Getting Started With PGP Digital Signature and Encryption for E- mail and Data Files ISC/Information Security

Getting Started With PGP

Digital Signature and Encryption for E-mail and Data Files

ISC/Information Security

Getting Started with PGPNovember, 2005

ISC/Information [email protected]

Problem: E-mail is insecure

• More like a postcard than a letter• Can be read by any number of people in transit• If recipient’s account is compromised, may be

read by unauthorized person(s)• Network sniffing may capture and reveal content

to unauthorized person(s)



Problem: E-mail is easily forged

• Current protocols date back to early 1970s• Headers, especially “From:” are ridiculously easy

to forge• If sender account is compromised, may not

actually have been sent by that person• How can you verify the sender’s identity?



Problem: Sensitive & Confidential Data on Hard Drives

• Especially Laptops!• If system is compromised or stolen, lots of

potential fallout:– Permanent loss of irreplaceable and/or proprietary

data

– Exposure of secret or sensitive information

– Financial loss

– Disclosure requirements• …to name just a few!



Problem: Sensitive & Confidential Data on Hard Drives (Cont.)

• Data from deleted files can be forensically recovered– Unallocated disk space often still retains data from file that most

recently occupied it– “Slack space”, i.e., allocated but not used

• On Windows systems, can still have data from a deleted file• Unix/linux systems will fill this space with ‘0’s’

• Data can even be recovered from a drive that:– Has been re-formatted!– No longer runs (platters can be removed and examined)

• How do you securely delete sensitive files?– DoD 5220.22-M standards– www.dss.mil/isec/nispom_0195.htm



Solution(?): Windows EFS

• Offers “one-click” encryption of individual files and/or entire folders

• Problem: Encryption removed when file copied or moved to other media, e.g. floppy disc or CD

• Problem: Management of encryption/decryption keys is not “user-friendly” (more on keys in a few minutes)…lost or corrupted key may mean loss of data - FOREVER!

• Problem: EFS can be circumvented if Administrator account is compromised

• Problem: Windows XP/2000 ONLY…• Problem: Doesn’t deal with e-mail at all• Problem: No secure delete/wipe capability



Solution: PGP (“Pretty Good Privacy”)

• Developed in 1991 by Phil Zimmerman

• Based on public/private key pair cryptography principle developed by Whitfield Diffie

• Provides highly secure, portable encryption and signature for any digital data - including e-mail

• Includes secure wipe utility conforming to DoD 5220.22-M standards (3 passes or more)

• Available for all versions of Windows and Mac OS

• Freeware unix/linux equivalent GPG (“GNU Privacy Guard”) available



PGP: Drawbacks

• Not all that “user friendly”

• Public/private key concepts take some getting used to

• Doesn’t scale well to large user groups

• Requires understanding of and adherence to key maintenance standards and practices– If your private key is lost, corrupted or compromised, you have

to generate a new one and start all over again



PGP: Licensing

• Freeware Windows & Mac versions available from MIT: web.mit.edu/network/pgp.html

– For personal use only!– GUI and/or command line interface– For US download and use only, due to export restrictions– In many countries, import and use of encrypting software is illegal!– Some will jail you for not providing a decryption key

• Commercial Windows & Mac versions available from PGP Inc.: www.pgp.com

– Generally about $50 per user license– Expect to use commercial product if needed in conjunction with your job at Penn

• GPG for unix/linux available as freeware from www.gnupg.org– Also works on Mac OS X: http://macgpg.sourceforge.net/ (Thanks to Larry Macy for

providing info and URL)

• Most versions include “plug-ins” for popular e-mail clients, e.g. Eudora



PGP: How Does It Work?

• Let’s start with some basics of cryptography, and the high-level mathematics underneath it

• Don’t worry, there won’t be a pop quiz at the end of this presentation…this is just to give you an idea of what’s going on.



