[Digikam-users] photograph encryption support

[Old Rocker]

On Wednesday 10 May 2006 11:06, Mikael Lammentausta wrote:

> It would be really convenient if digikam could support also
> encryption (through kgpg) and display a locked icon for files with a
> suffix of asc|gpg|pgp. I encrypt some photographs via Konqueror and
> it's a bit unconvenient.
>
>
> Mikael

There are two reasons for encrypting photographs: having data on your 
computer that cannot be accessed by anybody but yourself, and to send 
the photographs in a secure encrypted form by email.

Taking the second of these two options first, since you are using Kgpg, 
then you will be using gpg to encrypt your photographs.  This can 
easily be done with PGP/MIME, which encrypts the message and any 
attachments.  The drawback is that your recipient must also be using a 
PGP/MIME enabled email program.  PGP/MIME is not a function of gpg but 
of the MUA (email program) that uses gpg.  KMail provides this function 
natively, as does Sylpheed and Sylpheed-Claws.  Thunderbird and the 
email part of Seamonkey and Mozilla suites require you to install 
Enigmail for gpg encryption of mail, but this also includes the 
PGP/MIME element.  So if you are sending photographs by email, the 
tools are available without you having first to encrypt the attachment.

As far as encrypting photographs themselves through gpg, it is a two 
part process.  Because of its historical roots, the OpenPGP standard 
(which gpg follows strictly) encrypts only us-ascii based characters.  
Therefore photographs need to be converted to a convenient text base so 
that the photographic data can be portrayed textually and encrypted by 
gpg.  The most usual systems used are uuencode, base64, and yenc, but 
clearly if a photograph is encrypted, gpg must be present to decrypt it 
and then a conversion program must be present to reform the photograph.  
Most comprehensive newsreaders do the decoding on the fly - but not the 
decryption, and it would need to be decrypted before decoding.

You could of course use S/MIME which is the encryption method built into 
most browsers to do the same thing, and then you could use your browser 
for quick decryption of your photograph.  S/MIME is not the same thing 
as gpg or PGP/MIME, and requires you to obtain a verification 
certificate from a third party.  For all normal uses S/MIME is 
perfectly secure but the introduction of a third party, plus the nature 
of S/MIME, makes gpg a much more secure system.

You seem to be using digiKam as a comprehensive front end for graphic 
editing tools.  With respect to the developers I never thought it to be 
that, and there is no reason why you cannot move files with the 
suffix .asc, .gpg or .pgp to another directory yourself.  You could 
find them through Krusader without firing up digiKam, although S/MIME 
decryption would not be possible

I do not think it reasonable for digiKam - being a front end for gphoto2 
and therefore a program for downloading digital images from cameras - 
to have this functionality.  There is a case for Kgpg incorporating the 
function of encrypting and decrypting a binary file, but not digiKam.  
Perhaps you should refer your suggestion to the Kgpg mailing list or 
even the Enigmail and GnuPG-Users lists.
-- 

Old Rocker





-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 243 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/digikam-users/attachments/20060511/ae8616c2/attachment.sig>