This is a draft!
Please give feedback, especially where the description is confusing or breaks the mental model of a hotel/apartment setup. As written, this is mean for fellow digisec trainers to leverage in their explanations, and is not (yet) a document to help people learning PGP by themselves.
There are a ton of ways people have described PGP in specific and public key cryptography more generally - from mixing paint (http://gizmodo.com/5888567/how-to-understand-encryption-using-paint-and-clocks, http://maths.straylight.co.uk/archives/108) to magic lock-boxes and Romeo and Juliet (https://www.level-up.cc/leading-trainings/training-curriculum/activity/love-story). I present another, which uses the experience of a hotel (or, alternatively, apartment buildings with front desk staff) as an analogy which can stretch to cover not just cryptography, but also digital signatures. This is written to explain PGP, but could be adapted for S/MIME and other public key crypto approaches.
You and your friend are attending an event and staying at different hotels - you're at the Hilliot and she's at the Marilton. You're trying to deliver a message, so let's review how you might do this.
Without knowing much other than your friend's name and the hotel they're staying at, you could call you the front desk of your hotel (the Hilliot), and ask them to call Alice's hotel (the Marilton) and pass along the message. This is (almost exactly) how email works today. Of course, now both front desks at both the Hilliot and Marilton know your message, and it's possible they used a courier to send it over, who also knows it. If your message is totally innocent, this may be acceptable to you - it's certainly very easy.
Directly call their hotel's Front Desk (Internal or "TLS" protected email e.g. gmail-to-gmail, internal emails)
If you happen to be staying in the same hotel, you could simplify this a lot - only the front desk would know, with no risk of a random courier or other hotel staff also knowing the message. This is more akin to emailing within your own company, or from one gmail account to another.
Of course, if the message is more sensitive, you want to have even more control over who has access to it... If you know the room number of whoever you want to send a message to, you can physically go to that room and slide the message under the door. In this case, you have to know not only Alice@Marilton, but also another piece of information - her room number.
Now, Alice can give this room number our to anyone; it's not sensitive in any way. Knowing that number doesn't give anyone access to her room - only Alice has the key to open the door itself and get in the room.
In PGP-land, the room number is akin to your public key - you can share it widely. The key to the door itself is your "private key" - it's important to keep this secure, and have an equally secure backup, but you should never share it.
By knowing this room number and slipping your message under the door, you have securely delivered a message to Alice.
It's important to note that as of now, Alice has received a very secure message - she sees the message at her door and knows that only she has the key to get inside the door. While you may have put your name on the message, Alice doesn't know for sure who sent it.
The specific physics gets a bit unwieldly here, but let's consider what happens if you're standing outside Alice's room and you see a message pushed out from under the door. The message is just sitting there in the open hallway, so anyone could read it, but you'd know that only the person who has the key to that room could have pushed that message out.
In PGP-land, this is message signing - to make sense of it, you have to know both the sender's identity (Alice@Marilton) and their room number (their public key) to know that it came from them.
You can sign a message to guarantee it's authenticity without encrypting it, and you can encrypt it without signing it. You can also of course encrypt and sign
- What do you need to send an encrypted message to Alice? (Alice's Name, Hotel, Room number == email address, public key) Discuss: What /don't/ you need? You don't need Alice's key, you don't even need your own hotel room/number/key!!)
- What does Alice need to send you an encrypted message? (same)
- How can Alice prove the message came from you? What information would she need? (Your Name, Hotel, Room number == email address, public key) Discuss: What /doesn't/ Alice need? She does not need a hotel room/number/key herself!
- How can you prove the message came from Alice? What information would you need? (Alice's Name, Hotel, Room number == email address, public key)
Anyone who can break into the room has a chance at accessing the message -- don't share your room key or open the door to strangers.
PGP-encrypted emails by default are stored encrypted even on your laptop, but if someone has ongoing access, they can capture your PGP password and use that to decrypt the message! The best way to defend against this is to make sure you keep your system up to date, keep an anti-virus system running and updated, and most importantly don't click on weird links or download unexpected attachments!
None of this prevents the hotels and even people on the street from tracking you coming in and out of the hotel. Who you're communicating with, and how often you're doing so, are not protected by this. Importantly, PGP specifically does not hide the subject of your email, so it's important to choose something that does not reveal any risky or sensitive content.
If you think of the hotel more like an apartment building, it could even be listed on a public directory. In PGP land, these are key servers. Now, anyone could go and post up a fake listing on the directory, so it's best to not just refer to that listing, but to also confirm it directly with the person.
If you really want to get crazy, you can apply the same concepts of "message signing" to the public directory. You can "sign" other people's keys and post your signature publicly, to help others choose the correct information on a public directory.
Nice explanation! 👍