Some Quick Definitions

• Cryptography: the art and science of encrypting and decrypting secure messages

• Cryptanalysis: the art and science of breaking cryptography

• Cryptology: the mathematics of cryptography and cryptanalysis

• Algorithm: a mathematical function/process used for encryption, decryption and verification

• Key: a string (or number) used for character-by-character encryption and decryption



(Digital) Keys

• In computer cryptography, a key is simply a binary number of varying length, depending on the type of cryptography being used– “Symmetric” cryptography generally relies on keys of 128 bits or

more (e.g. most web browser SSL sessions)

– “Asymmetric” cryptography requires keys of minimum 1024-bit length (2048 is typical these days)

• A properly generated key can only be cracked by “brute force” - and only then after thousands of years (even at today’s processing speeds)



Keys: Encoding and Decoding(A bit oversimplified)

One typical way keys are used to encrypt/decrypt is by use of “exclusive-OR” (XOR) logic:

• If the bit to be encrypted is the same as the corresponding key bit, the encrypted bit is 0

• If they are different, the resulting encrypted bit is 1

• Without the key, you can’t be sure what the original bit was

• Simple keys like this are vulnerable to “known text” attacks

TEXT KEYRESULT

0 0 0

0 1 1

1 0 1

1 1 0



“Symmetric” Cryptography

• Relies on both sender and recipient having identical copies of the encryption key - or access to a “third party” that can verify that both have the correct key (e.g. online “certificate authority”)

• Can use relatively low key lengths– 128 bits is more or less standard– 56 bits has been cracked

• Problem: secure key distribution



“Asymmetric” Cryptography(aka “Public/Private Key”)

• Sender generates a “public/private” key pair• The “public” key can be freely given out

– Published on website, in e-mail sigs, etc.– Some people put them on the back of their business cards

• The “private” key is guarded at all costs– If lost, corrupted or compromised, a new pair must be generated– All your contacts must be notified and supplied with the new

public key• Data encrypted to the public key can only be decrypted by the

corresponding private key - and vice versa• PGP is based on “public/private” key cryptography



How are public/private key pairs generated?

• Oversimplifying a bit again, but they are essentially based on mathematical operations involving two really, really large prime numbers

• Prime numbers have been proven to have no known predictive pattern

• Remember “factoring” from your 3rd grade math?– It’s easy to factor the smaller numbers into primes: 14, 24, 49,

etc• Even?…divisible by 2• Digits add up to a number divisible by 3?…then 3 is also a factor• Last digit is 5 or 0?…divisible by 5

– A LOT harder as the numbers get bigger - in fact, impossible



What is this number?

(225964951)-1

(To write it out in decimal form would require 7,816,230 digits - at 1 digit per second, it would take more than 90 days, non-stop)



The (Currently) Largest Known Prime Number

(225964951)-1

Source: primes.utm.edu/largest.html(A really good site for “Stupid Number Tricks”)



PGP Public/Private Key Pair Strength

• The public key is mathematically derived from the private key

• The private key relies on the “computational difficulty” of deriving the large primes used to generate it

• Private key lengths of 1024 bits are probably OK, but 2048 is the accepted standard for most users

• Key lengths over 2048 bits are more secure, but tend to eat up processing power

• Some keys still use the RSA standard, but most keys nowadays are generated using the Diffie-Hellman standard

• Even at these lengths, “known text” attacks are a danger



Algorithms

• Used to induce “randomness” in encoded message

• Helps reduce “known text” vulnerability

• “Encrypting” algorithms are designed to be reversible (they have to be, don’t they?)– Some well-known ones: DES, 3DES, AES, Blowfish, RSA

• “Hashing” algorithms are “one-way”, i.e., irreversible– Used to provide “signature”, or “shared secret” verification

– Used for password storage on most operating systems

– Well-known ones include MD5, SHA (used by PGP)



Example: MD5

Input Output

1 B026324c6904b2a9cb4b88d6d61c81d1

2 26ab0db90d72e28ad0ba1e22ee510510

3 6d7fce9fee471194aa8b5b6e47267f03

4 48a24b70a0b376535542b996af517398

5 1dcca23355272056f04fe8bf20edfce0



PGP Encryption

• Encrypting algorithm is applied to the data• Appropriate key is applied to the result

– Private key, if encrypting your own file data

– Recipient’s public key, if sending e-mail

• Why not the other way around?



Well-known Algorithms

• The best-known algorithms are used to remove patterns and predictability from encoded messages

• They are not secret - in fact, they are made public and subjected to rigorous testing by mathematical peers. Proprietary algorithms are not generally accepted in public cryptographic circles.

• Encryption algorithms are reversible - they have to be

• Applying the key before the algorithm is pointless, because the algorithm can be reversed, leaving the key exposed to “known text” and “brute force” attacks



Where’s the Security?

