What's the point of encryption and email if I have to send

That's not how that works. You send them your public key and they encrypt their email to you with it and you decrypt it with your private key,

>>57393757
Build your own file sharing program that uses end to end encryption.

>>57393768
and sending the public key is considered safe? how does he will decrypt it?

>>57393784
With his private key.
public is for encryption.
private for decryption.

>>57393784
These keys come in pairs. Public encrypts, Private decrypts.

>>57393784
Public keys only encrypt the data, so they're safe to be sent wherever you want. Almost everyone posts their public key somewhere on their blog or at the end of a normal email message.

>>57393784
The public key is used to encrypt data which only you can decrypt with your private key.
You send him your public key, he sends you his public key.
You encrypt stuff with his public key and send it to him. He encrypts stuff with your private key and sends to you.

>>57393811
For some reason I thought public but typed private in that last sentence.

>>57393784

>and sending the public key is considered safe
By design. In public key cryptography, there are two keys. One which is public (literally everyone in the world can have this key, and it won't help them at all), and one is private.

It works like this:

1. I generate a public key A and a private key B. Key B can be used to decrypt messages encrypted with key A.
2. I send you public key A.
3. You generate a symmetric key C, and encrypt it with A.
4. You send me the encrypted key C. Since no one else has a private key, they can't decrypt C.
5. I decrypt C with private key B, and we continue sending messages from here on out encrypted with the symmetric key C.

Or at least that's the simple version of it. In reality, there's a few extra steps involving trusted certificate authorities to make sure that they key you're getting is really my public key, and not the public key of someone sitting in between us and fucking with our packets.

>>57393768
there are two different types of encryption. Public key cryptography as you described and then theirs symmetric or shared key encryptions. AES-128 and 256 are symmetric key where there is no such thing as a public key. SHA algorithms are used for public or private. Generally speaking public key cryptography is used for small messages and symmetric is used on larger ones since public key algorithms are slow. One trick is to use public key encryption to transmit a symmetric key, known as a session key to continue an encrypted message giving you the best of both worlds.

Public key isn't used allowed outside a dedicated protocol like ssh since distributing public keys can be cumbersome. If you wanted to email buddy you could ask him to create a private key, generate a public key from that, have him email you the public key, encrypt your file and send it to him so he can use his private key. I believe if you both have outlook you can sort of automate this sort of thing but its a PITA no matter what.

>>57393798
but the private key only works for him or to anyone with the access to the key?

>>57393868

Anyone who has access to the private key can use it to decrypt. But you don't share the private key. That's why it's called the private key.

>>57393838
>>57393866
thanks
can you recommend software, website with tutorial, books about encryption? specially email encryption
I don't have anything to hide quite honestly I just wanted to know if it works since google is based in the USA and USA don't respect privacy anymore

>>57393884

>I just wanted to know if it works since google is based in the USA and USA don't respect privacy anymore

IF it works? Unequivocally yes, unless the implementation has bugs in it. As long as the key length is long enough, no one is going to be breaking RSA any time before the sun explodes without a quantum computer, and even then, there are some algorithms out there that don't rely on NP-Complete problems.

If you need a brief description of WHY public key cryptography can work, see this video:

https://www.youtube.com/watch?v=bjWOG50PfdI

>>57393757
>hurr I'm too fucking stupid to use asymmetric encryption and too dumb to understand how a diffie-hellman key exchange works for symmetric encryption
why the fuck are you even here? shouldn't you be on reddit you fucking mouthbreathing mongoloid?

>>57393884
err... I'm not sure I can give a single good answer other than trust the systems you're provided. There is a big clusterfuck of software people rely on. The only way to do what I described semi-manually is with GPG, the GNU Privacy Guard or one of its front ends. Hope you like command line.

https://www.gnupg.org/

You can sign or encrypt arbitrary bits of text. A few years back a bunch of posters were using that as signatures so you'll probably get banned on /g/ for trying that but its possible. One thing you could do is have you're friend email you a public key and then email the private key. Or GPG also supports encrypting entire files. But then both of you have to be half decent at linux.

File: pgpkey.jpg (25KB, 556x175px) Image search: [Google]

25KB, 556x175px

Just realized my PGP key is 20 years old.