OpenPGP really works

OpenPGP really works
or it’s more sexy to create the next secure chat applications than improving existing RFCs
By Alexandre Dulaunoy
Jan 2 2017

In the past years, I have seen many articles, publications or blog posts mentioning that PGP is dead or has been replaced by the next-generation chat applications. We are obviously shifting our communication channels towards ephemeral communication schemes and the OpenPGP standard is maybe not the best suited protocol. Already in 2005, the well-known paper “Why Johnny Can’t Encrypt” was already pinpointing the shortcoming of the user-interface and experience in PGP. So I decided to track one day of my activities relying on PGP and especially to list where the OpenPGP standards play a significant role and especially its GnuPG free software implementation.

My day-to-day work is in the field of information security and especially incident handling, analysis and response. A significant volume of sensitive information is exchanged, handled, stored, processed and distributed when you perform incident response. Ensuring integrity, authentication and confidentiality is a key factor. So I installed snoopy for a day to look how many times GnuPG or a related library is started and used on my laptop running a recent Ubuntu GNU/Linux distribution.

The output of snoopy looks like this:



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s