According to Edward Snowden in his QA session on the Guardian, much of the existing encryption is weak, so the NSA can frequently find ways round it, but there are strong crypto systems that can still be relied on. This means most of the available digital, wireless, wired encryption tools are, to be honest, useless. What is even more fearsome, we are no longer hidden in the depths of our own homes, and even if one doesn’t have access to the Internet, it doesn’t mean they’re being watched. Almost every electronic equipment you use, leaves behind metadata – information generated as you use technology. Examples include the date and time you called somebody or the location from which you last accessed your email. However, if you believe what Snowden says, there are still some tools that help protect privacy and your physical location by providing anonymity as well as encrypting your data. The first one appears to be TOR network – a protective layer that sits between the user and the internet, providing anonymous path between you and the sites you visit. I’m not going to go into details about TOR, you can read about it on the official website. The second one – PGP (Pretty Good Privacy) – a popular program used to encrypt and decrypt e-mail over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender’s identity and know that the message was not changed en route.
- What is GPG?
- How to use GPG?
- Revocation-Certificate.
- How to make your public key public?
- The Keyring.
- Key Signing and Trusted Keys.
- Encryption and Decryption and Signing.
- Further Reading.
What is GPG?
GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories. GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License.
Pretty Good Privacy is a data encryption technology commonly used for encrypting files, especially emails.
How it works?
Source: The Guardian NSA Files
PGP (or GnuPG – a GNU licensed equiuvalent) depends on users having two keys: one public and one private. These two keys can only be used with one another. The sender uses a random key to encrypt the file. They then encrypt the key using their private key and the receiver’s public key. The file and the key are sent to the receiver. The receiver decrypts the key with their private key and the sender’s public key. They then decrypt the file using the key. The receiver could then reciprocate the process using the sender’s public and private keys.
This might seem difficult, but in fact, it’s pretty simple to use. You create your keyring (private and public key). You make your public key available, put it on your website, send it to as many people as possible (the ones you want to contact you in a secure way). Anyone that wants to send you encrypted messages, does so, using your public key. You encrypt them with the private key.
My public key can be found here:
https://pool.sks-keyservers.net:11371/pks/lookup?op=get&search=0x348751C9F9FA286E
How to use it?
Linux comes with all the needed tools pre-installed. On Windows machines, you have to download the GnuPG libraries. If you want to use GnuPG on Windows, head HERE for instructions. There are also lots of tools available that simplify encrypting/decrypting of messages. For the list of GnuPG frontends, head HERE.
Once you’ve installed the tools and libraries, you can create your first key. In your terminal window type:
1 2 3 4 5 6 7 8 9 10 11 12 13 | smith@matrix ~ % gpg --gen-key gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: keyring `/home/bubbl/.gnupg/secring.gpg' created gpg: keyring `/home/bubbl/.gnupg/pubring.gpg' created Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? |
Here we chose the coding algorithm. To be able to encrypt and sign your messages, chose option #1. Next, the program asks you about the length of your key (in bits):
1 2 | RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) |
The default 2048 should be fair enough. Hit Enter. The tool asks us now about the time the key would be valid:
1 2 3 4 5 6 7 | Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days </n><n>w = key expires in n weeks </n><n>m = key expires in n months </n><n>y = key expires in n years Key is valid for? (0)</n> |
The default non expiration is fine, as we’ll also create a revocation key, but about that later on. Hit Enter and move on. The tool will ask you if you’re positive about non expiration:
1 2 | Key does not expire at all Is this correct? (y/N) |
Confirm it with Y
and move on. Now, we provide you data, name, email address and some
comment (could be anything, a quote, our nickname) – this helps a little
to make the key more recognisable.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | GnuPG needs to construct a user ID to identify your key. Real name: Agent Smith Email address: smith@matrix Comment: We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist. You selected this USER-ID: 'Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix>' Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o You need a Passphrase to protect your secret key. Enter passphrase:</smith> |
We provide a passphrase for encrypting/decrypting our messages and move to key generation. It’s good to run a memory-eating process (rsync, opening a lot of webpages) to create lots of randomness and chaos to make your key as random as possible:
1 2 3 4 | We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. |
You might get a message like this at some point:
1 2 | Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 277 more bytes) |
Don’t worry, and keep creating randomness. If nothing happens on the screen, don’t worry either, the key is being created, you need to create more disk shuffling. Once finished, we get a confirmation:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | gpg: /home/smith/.gnupg/trustdb.gpg: trustdb created gpg: key 86BCF5C7 marked as ultimately trusted public and secret key created and signed. gpg: checking the trustdb gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u pub 2048R/86BCF5C7 2013-11-08 Key fingerprint = F0E2 8568 4003 5614 3B22 4172 606F 461A 86BC F5C7 uid Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix> sub 2048R/F627505A 2013-11-08</smith> |
Congratulations! You’ve created you first public and private key! To get a list of available keys in your keyring, type:
gpg --list-keys
The
description is simply anything of your name, email-address, comment or
part of it. So, for our example User-ID being “Agent Smith (We’re not
here because we are free. We’re here because we are not free. There is
no escaping reason. No denying purpose. Because we both know without
purpose, we would not exist.)
