top of page
This site was designed with the
.com
website builder. Create your website today.Start Now
Defend agains Phishing using PGP Signature Verification

 

 

Phinshing attacks are becoming more and more common. Email is extremely easy to forge, Facebook accounts are hacked into. How can you tell that a message from a friend or a collegue, or even your Bank or PayPal is authentic?

 

PGP allows message senders to use their private keys to sign a message before sending it, with or without encrypting it as well. A signed message means two things: first, if you have the sender's public key (and you should, it is after all public), you can verify with very high certainty that it was sent by the holder of the private key. And second, you know for sure the message was not modified or tampered with after it has been signed. This is somewhat like a king's seal, but way, way more secure

 

Identity & Authenticity Verification using PGP

So why aren't digital signatures used more often?

Well, the answer is, we don't know. Digital signatures (not just using PGP, but through a host of other possibilities) are very secure, extremely hard to forget (unlike your regular signature) and can easily be integrated into digital and on-line commerce processes and other transactions. Some governments and institutions are starting to adopt digital signatures, but we are still a long way from where we can be, given that the technology is more than 25 years old.

bottom of page