hello friends! new(ish)!
Encryption: Difference between revisions
>Mrsnooze (jumped all heading by =one= to cleanup) |
>I found an error with the tor redirect mNo edit summary |
||
(22 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
'''Encryption''' is the art of encoding messages in a way that only the intended, authorized person may read it. According to [[Edward Snowden]], strong, tested cryptographic encryption systems were said to be one of the few remaining things that work (i.e. haven't been compromised by the [[NSA]]), and that people can still rely on. | '''Encryption''' is the art of encoding messages in a way that only the intended, authorized person may read it. According to [[Edward Snowden]], strong, tested cryptographic encryption systems were said to be one of the few remaining things that work (i.e. haven't been compromised by the [[NSA]]), and that people can still rely on. | ||
Line 8: | Line 6: | ||
* Against whom do you want your data protected? | * Against whom do you want your data protected? | ||
== Full | == Full disk encryption == | ||
Full Disk Encryption (FDE) is the process of turning your regular HDD stored files into cyphertext, so that anyone gaining access to your physical HDD (e.g. Thieves stealing your PC, LEA kicking your door in) cannot read the contents of your hard drive without knowing an encryption key. | Full Disk Encryption (FDE) is the process of turning your regular HDD stored files into cyphertext, so that anyone gaining access to your physical HDD (e.g. Thieves stealing your PC, LEA kicking your door in) cannot read the contents of your hard drive without knowing an encryption key. | ||
Line 14: | Line 12: | ||
=== Windows === | === Windows === | ||
{{warning|[[Windows]], since Windows NT Workstation 4, has contained a well-known NSA back door. However, [[Windows 7]] and below are considered ''relatively safe'' (if you remove the telemetry updates). | {{warning|[[Windows]], since Windows NT Workstation 4, has contained a well-known NSA back door. However, [[Windows 7]] and below are considered ''relatively safe'' (if you remove the telemetry updates). Windows 10 is highly malicious, and has been proven time and time again to '''not only''' ''datamine and steal user information'', but it '''has been designed to do this'''. Continue at your own risk.}} | ||
Bitlocker was reported to have been [https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/ attacked in 2010] through ElectroMagnetic leaking of cryptographic keys from the TPM chip. [https://d2.maxfile.ro/cvcpumdqtf.png archive-part1] [https://d2.maxfile.ro/trvuqojsdv.png archived-part2] [https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html Bruce Schneier] [https://web.archive.org/web/20160129022320/https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html archived] and [https://firstlook.org/theintercept/2015/04/27/encrypting-laptop-like-mean/ The Intercept] still recommend the software. [https://d2.maxfile.ro/xsdkzytcgm.png archived] Do your own research. | Bitlocker was reported to have been [https://firstlook.org/theintercept/2015/03/10/ispy-cia-campaign-steal-apples-secrets/ attacked in 2010] through ElectroMagnetic leaking of cryptographic keys from the TPM chip. [https://d2.maxfile.ro/cvcpumdqtf.png archive-part1] [https://d2.maxfile.ro/trvuqojsdv.png archived-part2] [https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html Bruce Schneier] [https://web.archive.org/web/20160129022320/https://www.schneier.com/blog/archives/2015/06/encrypting_wind.html archived] and [https://firstlook.org/theintercept/2015/04/27/encrypting-laptop-like-mean/ The Intercept] still recommend the software. [https://d2.maxfile.ro/xsdkzytcgm.png archived] Do your own research. | ||
Line 26: | Line 24: | ||
=== GNU/Linux === | === GNU/Linux === | ||
{{warning|[[GNU/Linux]] FDE does not encrypt the /boot directory of your hard drive for the sole purpose of decryption. This is [https://twopointfouristan.wordpress.com/2011/04/17/pwning-past-whole-disk-encryption/ susceptible] to an extended [https://en.wikipedia.org/wiki/Rootkit?scrlybrkr#bootkit Evil Maid Attack]. This can be prevented by making a bootable flash drive hold your bootloader and /boot directory, and setting up your computer to boot off of your flash drive. Make sure you mount /boot (sudo mount /dev/usbdevice /boot (this may be done automatically by your distro) on your flash drive when updating your repositories with your package manager, it will write data to files in /boot. }} | |||
==== dm-crypt + LUKS ==== | ==== dm-crypt + LUKS ==== | ||
Line 53: | Line 53: | ||
iPhone are widely regarded as the most secure phones/pads, so long as you trust [[Apple]]. | iPhone are widely regarded as the most secure phones/pads, so long as you trust [[Apple]]. | ||
