. And again, you don’t need to specify a password because it’s public key based. Because PGP secures key rings with passphrases. So the private key is password based encrypted. You have to provide a password here. But again, it’s not password based encryption. It’s not to enable the private key to be used. So I now decrypt my PGP secret key. And again, it works as before. Of course, this only works if you have Sitting key if you have no private key, matching the public key which has been used to encrypt the archive, you won’t be able to decrypt it on your computer.