Tips on exchange of key files.

Encrypted emails or other files requires that those who are intended to view the contents must have the means to decrypt your messages.

Obviously a weakness in this method is how to exchange key files when doing so in a "plain text" email negates your security. Anyone who intercepts this exchange of keys can then open your secure messages. Any email or other communication that contains a key should not describe what it is or who it is for etc. 

Most Secure:  Hand the recipient the keys in person,(or via drop location ) perhaps on a USB Flash drive or CD.  Don't try to print them out...they are very long and complicated and would be prone to typo's making them useless. You should have encrypted the files on those media and sent password separately.

Second Method:  If the intended recipient's geographical location is too distant for a face-to-face exchange, Place the keys on media like a flash drive or cd etc. and send through the mail...but ENCRYPT the drive first.  In an unsecured email without any explanation send the password to decrypt the physical media. Even if the password is intercepted, it is useless without being in possession of the media.

Third Method: Break up the key and passwords into several different email messages sent via different email accounts. The recipient must know how to reassemble them. Consider using a one-time anonymous email account such as THIS ONE. Be sure to not identify yourself, pass along only the key and follow up with a second anonymous email to confirm.

Update/Change of Keys: Just like regular passwords, you key files are safest when changed often. The disadvantage of getting new keys to your recipients can be eliminated if the recipient, once secure communications are established, has a known location on the web to view your new key files. This location obviously must be private and contain no information as to what that file is.  As long as no one knows who it belongs to it is pretty useless. Use an anonymous file hosting service to post a file with the key with the understanding that your recipients know this location. Set a schedule.


Trick:  Using a common free EXIF reader you can alter the hidden meta-data of a jpg image. You can substitute or add text information such as the password needed to decrypt an encoded file.  Since anyone who wants to can view the EXIF data don't rely on this for absolute security...just as an added trick to slip a brief piece of info into your recipient's hands. A good free one is HERE.