RshqSJS/JqxSJ Hqfubswlrq

1
RshqSJS/JqxSJ Hqfubswlrq

• Wdqqhu Oryhodfh
• Wuldqjoh Olqxa Xvhuv Jurxs
• 11-Dsulo-2002

2
OpenPGP/GnuPG Encryption

• Tanner Lovelace
• Triangle Linux Users Group
• 11-April-2002

3
What is Cryptography?

• Cryptography
• The science of using mathematics to encrypt and
  decrypt data.
• A method of securely sending data over an
  insecure communications medium.
• Cryptanalysis
• The science of analyzing and breaking secure
  communications.
• Cryptology is the combination of the two.

4

• There are two kinds of cryptography in this
  world cryptography that will stop your kid
  sister from reading your files, and cryptography
  that will stop major governments from reading
  your files.
• -- Bruce Schneier, Applied Cryptography

5
Why do you need cryptography?

• Privacy
• Keep communications secret
• Integrity
• Keep communications secure
• Authentication
• Know who youre communicating with
• Nonrepudiation
• A sender shouldnt be able to deny that they sent
  a message

6
Cryptography Background

• Two main types of cryptography
• Symmetric
• Same key encrypts/decrypts
• DES, AES, IDEA
• Asymmetric
• Different keys for encryption/decryption
• Also called public key cryptography
• RSA, Diffie-Hellman, ElGamal

7
Bits, bytes, and Key Lengths, oh my!

• Which is better?
• 128 bit keys?
• 1024 bit keys?
• Answer neither
• Symmetric encryption is much faster than
  asymmetric
• Asymmetric makes communicating with people you
  dont know much easier

8
How does encryption work?
9
How do I know this is secure?

• Symmetric
• The only way to decrypt without the key is to try
  all possible combinations.
• With a 128 bit key, there are 2128 possible
  combinations
• Comparison
• Our sun should go nova in approximately 230 years
• The universe is only 234 years old.
• Asymmetric
• You dont, but smart people think it is.

10
Not Secure?!? Whats up?

• Asymmetric algorithms are built upon certain
  assumptions that have not been proved
• Factoring large numbers
• Computing discrete logrithms
• These are similar to the P vs. NP problem in
  classical computer science
• Which is why you hear the press talking about the
  possibility of codes being broken easily.

11
Public Key Algorithms

• Diffie-Hellman (key exchange)
• First public key algorithm published (1976)
• Whitfield Diffie and Martin Hellman
• Alice and Bob chose a large prime n and another
  number g.
• Alice chooses a random large integer a and sends
  Bob X ga mod n.
• Bob chooses a random large integer b and sends
  Alice Y gb mod n.
• Alice computes k Ya mod n.
• Bob computes k Xb mod n.
• k and k are equal (gab mod n) and cannot be
  computed by someone watching the exchange!

12
Public Key Algorithms

• RSA (Rivest, Shamir, and Adleman) 1977
• Choose two random large prime numbers p and q.
• Compute n pq.
• Choose a number e such that e is between 1 and pq
  and e is relatively prime to (p 1)(q 1).
• Compute d from e (d e-1 mod ((p-1)(q-1)))
• Multiplicative inverse
• To encrypt, calculate c me mod n.
• To decrypt, calculate m cd mod n.

13
What is OpenPGP/GnuPG

• Pretty Good Privacy
• Encryption program written by Phill Zimmerman in
  1991.
• Zimmerman was later criminally charged with
  releasing it on the Internet. (Charges were
  eventually dropped.)
• OpenPGP
• A standard for encrypted/signed messages.
• RFC 2440, November 1998
• Gnu Privacy Guard
• An implementation of OpenPGP.
• Does not use patented algorithms.

14
What can PGP/GnuPG do?

• Encrypt / Decrypt
• Messages
• Files
• Digital Signatures
• Key management
• Create secret and public keys
• Manage a list of keys
• Certify keys
• Revoke or disable keys

15
Encryption

• PGP uses multiple forms of encryption to encrypt
  different parts of a message
• Symmetric encryption fast
• Asymmetric encryption easy to distribute
• Message is encrypted with a symmetric algorithm
• Symmetric session key is encrypted with an
  asymmetric algorithm.
• In addition, the message is compressed
  beforehand, just to remove redundancy that could
  help cryptanalysis.

