PGP Pretty Good Privacy
PGP (Pretty Good Privacy), is based on RSA public key encryption system, e-mail encryption software. It can be kept confidential to prevent unauthorized messages are read, it can also add digital signatures on e-mail so that recipients can verify the sender of the message, and can be sure that the message has not been tampered with. It can provide a secure means of communication, but does not require any prior confidentiality channel used to pass key. It uses a traditional RSA hybrid encryption algorithms, message digest for digital signature algorithms, encryption, compression, before, there are a good ergonomic design. It's powerful, very fast speed. And its source code is free of charge.
PGP Pretty Good Privacy Aric Hagberg (email@example.com) If you wish another to keep your secret, ﬁrst keep it yourself. - Seneca in Hippolytus, c. 60 A.D. Unclassiﬁed 1 Outline: • What is PGP? • Why use PGP? • History • How to use PGP • Can PGP be cracked • Is PGP legal? • References Unclassiﬁed 2 What is PGP? PGP (Pretty Good Privacy) is a free encryption program written by Phil Zimmerman. It allows you to • Encrypt ﬁles so only the person that encrypted it can decrypt it • Encrypt a message or ﬁle so only the recipient can decrypt and read it • Create digital signatures on your ﬁles and e-mail that guarantees that it can only have come from you Why would you want to do this? Unclassiﬁed 3 Why use PGP to exchange messages? http://www.pgpi.com/doc/whypgp/ by Phil Zimmermann It’s personal. It’s private. And it’s no one’s business but yours. You may be planning a political campaign, discussing your taxes, or having an illicit affair. Or you may be doing something that you feel shouldn’t be illegal, but is. Whatever it is, you don’t want your private electronic mail (E-mail) or conﬁdential documents read by anyone else. There’s nothing wrong with asserting your privacy. Privacy is as apple-pie as the Constitution. Perhaps you think your E-mail is legitimate enough that encryption is unwarranted. If you really are a law-abiding citizen with nothing to hide, then why don’t you always send your paper mail on postcards? Why not submit to drug testing on demand? Why require a warrant for police searches of your house? Are you trying to hide something? You must be a subversive or a drug dealer if you hide your mail inside envelopes. Or maybe a paranoid nut. Do law-abiding citizens have any need to encrypt their E-mail? Unclassiﬁed 4 PGP History Please see http://www.dcs.ex.ac.uk/˜aba/timeline/ and other sources • 1976 Whitﬁeld Difﬁe and Martin Hellman disover public key cryptography • 1977 Ron Rivest, Adi Shamir, and Len Adleman discover another more general public key system called RSA • 1991 Phil Zimmerman writes PGP1.0 and gives it away • 1990s PGP has copyright problems • 1990s PGP has export restriction problems • 1990s Everyone in the world gets it anyway Unclassiﬁed 5 How to use PGP man pgp Unclassiﬁed 6 Single-Key Encryption If I want to send you a message that no one else (but you) can read I encrypt or encipher the message: I scramble the message in a complicated way using a key that can unscramble it. You can decrypt the message by using this key. Since a single key is used for both encryption and decryption I have to send the key (via a secure method) to the recipient of the message. Unclassiﬁed 7 Public-Key Encryption In public key cryptosystems there are two parts to the key: • a publicly revealed key • a private key. Each key unlocks the code that the other makes. Knowing the public key doesn’t give you any information about the private key so it can be published and widely distributed. Now no secure communication channel is needed! (actually that is not completely true because you have to verify that the your friends public key is valid). Unclassiﬁed 8 Sending an encrypted message Anyone with my public key can encrypt a message that only I can decode. They encrypt the message with my public key and I decrypt it with my private key. Unclassiﬁed 9 Sending a signed message I can use my private key to encrypt a message that only my public key can decrypt. This authenticates that the message was from me. Unclassiﬁed 10 Sending an encrypted and signed message I can use my private key and the recipient’s public key to get both authentication and encryption. Unclassiﬁed 11 Some details The public key encryption algorithm is slower then single-key encryption methods. So what really happens is: • the original (plaintext) ﬁle is encrypted by a random key (session key) using single-key encryption method (PGP uses the IDEA single-key cipher) • the recipient’s public key is used to encipher the session key • the public-key encrypted session key is sent along with the enciphered text to the recipient • the recipient uses her private key to unencrypt the session key and then a fast single-key algorithm to decipher the large message. Unclassiﬁed 12 Handling Keys Keys are kept in key certiﬁcates which contain • the key owner’s ID (a name) • timestamp when key pair was made • the actual key (public or private) Each user keeps his own pair of key rings: a public key ring and a private key ring. You must collect public keys from your friends who you want to exchange encrypted e-mail with. Unclassiﬁed 13 Integrating PGP with mail programs Most mail programs are not PGP aware! • Mutt uses the proposed Internet standard: PGP/MIME RFC 2015 • Emacs uses the mailcrypt package • Elm has patches • Pine has scripts • Exmh has support but no menus • Eudora has support • You can do it yourself Unclassiﬁed 14 Is it legal? Not in all countries. (France for example see http://cwis.kub.nl/˜frw/people/koops/lawsurvy.htm) In the US and most of the world, yes. PGP has had legal problems on two fronts: copyright violation and export control. • In the US use PGP http://web.mit.edu/network/pgp.html Avoids copyright problems • In the rest of the world use PGPi http://www.pgpi.com/ Avoids export controls This copy was exported as a book and scanned. Unclassiﬁed 15 Can PGP be cracked? YES! If you have enough time and resources (and there are no holes found in the algorithms - see http://axion.physics.ubc.ca/pgp-attack.html) For PGP you can try to crack • IDEA (the convential cipher) • RSA (the public key encryption). It is easier to try a factoring attack than searching keyspace. How much time? Unclassiﬁed 16 Brute force attacks Asymmetric RSA keys KeySize MIPS-years required to factor Avalon-years (theoretical peak) 512 30,000 0.2 768 200,000,000 1428 1024 300,000,000,000 2,142,857 2048 300,000,000,000,000,000,000 2,142,857,142,857,142 Symmetric key equivalences Symmetric Asymmetric 56-bits 384-bits 64-bits 512-bits 80-bits 768-bits 112-bits 1792-bits 128-bits 2304-bits Unclassiﬁed 17 It is probably easier to use a different method http://www-users.informatik.rwth-aachen.de/˜senderek/certify/secret-key.protectio • Stealing private key, guess passphrase or trick/force you to reveal • Distributing fake public keys • Electronic surveillance (Van Eck radiation). If you don’t believe see http://www.cl.cam.ac.uk/˜mgk25/ih98-tempest.pdf. Unclassiﬁed 18 References • MIT distribution site for PGP: http://web.mit.edu/network/pgp.html. • Slashdot discussion on Cryptography in Mail Software http://slashdot.org/askslashdot/99/07/05/0633206.shtml • The International PGP Home Page http://www.pgpi.com/ • The GNU Privacy Guard http://www.d.shuttle.de/isil/gnupg/ • Neal Stephenson’s Cryptonomicon http://www.cryptonomicon.com/ Unclassiﬁed 19