Last year at 32c3, I had the idea to run a cryptoparty focused on email encryption at PyLadies Dublin - people had expressed interest in security-related workshops previously, and at 32c3 I realised that I could actually do it (as in I knew enough to teach a workshop for beginners), so why not step up and do it? We hashed out details, and I agreed to do it at the January meetup. So here is a slightly belated recap of the first crypto workshop I ever ran.

We’d discussed everything on Twitter, and when I showed up it turned out that the organiser had not (as I thought she would) realised that my Twitter account was me, so no one knew who would actually do the workshop, and they were all really surprised to see it was me! (Positively surprised, mind you.)

I decided to forego slides and put everything into a hackpad - if you’re interested in the content, that’s where you want to look. It’s much easier to edit and share with participants, and I had to keep the presentation part very short - we only had an hour and a half, which was not ideal, and it meant that I wanted to devote as much time as possible to get people to actually set up their cryptography, and to be able to address questions. If we’d had more time, I’d probably made the talk part of it a bit longer. Either way, the hackpad format worked well enough for me.

It was a relatively small group - we were about 12 people, not counting myself. A couple of people had not brought a laptop, but I hope they still learned something by looking over other people’s shoulders. I’m actually very glad that the group ended up being smaller than usual - I wouldn’t have been able to mentor it on my own for a larger group. Later this year I definitely want to help organise another cryptoparty, with more mentors and maybe a variety of topics.

Anyway, most people walked away with a working setup. One person had a weird problem that I couldn’t help them fix because we were out of time, but they said they had someone to ask for help. I’m very glad that there is a crypto plugin for Gmail these days, because most people were using Gmail, and it would probably have been a stretch (both from a time and usability point of view) to have them all install a mail client - now everyone has their browser plugin and is (mostly) happy.

Next time, I’d probably try and recruit more mentors, even for the same group size. It would probably have been helpful if I’d had at least one other person who could help people troubleshoot as I explained how to set up their tools, or vice versa. I’d definitely try to get more time - an hour and a half is not enough. And I’d spend more time acquainting myself with how to set up the tools on various OS so I actually know the interfaces. That includes tools I use myself. I tend to forget how to set things up once I’ve done it, so it would’ve been a good idea to try to do it again.

All in all, I’m pretty happy about how it turned out. We got very positive feedback from the attendants, and one of them said that she felt empowered by being able to encrypt her email. Exactly the outcome I wanted! I did encourage them to take the hackpad notes, and the resources linked therein, and teach their friends, family and partners, so they’ll actually be able to use their new keypairs - I hope at least some of them do.