PGP is Pretty Good Privacy with IDEA.
What is Gnu Privacy Guard?
Cryposystems are Mathematical. The Algos used:
Getting Started with GnuPG.
Exploring the options.
Open PGP Specification – RFC 2440
I need your Public Key, Bob; says Alice.
GPG + Mutt.
Privacy and Security
If Privacy can be outlawed then, only outlaws will have privacy.
– Phillip Zimmermann
“Why I wrote PGP”
Network security problems and privacy is essentially about
What is GnuPrivacy Guard (GPG)?
Free Software Replacement of PGP.
It does not use the Patented IDEA Algorithm for encryption (As
used by PGP)
Supported by German Ministry of Economics and Commerce.
Free Software available by default under all major distros of
Linux, FreeBSD,Solaris and other unices.
The Bottom line
for any Public Key Cryptography
Public Key is for Others to use when encrypting
messages to you and when verifying the
signatures from you.
Private Key is used for creating signatures and for
decrypting messages to you.
Getting Started with GnuPG
Generating a new keypair
Generating a revocation certificate
Exporting a public key
Importing a public key
Encrypting and decrypting documents
Making and verifying signatures
Cocepts of Ciphers
Encryption – Decryption
Public Key Cryptography
How GPG Works – Hybrid
Decryption in GPG
Managing your own keypair
Adding and deleting key components
Revoking key components
Updating a key's expiration time
Validating other keys on your public keyring
Trust in a key's ownerHa
Using trust to validate keys
A chain is only as strong as its weakest link.
Need for Message Signatures
The From header from an email can be easily
The contents of the Message could have altered
from the original one before you read.
Daily use of GnuPG
Defining your security needs
Choosing a key size
Protecting your private key
Selecting expiration dates and using subkeys
Managing your web of trust
Building your web of trust
Using GnuPG legally
Alice Requests Bob for Public Key
What will Bob Do?
Follow these Instructions to generate a Public Key and parcipitate in
secure communication with Alice.
bob@hismachine$ gpg –genkeys
# This will create a KeyPair for Bob, consisting of Public Key
and his Private Key.
bob@hismachine$ gpg –listkeys
# Just checks if his keys are present.
bob@hismachine$ gpg –output bob.publickey –armor –export
# Bob Exports his public key to bob.publickey(File) in ascii
Alice Imports Bobs Key and Sends him an Encrypted File
#opens her favorite MUA, downloads and saves bobs public
Alice@hermachine$gpg –import bob.publickey
#Alice Imports the public key of bob in her king rings.
Alice @hermachine$gpg –listkeys
#Alice checks for the presence of Bobs Key along with her key
ring pairs. /*
Alice has a document gpg.txt which she wants to send it to bob */
Alice @ hermachine $ gpg –output gpg.txtencrypt –encrypt
gpg.txt –recipient bob@hismachine
# Alice has encrypted the file to gpg.txtencrypt
Bob Receives and Gets it!
bob@hismachine $gpg –output gpg.txt –decrypt gpg.txt
This Command likes to verify if Bob is only trying to decrypt it
and it prompts for his passphrase
Bob Provides his passphrase successfully.
The file is decrypted and the original file is obtained.
Hurray! Bob feels delighted
Insecure Memory Warning
On many systems this program should be installed as setuid(root). This is
necessary to lock memory pages. Locking memory pages prevents the
operating system from writing them to disk and thereby keeping your
secret keys really secret. If you get no warning message about insecure
memory your operating system supports locking without being root. The
program drops root privileges as soon as locked memory is allocated.
But running the program as suid root one should be alert to the danger of
Trojan horses. Since a Trojan horse running as superuser can damage an
entire system. If for this reason (or any other reason) you choose not run
GnuPG as root you can switch off the warning by setting nosecmem
warning in ~/.gnupg/options.
PGP Key Signing Party
For establishing the web of trust and spreading the usage
of Gnu Privacy Guard, there can be Key Signing Parties.
Steps to Follow.
Each Attendee creates his key pair
Notes down the Fingerprint and KeyID in some sheet
and brings it along to the key singing party.
Bring some more Identification like Voter Card, Photo
Bank Card, Passport etc.
Each other member verifies each other and notes down
the KeyID and Fingerprint.
OpenPGP Message Format
Popularity of the PGP Software in Secure Communication
led way to the Internet Draft RFC 2440 establishing
OpenPGP message Format for Communication in the
GPG (expect for few options) complies with the OpenPGP
Data Element Formats
Public Keys and all other algorithms needed for Secure
GPA – Privacy Assistant – Gnome.
KGPG – Standard and comes with FC2.
SeaHorse – For Gnome
Pgp dump – Paste your ASCII Armored key and Show the
Keylookup – Utility to fetch keys from keyserver.
A general purpose cryptographic library based on the
code from GnuPG. It provides functions for all
cryptographic building blocks: symmetric ciphers, hash
algorithms, MACs, public key algorithms, large integer
functions, random numbers and a lot of supporting