Encryption Description

asaratis · June 3, 2020, 5:14am

This refers to the Political Bullpen Encrypted Messaging Capability - RSA-4096 (Extreme Security) thread.

I see this ( You will see a count of new replies because you read this topic.) at the bottom of the thread, but I see no way to reply to it.

The explanation seems a bit complicated for the average user here (at least I hope it does! ) so I’ll try to ask some of my stupid questions here.

What ramifications does this maximum security system have on the users that choose not to encrypt?

Does this apply to Direct Messages only or to posts in all categories?

If Direct Messages can only be accessed by the names participants, why the need for encryption?

If it applies to posts in the public categories, how will users that choose not to encrypt and guests be able to read them?

Tyfoon · June 3, 2020, 5:18am

I am not the expert on this. @Patriot will respond in the morning, but from a basic perspective it only applies to direct messages. If you turn on encryption and I turn on encryption and we send messages to one another then we will be the only ones who can read it. It can’t be read by admins, mods, or even if someone managed to get root access to the server.

You can’t reply because it’s an announcement.

asaratis · June 3, 2020, 5:40am

If it applies only to direct messages, I have no worries.

Smiley321 · June 3, 2020, 1:34pm

I turned it on, then tried to send you a message (just to try it out) and saw you hadn’t turned it on.

Then I realized that none of my messages are worth encryption, so I turned it off.

Tyfoon · June 3, 2020, 1:43pm

I am going to turn it on later. I’m bad about losing stuff and I can’t lose that paper key that gets generated.

Tyfoon · June 3, 2020, 1:46pm

Ok - I just turned it on because I realized I didn’t have to write the code down lol

asaratis · June 3, 2020, 1:47pm

If I turn it on, does that mean that others without it turned on cannot send messages to me?

Tyfoon · June 3, 2020, 1:47pm

No - it just means the messages that they send to you won’t be encrypted but if you send a message to me for example then it will be encrypted.

asaratis · June 3, 2020, 1:49pm

If I answer a non-encrypted message, do I have to turn it off?

Tyfoon · June 3, 2020, 1:51pm

No. It will detect what is and is not encrypted on its own.

Patriot · June 3, 2020, 1:54pm

I implemented this feature because I am really passionate about privacy. In a nutshell, here is how it works:

Messages are encrypted using an encryption key for the topic. This encryption key is encrypted using the public key of end users.

The server only knows:

there are a bunch of blobs of random data in this message.
there are a bunch of other short blobs for the message (which are topic key encrypted using various user public keys)
certain users are allowed to get the blobs and add blobs

If you are communicating with someone who has not encrypted their messages then the above-mentioned does not apply.

asaratis · June 3, 2020, 1:55pm

So if I turn it on and just leave it on, all will be well? If I shut down and restart in the morning, will it still be on or do I have to kickstart it every time I visit the site?

Patriot · June 3, 2020, 2:00pm

It’s fire and forget. Once it is on it will stay on until you deactivate it. The reason the paper keys are so important is that if you want to turn on encryption across multiple devices you will need to enter in those random words, including the spaces, on every device. Once you do that, it will be on across all devices. So, if you get a new phone or a new computer and want to activate encryption all you need to do is enter those random words from the paper key and you are good. This, along with 2 Factor Authentication, makes hacking your account very difficult. With encrypted messages on, no one, including me, can read your messages.

This is a massive addition to this site. We are now utilizing the same level of encryption used by Proton Mail, Wickr, and many other privacy-focused, free-speech companies. Many government agencies also use this level of encryption.

asaratis · June 3, 2020, 2:06pm

So are the paper keys something that we can copy and paste during the initial startup?

Patriot · June 3, 2020, 2:09pm

Yes. Just copy and paste them to a .txt file, put it somewhere safe (like an encrypted storage provider of your choice) and copy and paste on each new device. You won’t need to do anything on the device you first activate encryption on.

asaratis · June 3, 2020, 2:10pm

On the other devices, where should it be pasted?

Patriot · June 3, 2020, 2:13pm

When you go to turn on encryption in your profile on your other devices you will be prompted to enter the passcode from the paper key.

PorkishDexter · June 3, 2020, 2:15pm

Brilliant feature @Patriot - thanks for putting so much work into it for the benefit of everyone else.

asaratis · June 3, 2020, 2:22pm

Okay. One more question:

I know that nothing in a computer is ever really deleted unless the space on the hard drive where the “deleted” characters are stored is overwritten for lack of other usable space.

If I paste the paper keys in a .txt file, print the file on my Brother printer, then delete the .txt file, what’s to keep a hacker from finding the “deleted” characters either from my hard drive or from my printer records and discerning that they represent an encryption password?

Patriot · June 3, 2020, 3:13pm

You can use a VPN, go to editpad.org paste and print from there, and you should be good.

You can also use pastebin - just don’t save it.