
Ask HN: What offline encryption methods do you use? - KennyFromIT
If you need to communicate with someone offline, how do securely conduct a conversation?<p>Same place, same time? Easy (relatively speaking). How about when you&#x27;re separated by distance and time?
======
shrimp_emoji
This is not offline, but offline seems silly given today's technological
options:

> Both of you generate public/private key pairs

> Both of you spam your public keys to the world (including each other)

>> You might meet offline once, to make sure the public keys you gave each
other were indeed yours (and not a MITM's sending theirs to both of you while
suppressing your actual messages to each other)

>>> This is probably where your actual question's parameters would come into
play, but it only needs to happen once

> You encrypt (using a good cipher) some message into a binary blob with your
> friend's public key and send the encrypted message

>> Only your friend can decrypt this, using their private key which only they
have

> Your friend encrypts their reply with your public key and sends the
> encrypted message to you

>> Only you can decrypt this, using your private key which only you have

E2EE.

~~~
KennyFromIT
> This is not offline, but offline seems silly given today's technological
> options:

Agreed. There aren't many places where you'll be technically limited in
today's world.

However, let's say your're in prison and wants to communicate privately to the
outside world. Or, you're in a place where the government is
actively/extensively monitoring all technology mediums (to the extent that
they could even get your private keys). What are your best options?

~~~
Arbalest
The prison example is clearly the most difficult. Under oppressed governments,
you may still be able to use digital help to create offline communication
parcels. When you're in prison, you have your brain, a pen, paper and if
you're lucky, a secure destruction mechanism that doesn't immediately raise
suspicion.

~~~
shrimp_emoji
>you have your brain, a pen, paper and if you're lucky, a secure destruction
mechanism that doesn't immediately raise suspicion.

It would be absurdly difficult, but you could manually implement Diffie-
Hellman key exchange to generate a secret with the other party without
actually ever communicating it.

Just find a large prime, p (at least 600 digits to be safe).

Then pick an integer g between 1 and p and a random integer x.

Then compute g^x mod p.

Send p, g, and (g^x mod p) to your friend (you can even include these
instructions for them -- it won't affect whether this works).

They take your p, g, and (g^x mod p) and choose a random integer y

They compute g^y mod p and send that back to you.

You take their (g^y mod p) and compute (g^y mod p)^x mod p. This equals g^xy
mod p.

They take your (g^x mod p) and compute (g^x mod p)^y mod p. This also equals
g^xy mod p.

You now share a secure secret key, (g^xy mod p), that you can use for
encryption in a cipher. This is secure if you both chose a random x and y,
which you never shared, and which any attacker would need in order to derive
(g^xy mod p) from the four pieces of information they have: p, g, (g^x mod p),
and (g^y mod p). The discrete log problem makes it computationally-infeasible
to calculate x or y from those values.

Buuuuut then would come the even harder part: encrypting and decrypting
messages (being a human cipher suite) with that secret key. :3 It's just rote
math at that point, but... let's hope you have a lot of time and paper.

------
z1r011
1\. Use PGP / GPG and encode the key as 2D-Barcode for easy key-sharing. 2\.
AES or better block cipher for the payload.

------
ChrisGranger
I haven't had a need to do this, but I suppose you could print out an ASCII-
armored PGP message and snail-mail it to somebody. Of course this still
requires each of you has a computer, just not necessarily an internet
connection.

------
mtmail
Leaving messages at secret places
[https://en.wikipedia.org/wiki/Dead_drop](https://en.wikipedia.org/wiki/Dead_drop)

------
lioeters
Just as a thought exercise, I would consider:

\- Mailing encrypted USB sticks or messages on paper

\- Some kind of steganography: hidden/encoded messages disguised in another
form, like a painting..?

