How to Use OpenPGP Symmetric Encryption with Libre Office and Linux
Benefits
The benefits for using public/private symmetric encryption with libre office are; -
- In a data breach documents will remain secure as long as the private key isn’t also stolen
- Secure in transit on a usb stick
- Only a computer with a copy of the public/private key pair can modify and save changes to the libre document
Steps
- Generate a public/private GPG key pair
- Configure your libre office document
Generate a public/private GPG key pair; -
If you use windows you will have to figure this out on your own, since i am on linux mint.
You could use a graphical user interface like Sea Horse to generate a public private key pair.
But for this article we will do it the console way.
Make sure you can generate quality random entropy.
sudo apt install rng-tools havegedMake sure entropy daemons are running. Then restart your machine.
sudo systemctl status haveged
sudo systemctl status rng-toolsFlush existing entropy and let it build up again.
cat /dev/randomWhile the above command is running. Monitor the entropy pool.
cat /proc/sys/kernel/random/entropy_availThe above command should yield zero. Now stop the cat /dev/random command by pressing ctrl+c.
We are now ready to generate a public private key pair. Check the terminal screen shot below.
We now have a public private key pair in our gpg key store.
To prevent being locked out of your documents, save a copy of this key to a password manager like KeePass.
gpg --export-secret-keys *name of your key* > Research-Documents.keyConfigure your libre office document; -
In libre office got to File →Save As. Then check the encrypt with GPG key check box.
You will be asked which gpg private key you want to use. Select one.
After you click encrypt, your document is now saved.
Document Signing
It is a good idea to sign your document. This is like a tamper evident signature. You want to know if the document was tampered with since the last time you modified it.
In libre office your need to set the view to tabbed mode. Go to View →User Interface… →Tabbed.
Now in the File tab, click digital signatures. Now click Sign Document…
Select the public key. Then click sign.
Click close.
You now have a tamper evident document. If you try to modify it, the signed blue alert status will disappear and change to a warning amber alert.
Conclusion
There are many stories of companies whos private documents were stolen by state sponsored malware. In the event your documents are stolen, at least your raw libre office documents are protected by a symmetric encryption. Just make sure you have a strong password for your private keys.
