Practical Cryptography A Users Guide Hugo Mills
Whats in this talk● Introduction & Theory – Symmetric Crypto – Public Key Crypto – Encryption and signing● GPG/PGP – What it is – Key creation and basic management – Encryption & decryption – Signing – Key management
Whats in the next talk(s)?● gpg – Mail client integration; GUIs● ssh – Key creation; Use; Key management; Agents● X.509 certificates – Generating certs; Management in browsers; Apache and HTTPS
Theory: Traditional CryptoHello, QRGEFWorld AJJTO Symmetric Cryptography
Theory: Traditional CryptoHello, Hello,World WorldQRGEF QRGEF AJJTO AJJTO
GPG: What does it do?● Everything: – Encryption – Decryption – Signing – Signature checking – Web of trust
Key creation$ gpg --gen-key...Please select what kind of key you want: (1) DSA and Elgamal (default) (2) DSA (sign only) (5) RSA (sign only)Your selection? 1DSA keypair will have 1024 bits.ELG-E keys may be between 1024 and 4096 bitslong.What keysize do you want? (2048) 2048Requested keysize is 2048 bits
Key creationPlease specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n yearsKey is valid for? (0) 5yKey expires at Wed 30 Jan 2013 14:28:40 GMTIs this correct? (y/N) y
Key creationYou need a user ID to identify your key; thesoftware constructs the user IDfrom the Real Name, Comment and Email Address inthis form:"Heinrich Heine (Der Dichter) <heinrichh@...>"Real name: Harry PearceEmail address: email@example.comComment: Section DYou selected this USER-ID:"Harry Pearce (Section D) <firstname.lastname@example.org>"Change (N)ame, (C)omment, (E)mail or(O)kay/(Q)uit? oYou need a Passphrase to protect your secret key.Enter passphrase:
Key creationgpg: key 603652F2 marked as ultimately trustedpublic and secret key created and signed.gpg: checking the trustdbgpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust modelgpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1ugpg: next trustdb check due at 2013-01-30pub 1024D/603652F2 2008-02-01 [expires: 2013-01-30] Key fingerprint = 628B 640D A7A6 4F98 D746 E355 8B26 B823 6036 52F2uid Harry Pearce (Head of Section D) <email@example.com>sub 2048g/FFC30BC8 2008-02-01 [expires: 2013-01-30] All done, keypair created.
Encryption$ gpg -e my-secrets.txtYou did not specify a user ID. (you may use "-r")Current recipients:Enter the user ID. End with an empty line:firstname.lastname@example.orgCurrent recipients:2048g/0FC718A8 2007-12-07 "Harry Pearce (Head ofSection D) <email@example.com>"Enter the user ID. End with an empty line:$ lsmy-secrets.txt my-secrets.txt.gpg
Decryptionpearce@willow:~$ gpg -d my-secrets.txt.gpgYou need a passphrase to unlock the secret key foruser: “Harry Pearce (Section D) <firstname.lastname@example.org>”2048-bit ELG-E key, ID FFC30BC8, created 2008-02-01(main key ID 603652F2)Enter passphrase:Section D personnelCarter, AdamYounis, ZafarPortman, JoWynn-Jones, MalcolmJames, Connie
Signaturespearce@willow:~$ cat will.txtIn the event of my death, I hereby leave all myworldly goods and chattels to the Battersea Dogs Home.Harry Pearce.pearce@willow:~$ gpg --clearsign will.txtYou need a passphrase to unlock the secret key foruser: "Harry Pearce (Section D) <email@example.com>"1024-bit DSA key, ID 603652F2, created 2008-02-01pearce@willow:~$ lsmy-secrets.txt my-secrets.txt.gpg will.txtwill.txt.asc
Signaturespearce@willow:~$ cat will.txt.asc-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1In the event of my death, I hereby leave all myworldly goods and chattelsto the Battersea Dogs Home.Harry Pearce.-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)iD8DBQFHoztsiya4I2A2UvIRAqHrAJ9SzWJkBcBQepCIrtZNTTz8gdqBuACfXlC2rWl83jYJKlJbmNx7THQRIWw==mBj0-----END PGP SIGNATURE-----
Verify a signaturepearce@willow:~$ gpg --verify will.txt.ascgpg: Signature made Fri 01 Feb 2008 15:31:56 GMTusing DSA key ID 603652F2gpg: Good signature from "Harry Pearce (SectionD) <firstname.lastname@example.org>"
Key Distribution● Q. How to get your public key to someone?● A. A Public Key server!●● Upload your key to the server● Others can download it – Verify your signatures – Encrypt files for you to read
