Tom Rothamel GPG Part 1 11 July 2000
From LILUG
Welcome to the first of several talks I'll give on cryptography and the Gnu Privacy Guard program. Today I'll be going over some of the basics of what cryptography is, and how you can get started with it using the Gnu Privacy Guard program, including some commands you should try at home. Next time we'll be doing a keysigning, and I'll also show how you can use your keys to actually encrypt, decrypt, and sign messages.
What is cryptography, and why should I use it?
There are several applications of cryptography. The first is to hide the meaning of a message so that only a designated party can read it. The process of hiding the message is called encryption, and the process of deciphering it is called decryption. There are several reasons for wanting to do this, privacy being foremost in many peoples minds. Would you want your medical records being sent in plain text across the internet where any one could read them? What about your credit card number?
The second application is the digital signing of messages. This allows me to put a digital imprint on a message that you can use to verify that I was the one that wrote it. The Linux Kernel is signed this way on the kernel.org mirrors, so you can be sure that the code you downloaded is a version released by Linus Torvalds and not one that was subsituted by an unscrupulous mirror operator.
Of course, these are only building blocks of a cryptographic protocol... a series of steps that must be undertaken to ensure security. There's nothing that says that, for example, the person receiving your message couldn't turn around and post it on the web. (This is the same reason why encrypting digital music or dvds won't work.) Still, it helps to have the tools available to allow you to make your own protocols as needed.
Types of Cryptography.
I should distingush between codes, which break down if anyone knows how they work, but may barely serve to prevent your kid sister from reading your mail, and strong cryptography, which serves to prevent major world governments from doing the same thing.
There is a perfect cipher in existance, called the one-time-pad. Unfortunately, it has several important drawbacks. It consists of a pad of truly random bits. If we both have a copy of the same pad, I can xor bits of my message one at a time with my copy and send the result to you, and you can do the same thing to decrypt it. The encryption is considered to be perfect because, by using another pad, the message can be made to decrypt to any other message of the same length.
The downside is that I can only use each bit of randomness that we share exactly once. There are trivial attacks on someone using the same pad to encrypt two different messages. Unfortunately, many products that claim to use a one-time-pad reuse the same small amount of randomness... If a product claims to use a one-time-pad, but doesn't make you move around large files, it's snake oil. And if we have to move a large number of bits securely, why not make it the message?
The next type is a symmetric cipher. These use a single key to encrypt and decrypt data. This is better because we can move a simple key securely, with one key per pair of persons. Unfortunately, we still can't talk to someone that we haven't exchanged a key with via a secure channel.
You can symmetrically encrypt a file using gnupg. Try the following command:
gpg -c file.txt
It will prompt you for a passphrase, then encrypt the file. You can then run:
gpg file.txt.gpg
To decrypt the file.
The last type of cipher is an asymmetric one. This uses a public key and a private key. Messages encrypted with the public key can only be decrypted by the corresponding private key. This means that I can give all of you my public key, and all of you can encrypt messages with it. But I'm the only one that can decrypt and view those messages.
Pgp was one of the programs that allowed a user to perform asymmetric encryption. As time went on, pgp's license got progressively worse and worse, eventually causing a team of programmers to begin writing the GnuPG program.
The only big issue with asymmetric encryption is answering the question: "How do I know that your public key really belongs to you?" The usually answer is that if someone that I trust signs your key, I believe that it's you. That's the point of a keysigning, which we'll do at next meeting.
What's next.
Before we can do a keysigning, you must generate a key. I have a handout explaining how to do that. They also explain how to generate a key revocation certificate, useful if you forget your passphrase. Once you have those generated, you should email your key to me, and then bring your key's fingerprint and some ID to the next meeting, the key signing.