Using Gnu Privacy Guard
Keeping Data Secret, for a Novice GnuPG User
1 Go to www.gnupg.org/download for the official downloads; http://gpg4win.org/for GnuPG for Windows and https://www.gpgtools.org/for GPGTools (OS X). Bob looks intently at his watch, then the departure board, but Sam continues: “Symmetric encryption is easy with GnuPG because I don't have to generate my own public key pair or get someone else's key: I just enter an encryption command and enter a strong passphrase for my encrypted file.
The Simplest Example: GnuPG Symmetric Encrypting Text
Or is it?" says Sam, showing Bob a directory listing4 containing a new file called example.txt.gpg. It'll be hard to remember, but it'll also be hard for anyone to guess.
Decrypting a File (Symmetric Key)
Bob says, "But I'd rather not store a dangerous secret on my disk at all; even if I delete it, it can still be recovered - right?" Sam replies, “Yes, it can often be repaired, but there are ways to make it more difficult. Now please board Sylvania Air Flight 789,” over the intercom, the men finish their drinks and start packing. “Listen Bob,” said Sam, “here's my card: call me if you want to talk more about this .
Encrypting Interactively
Bob examines the card: “Sam Mallory, Counselor,” a phone number, an email address ([email protected]), and a series of letters and numbers that seem meaningless; he then looks up to see Sam standing in line for Bob's flight. I said that if you omit the command but give the file name, GnuPG can figure out what to do with the file if it's an OpenPGP compatible file.” Bob nods as the line moves forward.
ASCII Armor
Bob thinks about this for a moment as the line moves forward and asks, “How does that work?. Sam slips his laptop under his arm as the flight attendant takes his boarding pass and escorts him to the plane.
Command Summary and Review
Review Questions
Now,” says Sam, “you have my public key in your key ring, so you can do public key encryption, but only with me for now. If it's the right key, answer the first prompt with yes, then specify why you're revoking the key.
Selected FAQs on Using GnuPG
Why Use GnuPG
GnuPG is free software with a capital "F", which means not only is the program free to download and share, but the source code is also free to download, use and modify. The original PGP was freeware: that is, the program was free to download, but the source code was not published.
Why Start with the Command Line
Finally, with closed source programs, there are concerns about vendors, including back doors that allow law enforcement agencies easy access to encrypted data. Free and open source software is better because no one can secretly add anything to the code base.
Why Use the Command Line
Getting to the Command Line
Linux: The Terminal application can be launched by pressing the Ctrl-Alt-T key combination or from the Applications menu.
Is GnuPG Even Installed?
I recommend using an OS X/nix system for cryptography; Windows users can use a live-boot version of Linux to get the same functionality with improved overall security. To see which is the latest version of GnuPG, check the GnuPG website, http://www.gnupg.org/.
GnuPG Commands and Options
GnuPG commands issued with a file name but without a specific command are interpreted in the context of the file contents. If the file contains GnuPG data (eg if the file is encrypted or digitally signed), then GnuPG will do the "right thing" with the file: decrypt the file or verify the signature.
Simple Examples
Options: Getting More Information
Options: Text or Binary
This is why there is an option in GnuPG to generate output that encodes all cryptographic data into a form that can be displayed in readable form. ASCII-encrypted results can be saved to a file, cut and pasted into a message, or printed and manually re-entered into a computer for later decoding.
Command Summary and Review
Review Questions
If you think you're signed with a keyboard, you could be in serious trouble (either someone is actually too interested in your computer activities, or you're delusional). If you're using a flash drive and can hide it well when not in use, it should be fine.
Public Keys
Getting Someone ’ s Public Key
In this case, you put the name of the public key you just imported6 in quotes. Finally, you've given the -ecommand (short for --encrypt), which tells GnuPG to encrypt the recipient's public key.
Generating a Public Key
Bob ponders and says, "OK, that makes sense, but I'm still unclear on what a public key pair is. GnuPG uses one public key pair for encryption, and another for digital signatures," replied Sam.
Why Two Key Pairs?
Key Length
Key Expiration and Key Revocation
Or even if you've chosen a password you thought you could remember, it's easy to forget if you don't use it often enough,” says Sam. Sam says, “Revoking a key is basically telling the world that you're no longer using the key and telling people, 'don't use this encryption key for me.'
Reasons for Key Revocation
Sam continues, “But you know how I said that if you forget your password, you have to cancel your key. So you can still revoke the key even if you lose your password.
Generating a Public Key Pair, Completed
If you are going to use GnuPG for protection, you should be careful about managing your public key and keep it safe.” Sam says, “Later I'll show you how to revoke keys8. So, Bob, now you have a public key pair to play with, at least until it expires tomorrow.
Exporting a Public Key
But if she's sniffing your internet connection, she'll know you've uploaded a key to the keyserver, and she'll know your public key. I have your public key now, so let me encrypt a file for you and send it back; read the file and you will understand.” Sam stands up, pointing to the bathroom and says, "If you'll excuse me?".
Command Summary and Review
Bob muttered "How does he know so much about me?" while Sam, oblivious, continues: “If you send your key to a key server, Eve has a much harder time figuring out who's going to send you a ciphertext, because she has no way of knowing who gets your public key from the server. That way, it might not be as obvious to Eve that you're exchanging some cipher text with someone, and it should be harder for her to figure out who the other person is.
Review Questions
This is one of the biggest problems with public key encryption: how do you trust that the public key you're looking at belongs to the person requesting it. Therefore, never leave your computer on when you are not using it or when it is out of your control.
