PGP encryption is not only about RSA keys. Elliptic Curve Cryptography (ECC) offers another twist on the subject, requiring smaller key sizes to provide an equivalent level of security.
At last! It was about time! Allow me to bring a conclusion to our experiments in encryption. Let’s use what we previously learned about working with PGP on Java and JavaScript and make the two exchange PGP messages.
So far in this series of posts we have examined how to handle PGP encryption’s core tasks in Java. We now move to the front end side and examine the incredible power of OpenPGP.js !
In the previous installment we examined how to generate PGP keys using Java. Now that we have those, we can start encrypting! This post examines how to leverage the excellent Bouncy GPG library to make Java PGP encryption as easy as it gets.
Last time we examined whether Efail and SigSpoof were a game breaker or not. Spoiler: it’s not half as bad as it was claimed. Today we will get our hands dirty: we will implement OpenPGP key generation in Java with BouncyCastle’s seminal library.
You may have noticed: encryption has received some bad rap lately. I’m talking about Efail and SigSpoof of course, two flaws that impacted OpenPGP-based applications such as GnuPG, Enigmail, etc. Does it mean that OpenPGP is broken?