Encryption

Email Privacy Gmail reads every email you send and receive. That’s not an exaggeration. Google scans your emails to: Build advertising profiles Train AI models on your conversations Track purchase history and receipts Identify your contacts and relationships Monitor your location through confirmation emails Google knows more about your life than your closest friends. They know when you’re job hunting (LinkedIn alerts), having health issues (doctor appointment confirmations), traveling (flight confirmations), and buying things (every receipt). ...

🎯 Goal Learn how to protect local data at rest using encrypted filesystems and containers. Explore tools like LUKS, cryptsetup, gocryptfs, and veracrypt, and practice encrypting backups using tar and rsync over SSH. 1. Why Encrypt Data at Rest? Prevent access if your device is lost, stolen, or seized Protect sensitive logs, identity files, password stores Essential for laptops, USB drives, and backups 2. Full-Disk and Partition Encryption with LUKS What Is LUKS? Standard for Linux disk encryption Uses cryptsetup to manage encrypted partitions Key benefits: strong encryption, passphrase support, keyslots WARNING The following examples will erase data. Only do this on test devices or virtual machines. ...

Goal Master symmetric encryption with AES: understand encryption modes (and why ECB is broken), use OpenSSL for file encryption, and learn how Key Derivation Functions transform weak passwords into strong keys. Prerequisites: Week 2a (Hash Functions) This is Part 2 of 3 - Covers symmetric encryption and key derivation. 1. Symmetric Encryption: Shared Secrets What Is Symmetric Encryption? Symmetric encryption uses the same key for both encryption and decryption. Alice Bob | | | "Meet at midnight" + Key123 | |---------> AES Encrypt --------------> | | f8a3b2c1d4e5f6 (ciphertext) | | | | <-------- AES Decrypt <-------------- | | f8a3b2c1d4e5f6 + Key123 | | "Meet at midnight" (plaintext) | Key challenge: How do Alice and Bob agree on “Key123” without anyone else learning it? (Solved in Week 3 with asymmetric crypto) ...

Goal Understand the public-key cryptography revolution and generate your first GPG keypair. This is the foundation for everything else in the course. Prerequisites: Week 2 (Cryptography Fundamentals) This is Part 1 of 4 - Covers history, concepts, and key generation. Introduction: The Public Key Revolution Week 2 taught you symmetric encryption - Alice and Bob share the same secret key. But how do they exchange that key securely? The problem: ...

Goal Master practical GPG operations: understanding your keyring, encrypting files for yourself and others, and creating digital signatures that prove authorship and integrity. Prerequisites: Week 3a (GPG Introduction & Key Generation) This is Part 2 of 4 - Covers keyring management, encryption operations, and signatures. 1. Understanding Your GPG Keyring List All Keys # List public keys gpg --list-keys # Output: pub rsa4096 2025-10-14 [SC] [expires: 2027-10-14] ABCD1234ABCD1234ABCD1234ABCD1234ABCD1234 uid [ultimate] Alice Cypherpunk <[email protected]> sub rsa4096 2025-10-14 [E] [expires: 2027-10-14] Key anatomy: ...

Goal Complete your GPG mastery with key lifecycle management (rotation, revocation, backup), practical email encryption, and understanding when to use modern alternatives like age for simpler use cases. Prerequisites: Week 3c (Key Distribution & Web of Trust) This is Part 4 of 4 - Covers key management, email encryption, and modern alternatives. 1. Key Management: Rotation, Revocation, and Backup Extending Key Expiration Your key expires in 2 years. Before expiration: ...