Public Key Functions
Decrypting and Verifying
If my passphrase is cached, I never have to leave an authenticated terminal session: anyone can go up and decrypt all my ciphertext without entering a passphrase; if they have software that can copy the contents of system memory, they can also discover my passphrase!” Sam waits to see if Bobby is getting this; then continues, "For now, remember to close all GnuPG terminal sessions, exit the terminal program, and shut down your computer when you're not using it." It's one of the most interesting things about the OpenPGP protocol. Sam says as he drinks amber juice from a glass that has recently appeared on his desk.
Web of Trust
You can still use GnuPG without thinking about the web of trust - it's easy if you don't have a lot of keys and mostly get them personally. Sam points to the shortlist and says, "You only have two keys in your keychain so it's nothing special, but you can also tell GnuPG to list the keys that match 'Sam' using the command gpg -k Sam .” Bob tries and says, “That's good to know.
Encrypt and Sign
Your signature is now displayed on my key,” says Sam. “Look at that L over there. The number 3 in the line above it is part of my own signature on my own key, the 3 means fully trusted6.
Benefits of Digital Signatures
We'll also set up some duress codes for you, so if you're detected you can signal me without tripping the SSS - or your wife." Yes," said Sam: "Jone will be you going on with Alice , that lovely graduate student at Menotomy University.
Command Summary and Review
I can't wait to see our kitten Walter-- if only you'd bring him to the airport when you come to pick me up.
Review Questions
If this is a string, the keyserver returns any public key with this string in the name, email address, or comment. Checking the hash value is good, but it's not always good enough, especially when you're comparing to a hash that's sent directly with the download - you need to be sure that the hash you're comparing is trustworthy.” Sam continues, “Best is to use signature and signing keys.”.
More About Signatures
More About Signatures
Sam explains: “When signing, GnuPG first calculates the signature itself on the original data. Signing before encryption means that the signature is also encrypted, keeping details about the source of the data (who signed it) private.
Digital Signature Types
Sam continues: "The signature is done in the original text because that's what is being signed - the signature is meant to be proof that the owner of the public key created or approved the data being signed. The only way to derive any data from the signature itself is to 'verify' the file -- but this is done by extracting the plaintext after signature verification and extracting the compressed data before verification.
Signing and Verifying, Summarized
An attached digital signature can make verification easier, but it also makes verification mandatory for using the file or data. GnuPG detects that the file specified in the command, example.txt.gpg, contains a signature for a file named example.
Review Questions
GnuPG tells me about the key (so I can make sure it's the one I want to edit), and gives me this new prompt, gpg. If you take the hard drive out and put it on another system, or if you boot from a rescue disk, you'll only see ciphertext." Sam pauses expectantly, so Bob asks, "If it's all encrypted, how can I get any of use the data on it.
Working with Public Keys
Trusting a Public Key
The obvious way is to examine the entire public key and make sure it is exactly correct - because a public key must be exactly correct. An attacker may be able to remove the legitimate public key on my website, but it is more difficult to replace a key on a printed page in a library book.
Using Keyservers
If you're sending or receiving specific keys, you need to specify a key ID—using a string from the keyholder information won't work," Sam points out, "but you can use a string to query a key server, and if there are multiple hits, you will be prompted to specify which one you want and GnuPG retrieves it for you.”. A few other things: with the --refresh switches, the search term is optional; if you leave it out, GnuPG will update your entire key from the keyserver.
Review Questions
If you revoke a key by choice, you have the advantage of being able to plan how you do it. If you don't want to generate a revocation certificate, you can use the --edit-key command--as long as you have your key passphrase," Sam replied. "You still need to update a key server to publish the revocation.
Editing and Revoking a Public Key
Editing Keys
4 Enter the command gpg --edit-key key-idrevsig and you will be asked about which signatures to revoke. Log in and if you've made changes that haven't been saved, GnuPG may ask you to save before exiting.
Revoking a Key
Sam replies, “Yes, we could use them, but it's better to get the key ID if you have more than one key with the same name or email; The key ID is unique.". And that's all; if you want to see that your revocation has been accepted by the key server, you will need to check the key server directly and look up the key ID.".
Command Summary and Review
Review Questions
If you were to use a passphrase with only lowercase letters, you'd have far fewer possible combinations: it would be 26 (number of lowercase letters) raised to the power of ten: 2610. It's bad enough that the system doesn't forget your passphrase, but if you actively ask the system to save it for you then you have a problem.”.
Security Practices and Tips
Verifying Software Downloads
One way to do that is to make you think it's software you really want,” Sam begins. The hash itself provides no information about the owner or publisher of the file (as a digital signature does), but it does give an indication of whether the file you are downloading is the same as the one originally published online.” Sam finishes.
Passphrases: Doing Them Right
Sam, you have mentioned using strong passphrases several times, can you explain what you mean by that?”. If it takes 1 second to try each single character passphrase, you should spend between 1 and 95 seconds to crack it, but on average you can expect to spend about 43 seconds.”.
Dangers of RAM Cache and Other System Artifacts
I wouldn't use that because it's obvious, but you could use any other phrase or string that you likely know and remember, but that an attacker wouldn't know. Remember, even though passphrases and plaintexts may not be written to files, they can still be vulnerable when your computer is on because that data is in RAM. Sam adds, "You should also be careful with your command history when using GnuPG on the command line."
Full Disk Encryption
It's very easy, too; you can get the step-by-step details online, it's different on Windows, OS X and Linux, but not too difficult. But Sam, in that case, when I'm using the computer, it's like the drive isn't encrypted and my whole system is an open book," Bob asks, adding uncertainly, "Isn't it?"
Encrypting Your System Hard Drive FAQ
This means that TrueCrypt is not included in any major Linux distribution, but is still the leading non-commercial FDE solution on any OS. Because it's free, popular, and source code is available, TrueCrypt should be a convenient solution for users on any platform.
