1 00:00:00,000 --> 00:00:06,000 Another feature that I want to cover in this lecture is how to sign a file without encrypting it. 2 00:00:06,000 --> 00:00:11,000 So maybe you want to actually transfer this picture over the Internet, but you're okay with people 3 00:00:11,000 --> 00:00:13,000 seeing the content of the picture. 4 00:00:13,000 --> 00:00:19,000 You only want to make sure that the sender is able to verify that this picture was actually sent by 5 00:00:19,000 --> 00:00:23,000 you and that it was not modified since you created it. 6 00:00:23,000 --> 00:00:30,000 So this is similar to what the tails or the developers do when they create a new version of the application. 7 00:00:30,000 --> 00:00:34,000 And that's what I showed you at the start of the course when we were validating and making sure that 8 00:00:34,000 --> 00:00:41,000 the files that we downloaded did not get modified and are actually created by the Tor or the Tails creators. 9 00:00:42,000 --> 00:00:48,000 We can do this by simply signing the file without encrypting it, and we can do it also using Cleopatra. 10 00:00:48,000 --> 00:00:53,000 So again, I'm at David's computer here, as you can see with the one with the green background, you 11 00:00:53,000 --> 00:00:56,000 can see that I have David's key pair, the private and the public. 12 00:00:56,000 --> 00:00:59,000 And I only have John's public key. 13 00:00:59,000 --> 00:01:05,000 So what we want to do, we want to sign this image, this picture as David, but we don't want to encrypt 14 00:01:05,000 --> 00:01:06,000 it. 15 00:01:06,000 --> 00:01:12,000 So all we have to do is again, click on sign, encrypt, select the picture that we want to sign. 16 00:01:12,000 --> 00:01:14,000 And it's the same picture in here. 17 00:01:15,000 --> 00:01:20,000 And this time we want to sign it as David, but we don't want to encrypt it at all. 18 00:01:20,000 --> 00:01:23,000 So we don't want to take any of these boxes. 19 00:01:24,000 --> 00:01:25,000 And that's it. 20 00:01:25,000 --> 00:01:30,000 Now, as you can see, as a result, you're going to get a file that has the same picture name but ends 21 00:01:30,000 --> 00:01:35,000 with a dot sig with a dot sig extension short for signature. 22 00:01:35,000 --> 00:01:42,000 And once we click sign in here and the process is successful, you'll be able to see an extra file in 23 00:01:42,000 --> 00:01:46,000 the same location that we selected and it has the Sig file. 24 00:01:46,000 --> 00:01:50,000 So this is simply a signature for this file right here. 25 00:01:50,000 --> 00:01:54,000 This signature corresponds to this current version of the file. 26 00:01:54,000 --> 00:02:01,000 And if this file is modified in any way, shape or form, it will break the signature. 27 00:02:01,000 --> 00:02:07,000 Therefore, what we need to do now is send this file as is, along with the signature. 28 00:02:07,000 --> 00:02:14,000 As a result, people can make sure that this file did not get modified by validating this signature. 29 00:02:14,000 --> 00:02:16,000 So again, you can transfer this any way you want. 30 00:02:16,000 --> 00:02:18,000 We covered that previously. 31 00:02:18,000 --> 00:02:22,000 I'm going to pause the video and resume once I have it downloaded at John's computer. 32 00:02:23,000 --> 00:02:30,000 So now we're back to John's computer and I have the image sent as is unencrypted along with its signature 33 00:02:30,000 --> 00:02:31,000 right here. 34 00:02:31,000 --> 00:02:35,000 And assuming John was able to download this from the Internet. 35 00:02:35,000 --> 00:02:40,000 And all we want to do right now is make sure that this file or this picture did not get modified. 36 00:02:40,000 --> 00:02:43,000 And we're going to do this using the signature. 37 00:02:43,000 --> 00:02:49,000 It's very important to make sure that the file and the signature are stored in the same directory and 38 00:02:49,000 --> 00:02:50,000 have the same name. 39 00:02:50,000 --> 00:02:52,000 As you can see in here. 40 00:02:52,000 --> 00:02:56,000 We're just going to select the file and it will automatically find the signature within the same working 41 00:02:56,000 --> 00:02:57,000 directory. 42 00:02:57,000 --> 00:02:59,000 And doing this is very, very easy. 43 00:02:59,000 --> 00:03:05,000 Again, using tails, we're simply going to click on Decrypt Verify, we're going to select the file 44 00:03:05,000 --> 00:03:10,000 that we want to check its integrity In this example, it's this picture right here. 45 00:03:10,000 --> 00:03:15,000 We're going to click open and we're going to click on the audit log. 46 00:03:15,000 --> 00:03:21,000 And as you can see, it's telling us right now that there is a good signature from David again, meaning 47 00:03:21,000 --> 00:03:28,000 that this signature was created by David and that this picture did not get modified since this signature 48 00:03:28,000 --> 00:03:29,000 was created. 49 00:03:30,000 --> 00:03:35,000 Now, as you can see, I've only selected the picture when I was checking the signature because the 50 00:03:35,000 --> 00:03:41,000 signature exists in the same directory and it has the same name as the picture. 51 00:03:41,000 --> 00:03:46,000 So it is very important to have the picture and the signature in the same directory and have the same 52 00:03:46,000 --> 00:03:47,000 name. 53 00:03:47,000 --> 00:03:54,000 And this way it allows the sender to verify that this picture was actually sent by you and that it was 54 00:03:54,000 --> 00:03:57,000 not modified since you created it.