GnuPG with Gnuk Token
control your own computing
Niibe Yutaka
Long time hacker from UEC. Contributions started by internationalization of GNU Emacs in 90's, Linux PLIP driver and its network protocol stack. As an individual (no contract, no NDA against semiconductor companies), I worked to open up the field of Free Software for Japanese embedded processors (Hitachi's SuperH, and Mitsubishi's M32R) in 2000's. It included the definition of ABI for shared object, porting GNU Toolchain, porting Linux kernel, and preparation for distribution. As an councilor of IPA, Japan, I promoted the developments of Free Software in Japan, getting budgets from Japanese government, in 2000's. Founding board member of Free Software Initiative of Japan, and currently its chairman. Since 2005, I am a Debian Developer. Since 2010, I am working for Gnuk Token. In 2011, I joined GnuPG Project. Founding member of GnuPG e.V. Since 2012, I work as Japanese translation coordinator of the web site of GNU Project: www.gnu.org.
I will introduce the basic usage of GnuPG for Free Software Developers, address new features in GnuPG 2.2 and Gnuk 1.2, and explain concrete example of my daily life using GnuPG with Gnuk Token.
GnuPG is an important tool for Free Software Developers and Users, because its development and distribution rely on GnuPG; It might be not well known by its users, because it's there under the floor. Nevertheless, Developers authenticate each other. Source code, binary distribution, or even a single commit are signed. Encrypted by GnuPG, vulnerability reports are exchanged under embargo.
Gnuk Token is an independent USB hardware device which keeps the private keys and computes cryptographic operations. It's firmware is called Gnuk, also Free Software. I designed a reference hardware design, that's FST-01G, by free hardware design under KiCAD.
New features of GnuPG/Gnuk includes modern ECC support like Ed25519/X25519, which key size is smaller, but strong enough.
I use GnuPG with Gnuk Token everyday for my Free Software activities; Accessing OpenSSH servers (of git repositories, of build farm), using encrypted partition on notebook PC, reading/writing encrypted+signed mails, occasionally signing binary packages to upload and signing source code release for GnuPG and libgcrypt.
(I assume my speech in English, but it is acceptable for me to do in Japanese, if requested.) I graduated the University of Electro-Communications, well, long time ago. :-)
I put the GnuPG fund-raising video as "Commercials", because it is only the movie I have recently. If it's irrelevant, please remove.
I put the presentation movie (a part of) of Debconf17.
My presentation slides are available from here (as HTML): https://www.gniibe.org/pdf/opensuse-asia-2017/gniibe-gnupg-gnuk.html
- Date:
- 2017 October 21 - 14:15
- Duration:
- 30 min
- Room:
- Room 2
- Conference:
- openSUSE.Asia Summit 2017
- Language:
- Track:
- FLOSS Security
- Difficulty:
- Medium
- OBS workshop
- Start Time:
- 2017 October 21 13:30
- Room:
- Workshop Space
- How to kdump in openSUSE
- Start Time:
- 2017 October 21 14:15
- Room:
- Main Room