==== 2016 FBI vs Apple | ==== 2016 FBI vs Apple debate ==== | ||
Cryptowars 2.0 began in February 2016 over a [[Wikipedia:2015_San_Bernardino_shooting |terrorist]] who owned an iPhone. | Cryptowars 2.0 began in February 2016 over a [[Wikipedia:2015_San_Bernardino_shooting |terrorist]] who owned an iPhone. | ||
The FBI demanded that Apple provided a custom firmware to flash upon the terrorist's phone which would: | The FBI demanded that Apple provided a custom firmware to flash upon the terrorist's phone which would: | ||
Line 68: | Line 67: | ||
* [http://arstechnica.com/apple/2016/02/google-ceo-forcing-apple-to-comply-with-fbi-may-set-troubling-precedent/ Google is Upset] | * [http://arstechnica.com/apple/2016/02/google-ceo-forcing-apple-to-comply-with-fbi-may-set-troubling-precedent/ Google is Upset] | ||
== Single | As of 2016.03.21, The FBI thinks it can [http://arstechnica.com/tech-policy/2016/03/fbi-says-it-might-be-able-to-break-into-seized-iphone-wants-hearing-vacated/ break into the phone] with [https://apple.slashdot.org/story/16/03/23/1853206/fbi-hires-cellebrite-to-crack-san-bernadino-iphone#comments some israeli forensics company]. This is a backstep from the real issue, which is about setting a precident of backdooring [[Encryption |encryption]]. | ||
As of 2016.5.5, It has been released that the FBI paid [https://wiki.installgentoo.com/index.php/Tor Dark Net] hackers almost one million USD to hack into and unlock the phone. The FBI has been very vague about this, with some agents saying they bought a 0day to use, while some specifically say they paid hackers themselves to get into the iPhone. The 0day, which is specific to an iPhone 5C running iOS 9.2, has been patched already by a recent update, making it defunct to any phones with that update. | |||
== Single file encryption == | |||
Beyond Full Disk Encryption, a single file can be encrypted with ease. Several programs such as 7Zip, WinRAR and WinZip can encrypt one or more files. | |||
=== Tomb === | |||
Tomb, a script by Dyne, can be used to create PGP encrypted containers with ease. It can also hide keys in JPEGs using steghide, providing a layer of obfuscation. Tarballs can be obtained [https://files.dyne.org/tomb/ here], installation instructions if you don't know how to use make can be found [https://github.com/dyne/Tomb/blob/master/INSTALL.md here]. | |||
* Creating a 10mb tomb named "installgentoo": {{ic|$ sudo tomb dig -s 10 installgentoo.tomb}} | |||
* Creating a key for our new tomb: {{ic|$ sudo tomb forge installgentoo.tomb.key}} | |||
* Locking our tomb with our newly created key: {{ic|$ sudo tomb lock installgentoo.tomb -k installgentoo.tomb.key}} | |||
* Opening our locked tomb with our new key (opens in /media/): {{ic|$ sudo tomb open installgentoo.tomb -k installgentoo.tomb.key}} | |||
* Hiding a key in a JPEG (original file is untouched): {{ic|$ sudo tomb bury picture.jpg -k installgentoo.tomb.key}} | |||
=== GPG === | |||
GPG is a simple command line tool aimed to be used in tandem with email to create secure encrypted messages. It uses an asymmetric keyset of RSA public and private keys that it uses to encrypt and decrypt emails (and files). It also can encrypt single files using a passphrase. | |||
=== | ==== Keypair ==== | ||
* Creating a public and private keyset using GPG: {{ic|$ gpg --gen-key}} | |||
* | You will be asked for which key type you want to create, to create an encryption and decryption keyset, choose RSA and RSA. For the highest amount of security, choose the largest bit size possible (4096). You can choose how long this key will last, along with an email address and name associated with it (you can put false information if you'd wish, but use easily-readable stuff like "encryption@cryp.to" and "John Doe", since GPG recognizes recipients by their | ||
* | email address). USE A STRONG PASSPHRASE! Use an easily remembered one like large words randomly chosen with dice. | ||
* Encrypting a file to yourself (using a keypair): {{ic|$ gpg -e -r youremail@here.com yourfilehere}} | |||
The file you encrypted will be created with a ".gpg" at the end of it's name to distingush encrypted files from unencrypted files. After encrypting your file, it would be wise to securely delete your unencrypted file (using srm) to prevent spies. | |||
* Decrypting a file to yourself (using a keypair): {{ic|$ gpg --output yourfilehere -d yourfilehere.gpg}} | |||
This will decrypt your encrypted file as "yourfilehere". This decrypted file will overwrite any file with the same name. | |||
You will be | ==== Passphrase ==== | ||
Alternatively, you can encrypt a single file with a passphrase. | |||
* Encrypting a single file with a passphrase: {{ic|$ gpg -c yourfilehere}} | |||
