Resources for the global digital safety training community.
Credits
Last Updated 2013-03In this Activity, trainers will use props and themes from the story of Shakespeare's Romeo and Juliet to help participants understand the concept of PGP encryption. Note that this Activity addresses the concept of encryption through metaphor only.
Because of the comparatively complex nature of explaining PGP encryption using props and metaphors, we’ve outlined the basic sequence of the entire Activity here below:
Furthermore, here are some important concept and associations to establish from the beginning, to facilitate the process and help avoid participants getting lost:
Associate the concept of “public key” with the term “lockbox” but avoid using the word “key” initially. Later on, as the concept is being expanded, you can include the word “public” with “lockbox”.
Associate the concept of “private key” with the term “lockbox key” and keep repeating the words “key” and “private” in this association to further reinforce the concept throughout.
Start by describing “one-way encryption” (messages from Romeo to Juliet) first; then, repeat that concept, expanding to putting small photos or other items in the lockbox, before introducing the reciprocal (messages from Juliet to Romeo).
Identify a participant as Romeo and another as Juliet. Divide the participants into two families and communities around the above participants; then, describe the situation as follows:
Here, you can ask for someone to be a parent, another the family elder, etc.
They regularly exchange letters related to their club-work, which are constantly being read by everyone along the way.
Ask Romeo to write a letter to Juliet: -Put “to:” & “from:” addresses on the envelope; -Have it be delivered to Juliet via several people in the village.
Now, tell them that Romeo and Juliet fall in love, and would like to exchange personal notes, but are worried that the village will know of their affair. Then, one day, a PGP Gnome or Crypto Gnome appears in a meadow where Juliet is napping (the trainer plays this role), and provides Juliet with the following instructions and items:
Hand Juliet one of the lockboxes, and continue with:
Hand Juliet the key to the lockbox; then, continue with:
A helpful metaphor for self-authentication via password: “the private key will imprint itself on you the first time, with your kiss. Thereafter it will only work after you kiss it to tell it that it is you who are using it and no one else. From this point on, the key will only work with your kiss.”
Ask Juliet to give the lockbox to Romeo at the next youth club meeting, and to then tell him what to do with it - give them a chance to articulate what the purpose of the lockbox is to Romeo. Ask Romeo to write a note to Juliet, place it in the box, put the to: & from: addresses on the outside, and send the message.
Ask Juliet to open the lockbox and review the content; optionally, you can ask them if they want to share the content with the village. This step can be repeated, where the PGP Gnome/Trainer has to “magically” give back the lockbox to Romeo, for transferring other items such as photos, or small gifts (as a metaphor for email attachments).
Ask Participants:
Answer: Juliet gives the butcher a lockbox!
Answer: Anyone!
Begin associating the word “public” with the ‘lockbox’ here - Juliet can leave a lockbox in the lockbox-tree in the village (a metaphor for describing the keyserver concept). This will help to reinforce the public aspect of the lockbox.
At some point after Juliet has opened, or “decrypted”, the second message with attachments, begin the next part of the story introducing Romeo’s keypair by asking questions, repeating and/or correcting as needed.
Ask Participants:
Answer: Romeo will need a lockbox of his own!
Answer: No, as Juliet is the only one who can open her lockbox using her private key!
Answer: His own lockbox!
Answer: the PGP-Gnome/Trainer, a metaphor for GPGTools, Enigmail, and/or other PGP keypair generating tools!
Provide Romeo with his own lockbox and key. Use this to review and repeat the concepts, associating them with the elements of PGP:
For the Discussion, pose the following questions to participants, in addition to any needed review of the concepts introduced during the Activity: