The Weakest Link in the Cybersecurity Chain: Email

Prof Bill Buchanan OBE FRSE
11 min readApr 27, 2024

How do you actually know it was me who wrote this article? Well, I will prove it. I will take the first paragraph of the introduction, and sign it with my public key [here]. The result is:

 -----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEiBb8oC0vySUyU/b2SKrjbKk649gFAmYsmkkACgkQSKrjbKk6
49gB2RAAhvExjaSEhm7ECA452RfWSlwJEcI+7BZgBMdX+PPn6yYZ5/Kr5saGQ7/E
X9uYnL+ywK7eREN5hfbaPyvJpi8lmTZ7SW7PNXb/Rg1TjLdBGSOmE/RljYdrh8C6
GivqJD/Q/bSr84FwUG8cNw4sNI4PyvlBdqK1diIkF3qLz3bB1TG5feJZNE21p1UV
3NgRjJToQiBkOjvEO2Jehbkh+PhVYR6Ustw/IFBvLVvEq7Pdp9yssxLZ++4lH6j8
PibD0t1fqf3MX2GzgN4Mgi/PyNnOmouLWWe87chLXXC9GLGf2ne+aE/iJxjIVHdq
vqw4+hKR1V89oG9wnZCl3M8p2c3I16kZIjdy25MPWNbnrRMcph8L/H0LIelh95NS
97QklZu8J8guPcqb3PKvHvS2f9C7V0QczJKVkHgBsICxird8sT45sSHH5ZVsk8rW
rc20VxwbXQucJU9QhGrhVBgbdTTPIenZix37ngnTiq3SeqGfrZr6772hUJecAHxY
HTRoJfI2kSv9r+hmS6JTc7CHqNb17lPZUGJ6mntP+5PrmPvnzxUcOgH/HdHioaLL
VSfINbGvlmfuUjV4OUWEJE8aQKpENaBZpy+l3k1yX7MWm6dciTChAbqx6pGCRCCK
88j3GLk/cxzjgE+/dicRSNeCAXUWp5luYpKb75lis1bHKvhrfOo=
=luRO
-----END PGP SIGNATURE-----

Anyone in the world will be able to check this against my public key and know it was me who created this article. The great thing, too, is that if someone changes even a single bit of the message, it will be detected. So, why aren’t we all using this type of method for all our communications?

--

--

Prof Bill Buchanan OBE FRSE
Prof Bill Buchanan OBE FRSE

Written by Prof Bill Buchanan OBE FRSE

Professor of Cryptography. Serial innovator. Believer in fairness, justice & freedom. Based in Edinburgh. Old World Breaker. New World Creator. Building trust.

Responses (8)