You will be asked for a password and your encrypted file will be made with a ".gpg" extension in the name. USE A STRONG PASSPHRASE! Use an easily remembered one like large words randomly chosen with dice. After encrypting your file, it would be wise to securely delete your unencrypted file (using srm) to prevent spies. | |||
* Decrypting a single file with a passphrase: {{ic|$ gpg --output yourfilehere -d yourfilehere.pgp}} | |||
This will decrypt your encrypted file as "yourfilehere". This decrypted file will overwrite any file with the same name. | |||
== Web | == Web encryption == | ||
Everything you view/submit to a website is readable by third parties without encryption. | Everything you view/submit to a website is readable by third parties without encryption. | ||
Line 87: | Line 112: | ||
HTTPS is dependant upon Certificate Authorities (CAs), such as Comodo and Verisign which cryptographically sign Certificates to confirm that the website you're connecting to is who it says it is, rather than some random hacker. Your operating system/browser has a number of certificates which it trusts, and those trusted certificates are compared against the website that you're accessing. | HTTPS is dependant upon Certificate Authorities (CAs), such as Comodo and Verisign which cryptographically sign Certificates to confirm that the website you're connecting to is who it says it is, rather than some random hacker. Your operating system/browser has a number of certificates which it trusts, and those trusted certificates are compared against the website that you're accessing. | ||
: For e.g. | : For e.g. wiki.installgentoo.com used to be signed/verified by [https://letsencrypt.org/ Let's Encrypt] (but is now using Cloudflare). | ||
If the website you're visiting gives an invalid certificate, your browser will complain. | If the website you're visiting gives an invalid certificate, your browser will complain. | ||
Line 93: | Line 118: | ||
* Firefox uses it's own Certificate store. | * Firefox uses it's own Certificate store. | ||
== Communication | == Communication encryption == | ||
Beyond file encryption there is communication encryption, which is essentially file-in-transit | Beyond file encryption there is communication encryption, which is essentially file-in-transit encryption. This sections covers technologies referring to chats/texts/email/similar. | ||
There are generally two types of communication encryption: | There are generally two types of communication encryption: | ||
=== Serverside | === Serverside encryption === | ||
Serverside encryption encrypts your message to the server only, and then out to yout recipient. This method relies completely on trusting the server to not read your message and not be compromised by a third party. | Serverside encryption encrypts your message to the server only, and then out to yout recipient. This method relies completely on trusting the server to not read your message and not be compromised by a third party. | ||
=== End to | === End-to-end encryption === | ||
End to End encryption works on the principal that only the sender and recipient can understand the message being sent. Any third party (including any server the message is sent through) will not be able to decrypt the message. This is the preferred method for all communications. | End to End encryption works on the principal that only the sender and recipient can understand the message being sent. Any third party (including any server the message is sent through) will not be able to decrypt the message. This is the preferred method for all communications. | ||
Line 108: | Line 133: | ||
[[PGP]] allows for secure message bodies within email. Sender/Recipients are still plaintext, which is [https://www.techdirt.com/articles/20140511/06390427191/michael-hayden-gleefully-admits-we-kill-people-based-metadata.shtml enough to kill you]. | [[PGP]] allows for secure message bodies within email. Sender/Recipients are still plaintext, which is [https://www.techdirt.com/articles/20140511/06390427191/michael-hayden-gleefully-admits-we-kill-people-based-metadata.shtml enough to kill you]. | ||
== Encryption | == Encryption standards == | ||
Wikipedia maintains a great article on [[Wikipedia:Encryption |Encryption]]. | Wikipedia maintains a great article on [[Wikipedia:Encryption |Encryption]]. | ||
Stuff you've probably heard of: | Stuff you've probably heard of: | ||
* [[Wikipedia:Advanced_Encryption_Standard |AES]], the standard web encryption protocol which is publicly available to use and was the winner of the AES competition (originally known as Rijndael). | * [[Wikipedia:Advanced_Encryption_Standard |AES]], the standard web encryption protocol which is publicly available to use and was the winner of the AES competition (originally known as Rijndael). | ||
