When you a traveling and think of a loved one back home, you might surprise them by sending them a postcard from your destination.
In your mind, the postcard travels from the city you are in to its recipient—but that isn’t the case.
Once the postcard has been deposited into a collection box, a postal carrier removes all the mail from the box and takes it to the neighborhood post office.
From there, the postcard, along with other mail collected by other carriers of that post office are gathered together in the mail room and placed on a truck and delivered to a mail processing plant. The postcard is sent through a machine that rapidly separates mail by shape.
Linked with an identification code, a barcode is sprayed on the front of the postcard. The barcode, representing the specific delivery address, consists of tall and short bars used for further sorting. The barcode sends a specific mail piece into a bin on the machine for a particular range of ZIP codes, which identify the next processing plant and so on and so on.
The postcard exchanges hands, but we initially thought it went directly to our loved one.
THERE ARE THREE STATES OF DATA … but we will only focus on one of them.
Data in Transit
When we need to send sensitive information to another person—like the postcard—it doesn’t go from A to Z. Likewise, data in transit describes data that is sent over a network (cellular, Wi-Fi, or other networks) An example of this includes sending a text message to another user, or web browsing over a wireless connection or a message via Dread, or a simple email that has many hops, relays and handshakes along the way to the recipient’s inbox.
Data in transit is data that is moving from one location to another. This includes information traveling via email, etc. This data is generally less secure than inactive data or data at rest given its exposure across the Internet or various networks as it travels from one place to another to another to another until reaching its final resting point. This makes data in transit a prime target for various kinds of attack. We will focus on only one of many: the Man-In-The-Middle (MITM) attack.
The Man-In-The-Middle (MITM) Attack
Data integrity refers to maintaining and assuring the accuracy and consistency of data over its entire transit. In this context, data integrity refers to protecting information from outside tampering.
By encrypting our message, we are confident only our recipient will be able to open it and so it cannot be altered or tampered with along the way.
Since we encrypted our message before sending it, only the person possessing the corresponding private key, no one other than that person, can decrypt the message. And no one else can accidentally open the message and view its contents because they do not have the decryption key.
Back to the core basis of why we use PGP.
Encrypting sensitive messages ensures its contents are safe so they can’t be read by prying eyes.
What does all this mean?
Encryption using Public Cryptography (PGP) is the method of changing plaintext that humans can read into human-unreadable scrambled letters, numbers, and symbols. Encrypting and decrypting data is called cryptography.
Our PGP encryption uses an algorithm called a cipher to convert plaintext into scrambled characters known as ciphertext. This complex algorithm generates a key that only an authorized person can use to decrypt the data.
Here, in the darknet we rely heavily on sending messages back and forth along relays, across the globe----sensitive messages containing sensitive information. This is why PGP is so important to us. This is why learning how to encrypt and decrypt messages is vital to our safety. This is why we try to build good habits by encrypting all our messages---because we never know where, someday, the server may end up. But wherever it does, we want the peace of mind, confidence, and certainty that even if our message was intercepted or stolen it cannot by viewed, read, penetrated by others.