The document provides an overview of practical cryptography and the GPG/PGP encryption tools. It discusses symmetric and public key cryptography theory. It then demonstrates how to use GPG/PGP to generate keys, encrypt and decrypt files, digitally sign documents, verify signatures, and distribute public keys through a key server. It also discusses how the web of trust model works to validate identities through in-person key signing after carefully verifying a user's identity.

1. Practical Cryptography
A User's Guide
Hugo Mills

2. What's in this talk
● Introduction & Theory
– Symmetric Crypto
– Public Key Crypto
– Encryption and signing
● GPG/PGP
– What it is
– Key creation and basic management
– Encryption & decryption
– Signing
– Key management

3. What's in the next talk(s)?
● gpg
– Mail client integration; GUIs
● ssh
– Key creation; Use; Key management; Agents
● X.509 certificates
– Generating certs; Management in browsers;
Apache and HTTPS

4. Theory: Traditional Crypto
Hello, QRGEF
World AJJTO
Symmetric Cryptography

5. Theory: Traditional Crypto
Hello, Hello,
World World
QRGEF QRGEF
AJJTO AJJTO

6. Symmetric systems
● DES
● 3DES
● AES (Rijndael)
● Blowfish
● Twofish

7. Theory: Public Key Crypto
A
Hello, QRGEF
World AJJTO
B

8. Theory: Public Key Crypto
Hello, Hello,
World World
A B
QRGEF QRGEF
AJJTO AJJTO

9. Public/Private Keys
● Public Key ● Private key
– Can be seen by – Must be kept secret
anyone – Can be used to find
– System still secure matching public
key
B
A
● Keys generated together as a keypair

10. Public-key systems
● RSA
● ElGamal
● DSA

11. The Important Bit
What one key does,
the other undoes.

12. Theory: Signatures
Hello,
World
B
A
Hello, Hello,
World World
20958 20958

13. Part 2
GPG (PGP)

14. GPG: What does it do?
● Everything:
– Encryption
– Decryption
– Signing
– Signature checking
– Web of trust

15. Key creation
$ gpg --gen-key
...
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits
long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits

16. Key creation
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 5y
Key expires at Wed 30 Jan 2013 14:28:40 GMT
Is this correct? (y/N) y

17. Key creation
You need a user ID to identify your key; the
software constructs the user ID
from the Real Name, Comment and Email Address in
this form:
"Heinrich Heine (Der Dichter) <heinrichh@...>"
Real name: Harry Pearce
Email address: pearceh@mi5.gov.uk
Comment: Section D
You selected this USER-ID:
"Harry Pearce (Section D) <pearceh@mi5.gov.uk>"
Change (N)ame, (C)omment, (E)mail or
(O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.
Enter passphrase:

18. Key creation
gpg: key 603652F2 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2013-01-30
pub 1024D/603652F2 2008-02-01 [expires: 2013-01-30]
Key fingerprint = 628B 640D A7A6 4F98 D746 E355 8B26 B823 6036 52F2
uid Harry Pearce (Head of Section D) <pearceh@mi5.gov.uk>
sub 2048g/FFC30BC8 2008-02-01 [expires: 2013-01-30]
All done, keypair created.

19. Encryption
pearce@willow:~$ ls
my-secrets.txt
pearce@willow:~$ cat my-secrets.txt
Section D personnel
Carter, Adam
Younis, Zafar
Portman, Jo
Wynn-Jones, Malcolm
James, Connie

20. Encryption
$ gpg -e my-secrets.txt
You did not specify a user ID. (you may use "-r")
Current recipients:
Enter the user ID. End with an empty line:
pearceh@mi5.gov.uk
Current recipients:
2048g/0FC718A8 2007-12-07 "Harry Pearce (Head of
Section D) <pearceh@mi5.gov.uk>"
Enter the user ID. End with an empty line:
$ ls
my-secrets.txt my-secrets.txt.gpg

21. Decryption
pearce@willow:~$ gpg -d my-secrets.txt.gpg
You need a passphrase to unlock the secret key for
user: “Harry Pearce (Section D) <pearceh@mi5.gov.uk>”
2048-bit ELG-E key, ID FFC30BC8, created 2008-02-01
(main key ID 603652F2)
Enter passphrase:
Section D personnel
Carter, Adam
Younis, Zafar
Portman, Jo
Wynn-Jones, Malcolm
James, Connie

22. Signatures
pearce@willow:~$ cat will.txt
In the event of my death, I hereby leave all my
worldly goods and chattels to the Battersea Dogs Home.
Harry Pearce.
pearce@willow:~$ gpg --clearsign will.txt
You need a passphrase to unlock the secret key for
user: "Harry Pearce (Section D) <pearceh@mi5.gov.uk>"
1024-bit DSA key, ID 603652F2, created 2008-02-01
pearce@willow:~$ ls
my-secrets.txt my-secrets.txt.gpg will.txt
will.txt.asc

23. Signatures
pearce@willow:~$ cat will.txt.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In the event of my death, I hereby leave all my
worldly goods and chattels
to the Battersea Dogs Home.
Harry Pearce.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHoztsiya4I2A2UvIRAqHrAJ9SzWJkBcBQepCIrtZNTTz8gd
qBuACfXlC2
rWl83jYJKlJbmNx7THQRIWw=
=mBj0
-----END PGP SIGNATURE-----