Key Distributionpearce@willow:~$ gpg --recv-keys --keyserver wwwkeys.uk.pgp.net EA2B228Fgpg: requesting key EA2B228F from hkp serverwwwkeys.uk.pgp.netgpg: key EA2B228F: public key "Hugo Mills (Universityof Southampton) <email@example.com>" importedgpg: 3 marginal(s) needed, 1 complete(s) needed, PGPtrust modelgpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q,0n, 0m, 0f, 1ugpg: next trustdb check due at 2013-01-30gpg: Total number processed: 1gpg: imported: 1
Web Of Trust● Q. How do I know the key is good?● A. Web of Trust●● Signing a key – I have verified the identity of the person – I have verified that this key is controlled by that person – I trust this person to perform those same checks well
Keysigning● Signing a key is a statement that: – I believe and have verified that this key is controlled by a person matching the identity in the key – I trust this person to perform similarly good identity checks●● Beforehand – gpg --fingerprint 603652F2 – Print out several copies on slips of paper
Keysigning● When you meet – Exchange fingerprint slips and ID papers – Check ID papers against person (does the photo match?) – Check ID papers against the key details – Initial the slip and keep it – Hand papers back● What to accept for ID? – Passport, national ID card, photo driving license, other government-issued photo ID – Some people only accept passport – up to you
Keysigning● After you meet – gpg --recv-keys keyid – gpg --fingerprint keyid ● Check this with the fingerprint on paper – dd if=/dev/urandom count=64 bs=1 | hexdump >person.gpg ● Encrypt and mail it to their email addresses, asking for it to be returned to you. – Check the returned mail against the copy you kept – Sign and upload the key
Keysigningpearce@willow:~$ gpg --ask-cert-level --sign-key EA2B228F[...]pub 1024D/EA2B228F created: 2007-09-06 expires: 2009-09-05usage: SC trust: unknown validity: unknown Primary key fingerprint: 8995 11CC 3CA7 690C C09E 43B3 420D F030EA2B 228F Hugo Mills (University of Southampton) <firstname.lastname@example.org>This key is due to expire on 2009-09-05.How carefully have you verified the key you are about to signactually belongsto the person named above? If you dont know what to answer,enter "0". (0) I will not answer. (default) (1) I have not checked at all. (2) I have done casual checking. (3) I have done very careful checking.
KeysigningYour selection? (enter `? for more information): 3Are you sure that you want to sign this key with yourkey "Harry Pearce (Section D) <email@example.com>" (603652F2)I have checked this key very carefully.Really sign? (y/N) yYou need a passphrase to unlock the secret key foruser: "Harry Pearce (Section D) <firstname.lastname@example.org>"1024-bit DSA key, ID 603652F2, created 2008-02-01passphrasepearce@willow:~$ gpg --send-keys EA2B228Fgpg: sending key EA2B228F to hkp server wwwkeys.uk.pgp.netAll done.
Key Management● List public keys – gpg --list-keys● List public keys and their fingerprints – gpg --fingerprint● List public keys and their signatures – gpg --list-sigs● Can do this for a particular key using key ID, name or email address to search
Key Management● gpg --edit-key – Interactive key viewer and editor – Sign keys, check signatures, remove sigs – Add/remove subkeys (other identities, email addresses, etc) – Change trust parameters – Revoke keys – Option to save changes on exit
Key Revocation● If your key becomes compromised, or otherwise defunct – Private key file lost, stolen or compromised – Lost passphrase – No longer used – Newer key in use● Use a revocation certificate to cancel your key● Generate cert when you generate key
Key revocation● Generate a revocation cert – gpg --gen-revoke 603652F2 >revoke.gpg ● Best when you generate the key ● Keep this file safe● To revoke the key, import it into GPG – gpg --import <revoke.gpg – gpg --send-keys 603652F2
Further reading● gpg --edit-key has a “help” command● http://gnupg.org/