In a public/private key cryptography environment, the strength lies in the length and protection of

the private key - not in the algorithm



Digital Signatures

• Usually applied to e-mail messages to verify the sender’s identity

• Sender “signs” the message with his private key– Hashing algorithm is applied as well– Hashing also provides check on message integrity

• Anyone who has sender’s public key can apply it to verify sender’s identity– ONLY someone who has the corresponding private key could

have sent it– Hashing also verifies that the message was not altered in transit



What does a “Public Key” look like?

-----BEGIN PGP PUBLIC KEY BLOCK-----Version: PGP for Personal Privacy 5.0

mQGiBDcox8ARBADlerXzXx0sVf7tWg/x/FBCuZ8w2o/5kwZricxuhuFLV1htdRjGiWoHZrjmWEApYn4ikfbTtf9bqLI/rV+dxupsTrNf0dytYHv2rqmF+RlKOcmraSFHRJlFKaDQgf0rKCJrH8skif/pMUasHO15ESKU+K67K3C0BsiP1LO1jue9JwCg/64pvGo+6GmqyPP8dB5VmH3TTSUEAJy5W/rgDQCEkiu8b8KyimI9pLTmfUVr6GB11JZRFdOsZROt8ymRGd7rmLZDV/fQN+IbL79+2m6NS+DuO1zYXKnE8mwEcp7U4ggU73bH8joGdp+D4gKX/s9uGZi1h0al1AV3xlKM2zU/M7c7MJhkPbcQbfHKNK+earE51FaWzd/MA/4/Pi6O5qLxHRdRsQYux4aG7DPcIWU0yqpQLP5/s6iYpFawSTqw1MHEyPK6R5BcqcYL99wva9meS08M9MfYKO0Ce6x9Tf3CS7goEn94xwU9pgPgejpRlxv3SF9lcXhMfkD3T1TgR0XrGkmE+7TpsH7D5XUfrLiAwfP3RnK4DPjUbbRLSW5mb3JtYXRpb24gU2VjdXJpdHkgYXQgVW5pdmVyc2l0eSBvZiBQZW5uc3lsdmFuaWEgPHNlY3VyaXR5QGlzYy51cGVubi5lZHU+iQB1AwUQNynGnVcYQO1Qt5kZAQFg2AL/ds5fHHmgWHVPL7VUmUv0xlVlNzaS4kz0S+57lPcghO5F1nBQxztE+ekde18D9QLC8S3S0GDwQ7CHSrIFlKQ9WTDYv3ruP48VZvJ8q5FfI81ypojMvxBePxn647Bfov84iQA/AwUQNynGss3oSRS59y8HEQJziACfTxlMW2pKKCXr/+sk3ivFtMUzppcAn06yEouF4x5Yg0p2hWUnKIQGGIhkiQA/AwUQNynGwqDFmzsT2y3tEQIZKACg2gdxZsq8IwtTcqW5eTQF2OJw7i0AmwbGp3hD8XO5nH+mNDFIa3I978gciQCVAwUQNynMBEZOdo0DD6gNAQHmlwP9GK8h9NI09fClK91IGcT5gFtK9q695UUDWi7+gIGTGz5yIkXbnZCUZFPmy6FLyVpUQNVyBVXD+6aMJr3flxz0Es32mY7rgYKHITz+mmyoKB6CDz2K1Ov3a6MwW5VlN5eHPgug2imSETO4NGOdeL67LX93bYEHba1D9/2gcG909WSJAEsEEBECAAsFAjcox8AECwMBAgAKCRCgxZs7E9st7eiaAKC6jhAEhnhnDLr5B4V2H7SYOkokHwCeOYexEbEe0Xf2VnJO6K2MmcdmN/OJAFUDBRA3KMo/hsldwo1DqVkBAZxcAf9c6OcHRkI9ohqQFV+XmYcgRuPuLL2oD6MT/ZvLu0Gp6RucDWEoA8iQFUNte73wsAkYRU0/Zz4KoiVbtqolta+FiQA/AwUQNyjKSuyQdaHLkpQqEQKeOQCg1vU+iQp2iqHWq5onvydUxAmTU7wAn2e/uhmCjmMXjiBec+ZP0kEbScLWiQA/AwUQNym9aUXWdKqHR/jlEQKNfACg8C+pTwIM+JVnELL4GJAfWE4X33sAnRiA9UHf3SzmidVB72m0E4HaKzMsiQCVAwUQNynMAUZOdo0DD6gNAQFChgQAo69r5WRVrJAzF49CLiOIDmRAZ3eV3MYmxfMZKao2H21Tkr72CnN3y91t+XDXjJN+ciVUZuFKNmF+ubwJ9ittfzsdcuo5bUCkbvuAAtfE3utniYvgDmWNMRzAt720cTZjVTU8nvcZbUlHJx/PSqO/FrgAT0FenmwmCJDFbu8+SA+5Ag0ENyjHwBAIAPZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH/1pIvuZa4dPy6Si59ZYQpuHNX1YEVRuUH5wEP0A0agNue0MOyg6liYFhx+mit7tEFe91wviQVU2vFPthdoqlP0fFlXbMg4SM65U6/NliF5qv1MHfj7TVZ5MQrKGwk0uGYBhESzGat0rU/j6v/XiU5Bzxd9r/Vr/HHSALfk9Q/8NhCXQPjaMuEym4CeVy/IbbuR472k5/O5+sP0eK7xx4eDub+Yg1TELYBoheLvf/FzmNSML/rBpL4jP+ApJbHb/SjW5f0/0dOiUiLmGHNR8zku46WTGd0eOKUoI7rRnNfFMnhFIgv4FunhI6h8alQDfBj31XkyGl40yV+f5C6O30ZYyJAD8DBRg3KMfAoMWbOxPbLe0RAkPUAKCo4sGborU5vtJ0TTh+UcV8k5ynyACeKbCeSGtAKrYcbCtROyRzYAP/BiI==SgNt-----END PGP PUBLIC KEY BLOCK-----