16
Encryption
17
Encryption

• To encrypt a file, you need to specify options
• Recepient (can be yourself)
• Binary or ascii mode
• Output filename
• Input filename
• gpg -r UID-a o outname e file
• Will also work with streams.

18
Decryption

• Only need to specify the decrypt option
• gpg -d file
• Will prompt for pass phrase

19
Signature

• Integrity
• Message is hashed
• Hash is encrypted with private key
• Message can be hashed again to prove it hasnt
  changed.
• Authentication
• Hash can be decrypted with a public key
• Proves that the private key was used to encrypt.
• But not necessarily that a particular person
  encrypted the message. What?!?

20
Signature

• Can be combined with encryption
• Can be integrated or detached
• gpg a --signfile
• gpg a --detach-signfile
• Detached signatures are useful for signing binary
  packages.
• Used with rpm (--addsign and resign options)

21
Key Management

• Session keys
• Created at use
• Only used once
• Need a very good source of randomness
• Asymmetric keys
• GPG allows you to create and manage
• Public portion of key can be published

22
Web of Trust

• How do you know what keys to trust?
• You can only physically check a finite number of
  keys
• PGP allows you to sign someone elses key.
• Done when you have verified that a key is valid.
• Allows you to accept the validity of a key of
  someone youve never met.
• If Alice trusts Bob and Bob trusts Charles, then
  Alice can also trust Charles.

23
Web of Trust
24
GPG Key Creation

• gpg --gen-key
• Generates a public/private key pair.
• Because of the RSA patent, it defaults to using
  DH/ElGamal (Discrete Logorithm Problem)
• Choose a key length (use at least 1024 bits)
• User data (name, e-mail)
• Pass phrase

25
Key revocation

• Always generate a revocation certificate after
  creating a key!
• If you lose your pass phrase, will allow you to
  cancel your key.
• gpg --gen-revoke UID
• Need the pass phrase (to get to the secret key)

26
Key functions

• List keys and signatures
• gpg --list-keys
• gpg --list-sigs
• gpg --fingerprint
• Import
• gpg --import filename
• Export
• gpg --export UID
• By default export is binary. Use -a to do
  ascii-armor.

27
Key servers

• You could exchange keys by e-mail or web page,
  but there is a better way.
• PGP and GnuPG support a remote key server
• Send
• gpg --keyserver ks --send-key UID
• Receive
• gpg --keyserver ks --recv-key UID
• Default key server can be put in options file.
• If default server set, gpg will automatically
  look there for new keys.

28
Key signing

• ONLY SIGN A KEY WHEN YOU ARE ABSOLUTELY SURE IT
  IS AUTHENTIC!!!
• Use the edit key function
• gpg --edit-key UID
• Will bring up a command prompt
• Can sign, revoke, change trust, delete, etc
• gtsign
• Make sure you send the newly signed key to a key
  server.

29
Conclusion

• GPG is a tool you can use to improve
  communication security.
• Dont consider it an end result, but a link in a
  chain.
• It is integrated into a few packages, but the
  interface could be better
• Barrier to use
• Better when used all the time.

30
References

• Garfinkel, Simson, PGP, Pretty Good Privacy,
  1995, OReilly Associates.
• Schneier, Bruce, Applied Cryptography, 1996,
  Wiley.
• Various crypto links
• http//www.x5.net/faqs/crypto/
• http//www.pgpi.org/doc/guide/6.5/en/intro/
• http//www.dewinter.com/gnupg_howto/english/GPGMin
  iHowto-1.html
• http//www.mcc.ac.uk/cos/security/PGP_why_and_how.
  html
• http//www.wired.com/wired/archive/people/whitfiel
  d_diffie/
• http//www.iae.nsk.su/pages/CRYPTO/rsafaq.html
• http//www.philzimmermann.com/
• http//www.openpgp.org/
• http//www.gnupg.org/