- Agent Smith
- agent
- smith@matrix
- matrix
- gent smi
- because.
etc. In our case, the shell output looks like this:
1 2 3 4 5 6 7 8 | /home/smith/.gnupg/pubring.gpg ------------------------------ pub 2048R/86BCF5C7 2013-11-08 uid Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix> sub 2048R/F627505A 2013-11-08</smith> |
You can get even more information if you include -v --fingerprint option in the command:
1 2 3 4 5 6 7 8 9 | smith@matrix ~ % gpg -v --fingerprint smith gpg: using PGP trust model pub 2048R/86BCF5C7 2013-11-08 Key fingerprint = F0E2 8568 4003 5614 3B22 4172 606F 461A 86BC F5C7 uid Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix> sub 2048R/F627505A 2013-11-08</smith> |
The Key-ID (here 86BCF5C7) together with the finger-print (the 10×4 digits) uniquely determines your key. Furthermore it shows that so far only you have signed this key.
Now, it is very important to generate a revocation-certificate.
Revocation-Certificate
So, you’ve created your first key. But what if you wanted to destroy it? Perhaps you think that this is not important at the moment, and basically you are right. However, there is a problem: in a few months or years, a lot of people will know your public key. In case you don’t want to use this particular key any more (maybe you forgot the passphrase, or somebody found it out), you will have to tell everybody. Otherwise, you will be receiving emails encrypted with this key, and will not be able to decrypt them yourself. In order to do so, there is a so-called revocation-certificate. If this certificate is sent to the key-servers the key is definitively wiped-out. It’s best to create the revocation now, as it’s only possible to make one if you know the passphrase. You have to do the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | smith@matrix ~ % gpg -a --gen-revoke ent smi sec 2048R/86BCF5C7 2013-11-08 Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix> Create a revocation certificate for this key? (y/N) y #yes, we want to create one Please select the reason for the revocation: 0 = No reason specified 1 = Key has been compromised 2 = Key is superseded 3 = Key is no longer used Q = Cancel (Probably you want to select 1 here) Your decision? 0 Enter an optional description; end it with an empty line: > #No reason, just creating Reason for revocation: No reason specified (No description given) Is this okay? (y/N) y You need a passphrase to unlock the secret key for user: 'Agent Smith' 2048-bit RSA key, ID 86BCF5C7, created 2013-11-08 Passphrase: #Confirm with your passphrase Revocation certificate created. Please move it to a medium which you can hide away; if Mallory gets access to this certificate he can use it to make your key unusable. It is smart to print this certificate and store it away, just in case your media become unreadable. But have some caution: The print system of your machine might store the data and make it available to others! -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: A revocation certificate should follow LwDpHmkWDXkRwwXVV1C568WicoNG7csMMJcL9ts67ZtKbs7yfuGzktw1OtYdO513 -----END PGP PUBLIC KEY BLOCK-----</smith> |
As you can see, gpg is warning us about risks of making the revocation certificate available to the Mallroy’s (meaning: just anyone). Keep this key safe, best print it out and don’t show to anyone, unless you want to loose your key.
