We all know PGP is old and got a myriad of problems, like key management.
Thus, I'm looking for a generic encryption and signing tool that also available on mobile devices, both Android and iOS.
I know age+minisign is the preferred choice but unfortunately there ain't an mobile app for them.
I know Magic Wormhole is great for P2P data transfer but it's slow and not reliable. I often have corrupted files even the size is small. I would much rather encrypt locally, upload to GDrive, and share it.
I know Signal, WhatsApp and other messaging apps now offers E2EE to exchange many data forms but the political sphere is shifting and given the current trend, they might forced to backdoor the protocol, drop E2EE entirely, or cease operation. Something independent from messaging tool is needed.
I'm not seeking perfect forward secrecy as that wasn't achievable for non conversations use case unless parties manually negotiate a session key.
I don't care the web of trust either. Putting PII on a key server for public viewing doesn't fit today's privacy trend.
Nor anonymity. I'm talking to my family members and friends and I don't find a reason to hide that. The only thing matters is the content.
While it will be great to follow some kind of widely used standards, it is not a requirement.
Thanks for the input.
EDIT: Added GPG to the title
There are plenty of technologies (age & minisign are indeed highly regarded) but what we are missing is standards. This is why you're not finding broad support. Especially in email, where there's X.509, PGP, and nothing else.
You mention a variety of use cases, some of which have accepted standards for encryption (eg OMEMO, S/MIMIE), but it sounds as if you're looking for one generic encryption app to use with everything, no matter how out-of-band or awkward?
Briar and SimpleX seemed decent the last time I looked into this.
-
https://briarproject.org/
-
https://simplex.chat/
I ended up using neither because I don't need privacy when talking to myself.
oh briar looks promising. I've been looking for a simple e2ee chat app that doesn't involve the internet. thanks!
Thanks for the input, yet I'm looking for generic encryption and signing tool. Not mesaaging app.
Got it. So more for data at rest rather than handling the sending too?
SimpleX does file transfer pretty well, not sure about Briar now that I think about it.
-
Xmpp/jabber mobile client https://github.com/iNPUTmice/Conversations
Or matrix protocol So clients like element,shildichat.
I think PGP is the only player in town as a general purpose encryption and signing tool TBH... The other alternatives I hear get mentioned are just e2ee messaging apps and platforms
Ain't Keybase dead already after aquired by Zoom? And using PGP/GPG underneath.
The infrastructure is still maintained, and the client is still being developed/updated (slowly). . You might be able to keep adding PGP keys, but newly-generated device keys have been NaCl keys for a while.
