How to use GnuPG to encrypt messages for GKC ARGs as well as team communications

hexaheximal · April 2, 2024, 6:42pm

Okay, umm… this might seem off-topic, but hear me out on this one.

Imagine that you have text in your map that you want to encrypt, to make it into an interesting puzzle. But you don’t want to use a weak cipher and need strong cryptography.

This is where GnuPG comes in. GnuPG, often shortened to GPG, is an implementation of PGP created by the Free Software Foundation. It makes complex cryptography very easy-to-use.

First of all, you obviously need to install it.

On Debian, Ubuntu, and other Debian-based linux distributions, you can just use a single command to install it (~~take that, windows users!~~): sudo apt install gnupg

If you are on Windows, gpg4win is probably what you want (it’s linked to on the official GnuPG website), although I haven’t personally used it before.

Passphrase-based Encryption

This is the easiest-to-understand thing you can do with GnuPG, and for encrypted text in maps this is probably what you want.

Here’s an example:

gpg --output output.gpg --symmetric --quiet --armor --cipher-algo AES256 --compress-algo none message.txt

Here’s a breakdown of the command-line flags:

--output output.gpg sets the output file path to output.gpg - This is where the encrypted version will be stored.
--symmetric tells GnuPG that we want to encrypt a file with symmetric encryption
--quiet prevents GnuPG from showing other information (warnings, etc.) that we don’t care about. Feel free to remove this if you want to have some extra fun!
--armor switches the output encoding from a binary encoding format to a text-based one which uses Base64.
--cipher-algo AES256 sets the encryption algorithm to AES-256. As of writing this AES-256 is most likely what you want to use.
--compress-algo none turns off compression. If you are encrypting large files, change none to zlib, as it will reduce the output size in many cases.
message.txt is the name of the input file to encrypt.

For more information I would actually recommend reading the guide by NASA on using GnuPG for symmetric encryption.

Examples

Hello, World!, encrypted with the passphrase password using AES-256 and no compression:

-----BEGIN PGP MESSAGE-----

jA0ECQMC/hR8RLQScIb/0k4BJh+u63kCDVjxQEMWA/Y8TNc1IyxWKbdN4ZPooKIY
V7tmA58EkQQObELHKwVPGTV3cv71KIylR3fQ1XdoEQtgQN9Ick+dNx+P3AorjYI=
=97vM
-----END PGP MESSAGE-----

Blackfox45666 · April 2, 2024, 6:43pm

ooooo sounds awesome cant to try and test it out but I might not be able to…

Cyan_Tiger_Reigns · April 2, 2024, 6:45pm

Oh I need to download it…

Cyan_Tiger_Reigns · April 2, 2024, 6:45pm

Is this only for Windows?

hexaheximal · April 2, 2024, 6:47pm

There are ways to use GnuPG encryption in a web browser (ProtonMail does this, for example), but I’m not aware of a tool that lets you just input the passphrase, input the data, and encrypt it, all in a web browser. If anyone wants it I could obviously just make one myself though - there are already existing libraries that make this rather easy.

Cyan_Tiger_Reigns · April 2, 2024, 6:47pm

Can I use it on Chrome?

hexaheximal · April 2, 2024, 6:48pm

No. It works on (GNU/)Linux, MacOS, and Windows, although I have personally only used it on GNU/Linux.

hexaheximal · April 2, 2024, 6:48pm

If you can find a browser app that can do it, sure! However, GnuPG itself is a native command line program, not a browser app.

getrithekd · April 2, 2024, 6:48pm

You’re supposed to run it on shell script…

Cyan_Tiger_Reigns · April 2, 2024, 6:50pm

Shell Script? I’m not used to code

eiqcrmeliutgwhc · April 2, 2024, 7:04pm

ciphers are amazing but hard (like the vigenere cipher)

but it’s not like everyone can use gnupg

otherwise nice guide

Blackhole927 · April 2, 2024, 7:23pm

Wait but how am I ever gonna use this reasonably in a creative game lol

getrithekd · April 2, 2024, 7:30pm

You encrypt the encryption method in your save code and then use that so that the user can’t cheat and say that they go 1mil cash. Duh

eiqcrmeliutgwhc · April 2, 2024, 7:34pm

how’s about something like those codes in toag/ctf?

also don’t use caesar ciphers (too easy)

Blackhole927 · April 2, 2024, 7:34pm

Invalid use- the guide doesn’t explain how to implement it in gimkit creative so I wouldn’t count that.

hexaheximal · April 2, 2024, 9:37pm

Also, as someone who ACTUALLY understands anti-cheat… encrypting save codes like that will NOT stop people from cheating. I know this from personal experience.

wait.what.626Youtube · April 2, 2024, 9:40pm

this is cool. even though I don’t understand most of the stuff…

DXCTYPE · April 2, 2024, 9:40pm

this man needs a oscar

also am i the only person here who actually understands this???

DXCTYPE · April 2, 2024, 9:42pm

wait what??? as long as they dont know how to encryption works, they cant make their own save code!

hexaheximal · April 2, 2024, 9:43pm

You’re making the assumption that the client-side code can’t be reverse-engineered, which is unbelievably naive. Don’t do that.

Anything that can be sent can be spoofed. Never trust the client.