Reference no: EM13869905
Public- and private-key pair (Group Project) Print Page This is a 2-Week project that contains two main tasks. You need to manage your time well to be able to finish both tasks on time. The submission of the final document is due by Wednesday of Week 4, but your contribution in the Group Project forum will be marked throughout the 2-Week period, so your regular participation is important. As you progress in your work, use the 'Sample Template for document submission' to track your deliverables.
Task 1 (to be completed by the end of Week 3): Install an OpenPGP-compliant email software package on your computer, like any of the ones found at the OpenPGP Alliance (n.d.) Web site or any product in compliance with RFC 4880 (Network Working Group, 2007). GnuPG (The GnuPG Project, 2014) in particular is freely available and widely used.
You are welcome to use PGP itself, but note that as of 2010, PGP is owned by Symantec and is only available as a commercial product (Symantec, 2014). You may wish to try the Enigmail add-ons for Thunderbird (Brunschwig, 2013). For the purposes of this Group Project, any of these OpenPGP-compliant products will be referred to as 'PGP'. For the project, generate a public- and private-key pair for yourself.
If you have any problem in installing it properly, please discuss this in the Group Project forum with your team members. Publish your public key in your project exchange folder. Optionally, export your public keys to one or more of the PGP key servers.
If you publish your keys there, your email address will also be public there. If you feel you do not want to publish your email address there, you can choose not to do so. You can also generate a key for some email address that you do not care about and publish the corresponding key for that email address to the PGP key servers. Post some encrypted messages for each of your project colleagues in the Group Project forum.
You can also publish the ciphertext in your Group Project forum. Be sure to post these encrypted messages in the Group Project forum, not private email boxes, since the Instructor cannot read your private email box and, hence, cannot give you a grade. If you get an encrypted message for yourself, decrypt it and ask the sender to verify that the message is correct.
By the end of Week 3, you should have finished the installation of PGP, published your public key, published the encrypted messages to your colleagues and decrypted the messages for you (posting the messages in the folder for verification). All work should be done in the Group Project forum.