24. Verify a signature
pearce@willow:~$ gpg --verify will.txt.asc
gpg: Signature made Fri 01 Feb 2008 15:31:56 GMT
using DSA key ID 603652F2
gpg: Good signature from "Harry Pearce (Section
D) <pearceh@mi5.gov.uk>"

25. Key Distribution
● Q. How to get your public key to someone?
● A. A Public Key server!
●
● Upload your key to the server
● Others can download it
– Verify your signatures
– Encrypt files for you to read

26. Key Distribution
pearceh@willow:~$ gpg --send-keys --keyserver
wwwkeys.uk.pgp.net 603652F2
gpg: sending key 603652F2 to hkp server
wwwkeys.uk.pgp.net

27. Key Distribution
pearce@willow:~$ gpg --recv-keys --keyserver
wwwkeys.uk.pgp.net EA2B228F
gpg: requesting key EA2B228F from hkp server
wwwkeys.uk.pgp.net
gpg: key EA2B228F: public key "Hugo Mills (University
of Southampton) <hugo@omii.ac.uk>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP
trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q,
0n, 0m, 0f, 1u
gpg: next trustdb check due at 2013-01-30
gpg: Total number processed: 1
gpg: imported: 1

28. Web Of Trust
● Q. How do I know the key is good?
● A. Web of Trust
●
● Signing a key
– I have verified the identity of the person
– I have verified that this key is controlled by
that person
– I trust this person to perform those same
checks well

29. Web Of Trust
A A
A
A
A A
? A

30. Keysigning
● Signing a key is a statement that:
– I believe and have verified that this key is
controlled by a person matching the identity
in the key
– I trust this person to perform similarly good
identity checks
●
● Beforehand
– gpg --fingerprint 603652F2
– Print out several copies on slips of paper

31. Keysigning
● When you meet
– Exchange fingerprint slips and ID papers
– Check ID papers against person (does the
photo match?)
– Check ID papers against the key details
– Initial the slip and keep it
– Hand papers back
● What to accept for ID?
– Passport, national ID card, photo driving
license, other government-issued photo ID
– Some people only accept passport – up to you

32. Keysigning
● After you meet
– gpg --recv-keys keyid
– gpg --fingerprint keyid
● Check this with the fingerprint on paper
– dd if=/dev/urandom count=64 bs=1 |
hexdump >person.gpg
● Encrypt and mail it to their email addresses,
asking for it to be returned to you.
– Check the returned mail against the copy you
kept
– Sign and upload the key

33. Keysigning
pearce@willow:~$ gpg --ask-cert-level --sign-key EA2B228F
[...]
pub 1024D/EA2B228F created: 2007-09-06 expires: 2009-09-05
usage: SC
trust: unknown validity: unknown
Primary key fingerprint: 8995 11CC 3CA7 690C C09E 43B3 420D F030
EA2B 228F
Hugo Mills (University of Southampton) <hugo@omii.ac.uk>
This key is due to expire on 2009-09-05.
How carefully have you verified the key you are about to sign
actually belongs
to the person named above? If you don't know what to answer,
enter "0".
(0) I will not answer. (default)
(1) I have not checked at all.
(2) I have done casual checking.
(3) I have done very careful checking.

34. Keysigning
Your selection? (enter `?' for more information): 3
Are you sure that you want to sign this key with your
key "Harry Pearce (Section D) <pearceh@mi5.gov.uk>" (603652F2)
I have checked this key very carefully.
Really sign? (y/N) y
You need a passphrase to unlock the secret key for
user: "Harry Pearce (Section D) <pearceh@mi5.gov.uk>"
1024-bit DSA key, ID 603652F2, created 2008-02-01
passphrase
pearce@willow:~$ gpg --send-keys EA2B228F
gpg: sending key EA2B228F to hkp server wwwkeys.uk.pgp.net
All done.

35. Key Management
● List public keys
– gpg --list-keys
● List public keys and their fingerprints
– gpg --fingerprint
● List public keys and their signatures
– gpg --list-sigs
● Can do this for a particular key using key
ID, name or email address to search

36. Key Management
● gpg --edit-key
– Interactive key viewer and editor
– Sign keys, check signatures, remove sigs
– Add/remove subkeys (other identities, email
addresses, etc)
– Change trust parameters
– Revoke keys
– Option to save changes on exit

37. Key Revocation
● If your key becomes compromised, or
otherwise defunct
– Private key file lost, stolen or compromised
– Lost passphrase
– No longer used
– Newer key in use
● Use a revocation certificate to cancel your
key
● Generate cert when you generate key

38. Key revocation
● Generate a revocation cert
– gpg --gen-revoke 603652F2 >revoke.gpg
● Best when you generate the key
● Keep this file safe
● To revoke the key, import it into GPG
– gpg --import <revoke.gpg
– gpg --send-keys 603652F2

39. Further reading
● gpg --edit-key has a “help” command
● http://gnupg.org/

40. Any questions?