Public / Private key pairs are used for securely transmitting encrypted documents. The publication will generate a pair of linked keys, and publish one of them, the public key, while retaining the private key.
If you encrypt a document using the public key from the publication, your document can only be decrypted by the holder of the private key. So any whistleblower wanting to contribute can use that key to make sure no one other than the publication can read their submissions.
The same can be done in reverse. The publisher can use their private key to encrypt a document that only the public key can unlock. Though anyone can decrypt it because the key is public, this verifies the sender because it can only have been sent by the holder of the private key.
Usually they are published to a keyserver, actually printing the key is uncommon.
Thank you. This was a great explanation. How does one go about encrypting a message using a public key? Also should I use a burner email ID to send the encrypted message to guardian?
I’ve not actually done this in practice. There is software that does that. The thing that will get you caught leaking sensitive information is when you have revealed something somewhere. If this newspaper publishes sensitive information you have access to, someone will see that your lemmy account was specifically asking about sending to that specific publisher.
Most journalists know how to protect sources. Some don’t. Make sure you vet whoever you are communicating with.
How does one go about encrypting a message using a public key?
Find the place in your trusted email programms settings to add the recipients public key and select it when sending the mail.
If you want to be able to answer their questions you or identify yourself in follow up emails, you should also generate your own key.
Also should I use a burner email ID to send the encrypted message to guardian?
Anyone spying on you will only be able to see that you contacted the guardian but not what you told them. Having a burner would mean someone sees you contacting the burner service and than the newspaper. That said you should probably make a new email for it but I don’t know what exactly you understand as a burner email.
Public / Private key pairs are used for securely transmitting encrypted documents. The publication will generate a pair of linked keys, and publish one of them, the public key, while retaining the private key.
If you encrypt a document using the public key from the publication, your document can only be decrypted by the holder of the private key. So any whistleblower wanting to contribute can use that key to make sure no one other than the publication can read their submissions.
The same can be done in reverse. The publisher can use their private key to encrypt a document that only the public key can unlock. Though anyone can decrypt it because the key is public, this verifies the sender because it can only have been sent by the holder of the private key.
Usually they are published to a keyserver, actually printing the key is uncommon.
Thank you. This was a great explanation. How does one go about encrypting a message using a public key? Also should I use a burner email ID to send the encrypted message to guardian?
I’ve not actually done this in practice. There is software that does that. The thing that will get you caught leaking sensitive information is when you have revealed something somewhere. If this newspaper publishes sensitive information you have access to, someone will see that your lemmy account was specifically asking about sending to that specific publisher.
Most journalists know how to protect sources. Some don’t. Make sure you vet whoever you are communicating with.
Find the place in your trusted email programms settings to add the recipients public key and select it when sending the mail.
If you want to be able to answer their questions you or identify yourself in follow up emails, you should also generate your own key.
Anyone spying on you will only be able to see that you contacted the guardian but not what you told them. Having a burner would mean someone sees you contacting the burner service and than the newspaper. That said you should probably make a new email for it but I don’t know what exactly you understand as a burner email.