* [[Wikipedia:Twofish |Twofish]], a | * [[Wikipedia:Twofish |Twofish]], a competitor of AES. | ||
* [[Wikipedia:Serpent_%28cipher%29 |Serpent]], the more secure but more CPU intensive cipher that competed for the AES title. | * [[Wikipedia:Serpent_%28cipher%29 |Serpent]], the more secure but more CPU intensive cipher that competed for the AES title. | ||
== Cryptology in | == Cryptology in applications == | ||
The best and easiest to use public key crypto library is [http://nacl.cr.yp.to NaCl]. Don't even try creating your own crypto algorithm or using another shitty library. The important part with crypto is ''always use enough randomness in your keys''. If you don't, [http://tobtu.com/decryptocat-old.php this] happens (you can't really have this problem with NaCl though). The other important part is ''always use a unique nonce''. | The best and easiest to use public key crypto library is [http://nacl.cr.yp.to NaCl]. Don't even try creating your own crypto algorithm or using another shitty library. The important part with crypto is ''always use enough randomness in your keys''. If you don't, [http://tobtu.com/decryptocat-old.php this] happens (you can't really have this problem with NaCl though). The other important part is ''always use a unique nonce''. | ||
Line 131: | Line 156: | ||
- The keys are only 256 bits (It's ECC), and it's as secure as RSA 3072. | - The keys are only 256 bits (It's ECC), and it's as secure as RSA 3072. | ||
= Other | == Other links == | ||
[http://crunchbang.org/forums/viewtopic.php?id=24722 This Crunchbang forum] post [https://archive.is/8mBMd archived] (named "The Paranoid Crunchbang Security Guide") has tools and techniques that specifically apply to #!++ (Crunchbang Plus-Plus), but easily applies to other distros as well. Very good resource. | [http://crunchbang.org/forums/viewtopic.php?id=24722 This Crunchbang forum] post [https://archive.is/8mBMd archived] (named "The Paranoid Crunchbang Security Guide") has tools and techniques that specifically apply to #!++ (Crunchbang Plus-Plus), but easily applies to other distros as well. Very good resource. |
Latest revision as of 02:48, 28 February 2023
Encryption is the art of encoding messages in a way that only the intended, authorized person may read it. According to Edward Snowden, strong, tested cryptographic encryption systems were said to be one of the few remaining things that work (i.e. haven't been compromised by the NSA), and that people can still rely on.
Encryption covers many areas of computing and covers many levels of Security. While there are no Silver Bullets to protect yourself, you can guard against many adversaries via encryption techniques.
It is recommended that you define your adversary before continuing, because encryption is a defensive tactic and is only useful against known offensive tactics. In short:
- Against whom do you want your data protected?
Full disk encryption
Full Disk Encryption (FDE) is the process of turning your regular HDD stored files into cyphertext, so that anyone gaining access to your physical HDD (e.g. Thieves stealing your PC, LEA kicking your door in) cannot read the contents of your hard drive without knowing an encryption key.
Full Disk Encryption is useless when your PC is running. Once your FDE drive is unlocked/deciphered any running program or user can read everything in it.
Windows
Bitlocker was reported to have been attacked in 2010 through ElectroMagnetic leaking of cryptographic keys from the TPM chip. archive-part1 archived-part2 Bruce Schneier archived and The Intercept still recommend the software. archived Do your own research.
Since Microsoft's operating system is proprietary software, it is possible that the Bitlocker encryption is backdoored.
TrueCrypt has been abandoned since 05/2014. A crypto audit completed in 05/2015 reports it as 'a well-designed piece of software with only minor issues'. VeraCrypt, a fork from TrueCrypt, continues its development. This is technically illegal (as the TrueCrypt software license does not allow forks), but there is little chance of the original TrueCrypt developers launching a lawsuit against VeraCrypt.
OS X
Much like Windows, there is no safe option for bulk symmetric encryption on OS X. FileVault, while offering strong encryption, is only acceptable if you're hiding files from thieves and simple adversaries. This is because Apple's FileVault is, of course, proprietary software.
GNU/Linux
dm-crypt + LUKS
dm-crypt + LUKS is the recommended encryption solution for GNU/Linux. It comes with the kernel. Since version 1.6, cryptsetup supports TrueCrypt containers natively, so there's no need to install TrueCrypt or tc-play.