Hashed “fingerprint”:7D91 F6E2 8BA6 F501 1550 A904 A0C5 9B3B 13DB 2DED

(Hexadecimal)

-OR -

klaxon miracle village tomorrow

obtuse paragon vapor adviser

backfield embezzle revenge alkali

ragtime resistor puppy councilman

Aztec suspicious button unify

(Keywords)



Public Key Distribution

• Published on your personal website

• Carry it around on floppy disc, CD-ROM, USB “jump drive”, etc. for people to copy

• Send as e-mail attachment

• Upload it to a “key server”

• Print it out on a sheet of paper, along with the “fingerprint”– We’ll talk about “key signing parties” in a few minutes

• Rent a billboard…well, you get the idea



How do I know that’s really your public key?

• Generating public/private key pairs does NOT require any authentication - you can associate any name and e-mail address with a key pair you choose

• To be completely certain that a given public key actually belongs to the person it claims, you need to physically verify the person’s identity and key in person– Ask for photo ID if necessary– Ask the person to read the “fingerprint”, and verify against a

printed copy– Verify printed copy “fingerprint” against the electronic copy

OR…



Is the public key “signed”?

• PGP public keys can be “signed” by other private keys as “third party” verification

• If the signer’s public key is one you already have, you can use it to verify the signature

• If you can trust the signer’s key, you can trust the signed key



PGP “Web of Trust”

• Built on a network of transitive trust relationships– If Tom trusts Dick…

– And Dick trusts Harry…

– Then Tom can trust Harry

• Only in the context of identification and authentication– Doesn’t necessarily mean Tom is assured Harry is a trustworthy

person…only that he really is Harry

• Functions as sort of an “ad hoc Certificate Authority”

• The more links in the chain, the more likely there’s a weak link somewhere along the line



PGP “Key Signing Parties”

• Opportunity for several people to get together and exchange public keys

• Held regularly by ISC Information Security• Print out your public key & fingerprint, bring

with copy of your key - and your PennCard• Security will verify all identities and keys, sign

and distribute them to all attendees



PGP “Keyring”



PGP Key(General Info)



PGP Key(SubKeys)















PGP Mail Menu Window (Mac OS X)

(Windows version uses tray icon/menu)



Preferences(General)



Preferences(Files)



Preferences(Email)



Preferences (Server)



Questions?Comments?

Documents

Getting Started With PGP Digital Signature and Encryption for E- mail and Data Files ISC/Information Security