Get documents about "PGP Pretty Good Privacy
W
Description
PGP (Pretty Good Privacy), is based on RSA public key encryption system, e-mail encryption software. It can be kept confidential to prevent unauthorized messages are read, it can also add digital signatures on e-mail so that recipients can verify the sender of the message, and can be sure that the message has not been tampered with. It can provide a secure means of communication, but does not require any prior confidentiality channel used to pass key. It uses a traditional RSA hybrid encryption algorithms, message digest for digital signature algorithms, encryption, compression, before, there are a good ergonomic design. It's powerful, very fast speed. And its source code is free of charge.
Document Sample
PGP
Pretty Good Privacy
Aric Hagberg
(aric@lanl.gov)
If you wish another to keep your secret, first keep it yourself.
- Seneca in Hippolytus, c. 60 A.D.
Unclassified 1
Outline:
• What is PGP?
• Why use PGP?
• History
• How to use PGP
• Can PGP be cracked
• Is PGP legal?
• References
Unclassified 2
What is PGP?
PGP (Pretty Good Privacy) is a free encryption program written by Phil
Zimmerman. It allows you to
• Encrypt files so only the person that encrypted it can decrypt it
• Encrypt a message or file so only the recipient can decrypt and read it
• Create digital signatures on your files and e-mail that guarantees that it can
only have come from you
Why would you want to do this?
Unclassified 3
Why use PGP to exchange messages?
http://www.pgpi.com/doc/whypgp/
by Phil Zimmermann
It’s personal. It’s private. And it’s no one’s business but yours. You may be
planning a political campaign, discussing your taxes, or having an illicit affair. Or
you may be doing something that you feel shouldn’t be illegal, but is. Whatever it
is, you don’t want your private electronic mail (E-mail) or confidential documents
read by anyone else. There’s nothing wrong with asserting your privacy. Privacy
is as apple-pie as the Constitution.
Perhaps you think your E-mail is legitimate enough that encryption is
unwarranted. If you really are a law-abiding citizen with nothing to hide, then
why don’t you always send your paper mail on postcards? Why not submit to
drug testing on demand? Why require a warrant for police searches of your
house? Are you trying to hide something? You must be a subversive or a drug
dealer if you hide your mail inside envelopes. Or maybe a paranoid nut. Do
law-abiding citizens have any need to encrypt their E-mail?
Unclassified 4
PGP History
Please see http://www.dcs.ex.ac.uk/˜aba/timeline/ and other sources
• 1976 Whitfield Diffie and Martin Hellman disover public key cryptography
• 1977 Ron Rivest, Adi Shamir, and Len Adleman discover another more
general public key system called RSA
• 1991 Phil Zimmerman writes PGP1.0 and gives it away
• 1990s PGP has copyright problems
• 1990s PGP has export restriction problems
• 1990s Everyone in the world gets it anyway
Unclassified 5
How to use PGP
man pgp
Unclassified 6
Single-Key Encryption
If I want to send you a message that no one else (but you) can read I encrypt
or encipher the message: I scramble the message in a complicated way using
a key that can unscramble it.
You can decrypt the message by using this key.
Since a single key is used for both encryption and decryption I have to send the
key (via a secure method) to the recipient of the message.
Unclassified 7
Public-Key Encryption
In public key cryptosystems there are two parts to the key:
• a publicly revealed key
• a private key.
Each key unlocks the code that the other makes. Knowing the public key doesn’t
give you any information about the private key so it can be published and widely
distributed.
Now no secure communication channel is needed!
(actually that is not completely true because you have to verify that the your
friends public key is valid).
Unclassified 8
Sending an encrypted message
Anyone with my public key can encrypt a message that only I can decode. They
encrypt the message with my public key and I decrypt it with my private key.
Unclassified 9
Sending a signed message
I can use my private key to encrypt a message that only my public key can
decrypt. This authenticates that the message was from me.
Unclassified 10
Sending an encrypted and signed message
I can use my private key and the recipient’s public key to get both authentication
and encryption.
Unclassified 11
Some details
The public key encryption algorithm is slower then single-key encryption
methods. So what really happens is:
• the original (plaintext) file is encrypted by a random key (session key) using
single-key encryption method (PGP uses the IDEA single-key cipher)
• the recipient’s public key is used to encipher the session key
• the public-key encrypted session key is sent along with the enciphered text
to the recipient
• the recipient uses her private key to unencrypt the session key and then a
fast single-key algorithm to decipher the large message.
Unclassified 12
Handling Keys
Keys are kept in key certificates which contain
• the key owner’s ID (a name)
• timestamp when key pair was made
• the actual key (public or private)
Each user keeps his own pair of key rings: a public key ring and a private key
ring. You must collect public keys from your friends who you want to exchange
encrypted e-mail with.
Unclassified 13
Integrating PGP with mail programs
Most mail programs are not PGP aware!
• Mutt uses the proposed Internet standard: PGP/MIME RFC 2015
• Emacs uses the mailcrypt package
• Elm has patches
• Pine has scripts
• Exmh has support but no menus
• Eudora has support
• You can do it yourself
Unclassified 14
Is it legal?
Not in all countries.
(France for example see http://cwis.kub.nl/˜frw/people/koops/lawsurvy.htm)
In the US and most of the world, yes.
PGP has had legal problems on two fronts: copyright violation and export
control.
• In the US use PGP
http://web.mit.edu/network/pgp.html
Avoids copyright problems
• In the rest of the world use PGPi
http://www.pgpi.com/ Avoids export controls
This copy was exported as a book and scanned.
Unclassified 15
Can PGP be cracked?
YES!
If you have enough time and resources (and there are no holes found in the
algorithms - see http://axion.physics.ubc.ca/pgp-attack.html)
For PGP you can try to crack
• IDEA (the convential cipher)
• RSA (the public key encryption).
It is easier to try a factoring attack than searching keyspace.
How much time?
Unclassified 16
Brute force attacks
Asymmetric RSA keys
KeySize MIPS-years required to factor Avalon-years (theoretical peak)
512 30,000 0.2
768 200,000,000 1428
1024 300,000,000,000 2,142,857
2048 300,000,000,000,000,000,000 2,142,857,142,857,142
Symmetric key equivalences
Symmetric Asymmetric
56-bits 384-bits
64-bits 512-bits
80-bits 768-bits
112-bits 1792-bits
128-bits 2304-bits
Unclassified 17
It is probably easier to use a different method
http://www-users.informatik.rwth-aachen.de/˜senderek/certify/secret-key.protectio
• Stealing private key, guess passphrase or trick/force you to reveal
• Distributing fake public keys
• Electronic surveillance (Van Eck radiation).
If you don’t believe see http://www.cl.cam.ac.uk/˜mgk25/ih98-tempest.pdf.
Unclassified 18
References
• MIT distribution site for PGP:
http://web.mit.edu/network/pgp.html.
• Slashdot discussion on Cryptography in Mail Software
http://slashdot.org/askslashdot/99/07/05/0633206.shtml
• The International PGP Home Page
http://www.pgpi.com/
• The GNU Privacy Guard
http://www.d.shuttle.de/isil/gnupg/
• Neal Stephenson’s Cryptonomicon
http://www.cryptonomicon.com/
Unclassified 19