How to make your public key public?
We’ve now reached the point when we can publicize our key. The easiest way of doing so is to use one of the many key-servers. Which one you use, doesn’t really matter as they are connected and update each other at least daily:
1 | gpg --keyserver=hkps://hkps.pool.sks-keyservers.net -a --send-keys <key -ID></key> |
You SHOULD use the sks-keyservers.net server, and HERE is why. And HERE you’ll find instructions on adding certificates to your system.
There
is a small nice feature with gpg. Instead of specifying a key-server
every time you want to submit your key, you can define it in your
config-file. Edit the file ~/.gnupg/gpg.conf. Here, search for “keyserver” and uncomment (or add) the entries:
1 2 3 | keyserver hkps://hkps.pool.sks-keyservers.net keyserver-options ca-cert-file=/usr/local/share/ca-certificates/sks-keyservers.netCA.pem keyserver-options no-honor-keyserver-url |
A second option is to use a web interface. You can access the key-server from your web browser at https://sks-keyservers.net/i/ and copy-paste your public key there. But first, you have to export the key to be able to copy it:
1 | gpg -a --export <description></description> |
Once you submit your key, it becomes public. You can check if your key is already available:
1 | gpg --search-keys <description></description> |
Here you can see our test Agent Smith key in the wild:
https://pool.sks-keyservers.net:11371/pks/lookup?op=vindex&search=0x606F461A86BCF5C7
The Keyring
So far, so good, you can receive encrypted messages, but what if you wanted to send a coded message to your friend? If you used your key to encrypt it, he wouldn’t be able to decrypt it, as he doesn’t have access to your private key (unless you’re foolhardy and gave him your private key alongside with the passphrase). For this task, you need their public key. As it is impractical and tedious to search a key every time on a key-server , you keep your own keyring with all keys of those people you often communicate with. You check the list of your keys with:
1 | gpg -v --list-keys |
At the moment, I guess, the only key in your keyring is the one you’ve just created. If a person you want to exchange secure messages provided you with a file containing their public key, you may add this key to your key-ring in the following way:
1 | gpg --import <filename></filename> |
However, you don’t need to have a file, if a person exported their key to a key server (and I’m sure they did), it is even easier to get the keys directly from the server:
1 2 3 4 5 6 7 8 9 | neo@zion ~ $ gpg --search-keys smith@matrix gpg: searching for 'smith@matrix' from hkp server keys.gnupg.net (1) Agent Smith (We're not here because we are free. We're here because we 2048 bit RSA key 86BCF5C7, created: 2013-11-08 (2) John Smith (We are legion) <agent @matrix.com> 2048 bit RSA key 4DC5C3CC, created: 2012-11-15 (3) Barry F Smith (What is the Matrix?) <bfsmith9 @sover.net> 1024 bit DSA key 8AF21EC3, created: 2005-02-28 Keys 1-3 of 3 for 'smith@matrix'. Enter number(s), N)ext, or Q)uit > 1</bfsmith9></agent> |
We’re provided with a list of possible instances. We choose the one we’re interested with.
1 2 3 4 | gpg: requesting key 86BCF5C7 from hkp server keys.gnupg.net gpg: key 86BCF5C7: public key 'Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix>' imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)</smith> |
If
in doubt (e.g. there are may Agents Smiths out there), we ask the Smith
we know, to send us their public key in a file. Once we’ve chosen the
appropriate key, we have it in our keyring. Once added, we can list our
keys to check if they’ve been added correctly with the mentioned gpg -v --list-keys. Of course you can also remove any key from your keyring (it’s been revoked, you don’t need it any more, etc.) with:
1 | gpg --delete-key <description></description> |
Key Signing and Trusted Keys
GPG solves the problem of the need of exchanging keys in advance, as public and private keys are introduced. However, this creates a new problem: How do I know the key REALLY belongs to the person it is said that it belongs to? Anyone could have created a key under my name and use it and nobody would realize that it’s not me! The only solution to this problem is, that I have to be very careful in accepting other keys, i.e., I have to be sure that key and person belong together. This can be checked by comparing the Key-ID and the fingerprint. This is not really satisfactory, however, you don’t need to be able to check if a key and a person belong together, as long as there are a few friends (that you trust) that confirm a certain key. And this is done by the key-signing. If you sign the public key of another person (by using your key), then you confirm that this key belongs to the person that it should. Therefore, it is important that your key is signed by as many people as possible, and you will probably also sometimes be asked if you would sign a key.