Take note of the --iter-time parameter while creating a dm-crypt volume. This creates a time delay to guard against brute force attacks, which the FBI have shown archived that they have problems attacking. archived
The Arch Linux Wiki maintains a fantastic guide on dm-crypt which is applicable to most Linux distributions.
tc-play
tc-play A FOSS Truecrypt implementation to replace the official version. Supports most of Truecrypt's features. Nowadays useful only for reading your Truecrypt volume and migrating it to dm-crypt.
VeraCrypt
VeraCrypt, TrueCrypt's successor. Is cross-platform and has a TrueCrypt compatibility mode for those with old TC disks.
Android
Both stock and third party (e.g. cyanogenmod, omnirom) Android Roms allow for device encryption. They all use the linux kernel dm_crypt encryption options. This will keep out most non-lea actors.
Be aware that any phone which can be flashed with a custom rom can also be flashed with a malicious rom (i.e. any phone which cyanogenmod can be flashed on can also be flashed with fbi-nsa-fiveeyes.rom). Any phone locked to a telco provider (e.g. AT&T only) is probably compromised by US LEA too.
The best defense is a good password.
Your pincode sucks btw.
iOS
iPhone are widely regarded as the most secure phones/pads, so long as you trust Apple.
2016 FBI vs Apple debate
Cryptowars 2.0 began in February 2016 over a terrorist who owned an iPhone. The FBI demanded that Apple provided a custom firmware to flash upon the terrorist's phone which would:
- Allow more than 10 password guesses per hour.
- Not allow the phone to wipe itself after 10 bad guesses.
- Allow guesses to be made via usb/whatever interface, rather than the touchscreen.
i.e. circumvent all the regular iPhone protections against a brute force attack on it's password.
This has been widely seen as an attempt to set a judicial precedent by the US government so that future criminal/"criminal" cases can allow encyption to be bypassed/criminalised.
As of 2016.03.21, The FBI thinks it can break into the phone with some israeli forensics company. This is a backstep from the real issue, which is about setting a precident of backdooring encryption.
As of 2016.5.5, It has been released that the FBI paid Dark Net hackers almost one million USD to hack into and unlock the phone. The FBI has been very vague about this, with some agents saying they bought a 0day to use, while some specifically say they paid hackers themselves to get into the iPhone. The 0day, which is specific to an iPhone 5C running iOS 9.2, has been patched already by a recent update, making it defunct to any phones with that update.
Single file encryption
Beyond Full Disk Encryption, a single file can be encrypted with ease. Several programs such as 7Zip, WinRAR and WinZip can encrypt one or more files.
Tomb
Tomb, a script by Dyne, can be used to create PGP encrypted containers with ease. It can also hide keys in JPEGs using steghide, providing a layer of obfuscation. Tarballs can be obtained here, installation instructions if you don't know how to use make can be found here.
- Creating a 10mb tomb named "installgentoo":
$ sudo tomb dig -s 10 installgentoo.tomb
- Creating a key for our new tomb:
$ sudo tomb forge installgentoo.tomb.key
- Locking our tomb with our newly created key:
$ sudo tomb lock installgentoo.tomb -k installgentoo.tomb.key
- Opening our locked tomb with our new key (opens in /media/):
$ sudo tomb open installgentoo.tomb -k installgentoo.tomb.key
- Hiding a key in a JPEG (original file is untouched):
$ sudo tomb bury picture.jpg -k installgentoo.tomb.key
GPG
GPG is a simple command line tool aimed to be used in tandem with email to create secure encrypted messages. It uses an asymmetric keyset of RSA public and private keys that it uses to encrypt and decrypt emails (and files). It also can encrypt single files using a passphrase.
Keypair
- Creating a public and private keyset using GPG:
$ gpg --gen-key
You will be asked for which key type you want to create, to create an encryption and decryption keyset, choose RSA and RSA. For the highest amount of security, choose the largest bit size possible (4096). You can choose how long this key will last, along with an email address and name associated with it (you can put false information if you'd wish, but use easily-readable stuff like "encryption@cryp.to" and "John Doe", since GPG recognizes recipients by their email address). USE A STRONG PASSPHRASE! Use an easily remembered one like large words randomly chosen with dice.
