HOME

TheInfoList



Click Here for Items Related To - Key signing party
OR:
Key signing party on:   [Wikipedia]   [Google]   [Amazon]

In
public-key cryptography Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
, a key signing party is an event at which people present their public keys to others in person, who, if they are confident the key actually belongs to the person who claims it, digitally sign the
certificate Certificate may refer to: * Birth certificate * Marriage certificate * Death certificate * Gift certificate * Certificate of authenticity, a document or seal certifying the authenticity of something * Certificate of deposit, or CD, a financial p ...
containing that
public key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
and the person's name, etc. Key signing parties are common within the
PGP PGP or Pgp may refer to: Science and technology * P-glycoprotein, a type of protein * Pelvic girdle pain, a pregnancy discomfort * Personal Genome Project, to sequence genomes and medical records * Pretty Good Privacy, a computer program for th ...
and
GNU Privacy Guard GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interopera ...
community, as the PGP public key infrastructure does not depend on a central key certifying authority, but to a distributed
web of trust In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the cen ...
approach. Key signing parties are a way to strengthen the
web of trust In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the cen ...
. Participants at a key signing party are expected to present adequate
identity document An identity document (also called ID or colloquially as papers) is any documentation, document that may be used to prove a person's identity. If issued in a small, standard credit card size form, it is usually called an identity card (IC, ID c ...
s. Although PGP keys are generally used with
personal computer A personal computer (PC) is a multi-purpose microcomputer whose size, capabilities, and price make it feasible for individual use. Personal computers are intended to be operated directly by an end user, rather than by a computer expert or tec ...
s for
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, p ...
-related applications, key signing parties themselves generally do not involve computers, since that would give adversaries increased opportunities for subterfuge. Rather, participants write down a string of letters and numbers, called a ''
public key fingerprint In public-key cryptography, a public key fingerprint is a short sequence of bytes used to identify a longer public key. Fingerprints are created by applying a cryptographic hash function to a public key. Since fingerprints are shorter than the k ...
'', which represents their key. The fingerprint is created by a
cryptographic hash function A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output re ...
, which condenses the public key down to a string which is shorter and more manageable. Participants exchange these fingerprints as they verify each other's identification. Then, after the party, they obtain the public keys corresponding to the fingerprints they received and digitally sign them.


See also

*
Zimmermann–Sassaman key-signing protocol In cryptography, the Zimmermann–Sassaman key-signing protocol is a protocol to speed up the public key fingerprint verification part of a key signing party. It requires some work before the event. The protocol was invented during a key signing ...
*
Web of trust In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the cen ...
*
CryptoParty CryptoParty (Crypto-Party) is a grassroots global endeavour to introduce the basics of practical cryptography such as the Tor anonymity network, I2P, Freenet, key signing parties, disk encryption and virtual private networks to the general public. ...


References


External links


Pius
Sign entire keyrings and send encrypted emails automatically


Biglumber
– Keysigning coordination website
Debian wiki: Keysigning
– practical guidance from Debian developers Key management OpenPGP {{crypto-stub