How to sign a key? In order to sign a public key, you must have the key in your keyring. To do so, use the gpg --import or gpg --search-keys . Once we added the key, it’s time to sign it. Type:
1 | smith@matrix ~ % gpg --edit-key matrix |
And you will get to a menu:
1 2 3 4 5 6 7 8 9 10 11 12 13 | gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Secret key is available. pub 2048R/86BCF5C7 created: 2013-11-08 expires: never usage: SC trust: ultimate validity: ultimate sub 2048R/F627505A created: 2013-11-08 expires: never usage: E [ultimate] (1). Agent Smith (We're not here because we are free. (...)) <smith @matrix> gpg> sign ##(with 'help' you get a list of all possible commands)</smith> |
This will ask you:
1 2 3 4 5 6 7 8 9 10 | Are you sure that you want to sign this key with your key 'Agent Smith (We're not here because we are free.(...)) <smith @matrix>' (86BCF5C7) Really sign? (y/N) y #You will be asked for a passphrase. type it in. You need a passphrase to unlock the secret key for user: 'Agent Smith (We're not here because we are free.(...)) </smith><smith @matrix>' 2048-bit RSA key, ID 86BCF5C7, created 2013-11-08</smith> |
Next, we can put a trust on the key:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | gpg> trust pub 2048R/86BCF5C7 created: 2013-11-08 expires: never usage: SC trust: ultimate validity: ultimate sub 2048R/F627505A created: 2013-11-08 expires: never usage: E [ultimate] (1). Agent Smith (We're not here because we are free. We're here because we are not free. There is no escaping reason. No denying purpose. Because we both know without purpose, we would not exist.) <smith @matrix> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y pub 2048R/86BCF5C7 created: 2013-11-08 expires: never usage: SC trust: ultimate validity: ultimate sub 2048R/F627505A created: 2013-11-08 expires: never usage: E [ultimate] (1). Agent Smith (We're not here because we are free.(...)) </smith><smith @matrix> gpg> save</smith> |
After you have signed it, nobody knows about this new signature. Thus, next, the key has to be sent again to the owner of the key or even better back to a key-server. This is done exactly the same way as before:
1 | gpg -a --send-keys <key -ID></key> |
The owner who receives such a newly signed public key only has to include it again into his keyring. As you don’t know when someone has signed your key, it’s good to update your keyring from time to time. You do so by a command:
1 | gpg --refresh-keys |
It will communicate with the key server and update any changes in your keyring.
Encryption and Decryption and Signing
Finally, a few words about using your key.
If you want a simple encryption of a file or a message, whether it’s for you only or for another person, you use the command:
1 | gpg --encrypt --armor --recipient <description> file</description> |
or for short:
1 | gpg -e -a -r <description> file</description> |
This will create an ASCII armoured output (--armor / -a option): file.asc. If the option is not set, the output will be binary and the file named file.gpg.
To decrypt the file again use the following command:
1 | gpg -d -o newdecryptedfile file.asc/gpg |
But remember, you can decrypt the file only and only if the file has been encrypted using YOUR public key. If another key was used, you will not be able to decrypt the file!
If you only want to sign the message without encrypting it to make sure everyone who gets it know it’s coming from you, you can simply sign it:
1 | gpg --sign -a file |
With signing, you don’t have to know a persons public key, they can decrypt it, as it has not been encrypted with any key.
However, it is not very convenient, if you have to write your mail firstly, then encrypt it, and then finally send it. Thus, it would be easier if the mail-program knew how to deal with gpg. Earlier on I’ve wrote about Mutt, and it’s really easy to incorporate gpg with the mail program. Not to make this post horrendously long, I send you to a great tutorial on this matter, on the Mutt website:
Also, for my configuration, check my GitHub repository.
Pingback: Wentook – GNU Privacy Guard – The Basics()