- Encrypting a file to yourself (using a keypair):
$ gpg -e -r youremail@here.com yourfilehere
The file you encrypted will be created with a ".gpg" at the end of it's name to distingush encrypted files from unencrypted files. After encrypting your file, it would be wise to securely delete your unencrypted file (using srm) to prevent spies.
- Decrypting a file to yourself (using a keypair):
$ gpg --output yourfilehere -d yourfilehere.gpg
This will decrypt your encrypted file as "yourfilehere". This decrypted file will overwrite any file with the same name.
Passphrase
Alternatively, you can encrypt a single file with a passphrase.
- Encrypting a single file with a passphrase:
$ gpg -c yourfilehere
You will be asked for a password and your encrypted file will be made with a ".gpg" extension in the name. USE A STRONG PASSPHRASE! Use an easily remembered one like large words randomly chosen with dice. After encrypting your file, it would be wise to securely delete your unencrypted file (using srm) to prevent spies.
- Decrypting a single file with a passphrase:
$ gpg --output yourfilehere -d yourfilehere.pgp
This will decrypt your encrypted file as "yourfilehere". This decrypted file will overwrite any file with the same name.
Web encryption
Everything you view/submit to a website is readable by third parties without encryption. The standard encryption method is HTTPS (HTTP Secure) which uses SSL/TLS encryption to communicate with a website. This is the standard encryption protocol which your GMail/Online Banking/eBay interactions use.
HTTPS is dependant upon Certificate Authorities (CAs), such as Comodo and Verisign which cryptographically sign Certificates to confirm that the website you're connecting to is who it says it is, rather than some random hacker. Your operating system/browser has a number of certificates which it trusts, and those trusted certificates are compared against the website that you're accessing.
- For e.g. wiki.installgentoo.com used to be signed/verified by Let's Encrypt (but is now using Cloudflare).
If the website you're visiting gives an invalid certificate, your browser will complain.
- IE and Chrome/Chromium use the System Certificate store.
- Firefox uses it's own Certificate store.
Communication encryption
Beyond file encryption there is communication encryption, which is essentially file-in-transit encryption. This sections covers technologies referring to chats/texts/email/similar.
There are generally two types of communication encryption:
Serverside encryption
Serverside encryption encrypts your message to the server only, and then out to yout recipient. This method relies completely on trusting the server to not read your message and not be compromised by a third party.
End-to-end encryption
End to End encryption works on the principal that only the sender and recipient can understand the message being sent. Any third party (including any server the message is sent through) will not be able to decrypt the message. This is the preferred method for all communications.
PGP
PGP allows for secure message bodies within email. Sender/Recipients are still plaintext, which is enough to kill you.
Encryption standards
Wikipedia maintains a great article on Encryption. Stuff you've probably heard of:
- AES, the standard web encryption protocol which is publicly available to use and was the winner of the AES competition (originally known as Rijndael).
- Twofish, a competitor of AES.
- Serpent, the more secure but more CPU intensive cipher that competed for the AES title.
Cryptology in applications
The best and easiest to use public key crypto library is NaCl. Don't even try creating your own crypto algorithm or using another shitty library. The important part with crypto is always use enough randomness in your keys. If you don't, this happens (you can't really have this problem with NaCl though). The other important part is always use a unique nonce.
NaCl is real easy to use, just use crypto_box_keypair() to generate a public/private keypair, use crypto_box() to encrypt data and use crypto_box_open() to decrypt it (This is the only function that you need to check the return value, it returns -1 if the decryption failed). Why does crypto_box() use your private key to encrypt a message you ask? That's so the other can check if that encrypted message really came from you, the same reason why crypto_box_open() takes the public guy of the guy who sent you the encrypted data.
If you have a grain of intelligence, before using NaCl for anything you will read everything on the website, especially this page.
- Why NaCl?
- It's secure (Authentication, protection against timing attacks, etc..)
- It's fast (RSA is very slow, and the RSA was backdoored by the NSA).
- The keys are only 256 bits (It's ECC), and it's as secure as RSA 3072.
Other links
This Crunchbang forum post archived (named "The Paranoid Crunchbang Security Guide") has tools and techniques that specifically apply to #!++ (Crunchbang Plus-Plus), but easily applies to other distros as well. Very good resource.
This archived is an explanation into why TrueCrypt is still safe to use, as well as this.
Here and here are both links to TrueCrypt's spiritual successor, VeraCrypt.
Bitlocker and FileVault links are here if you are absolutely fucking retarded and haven't read a single thing on this page. Cat photos only.
Also check Fucko for other tips.