Getting Started With PGP Digital Signature and Encryption for Email and Data Files ISC/Information Security Problem: E-mail is insecure • More like a postcard than a letter • Can be read by any number of people in transit • If recipient’s account is compromised, may be read by unauthorized person(s) • Network sniffing may capture and reveal content to unauthorized person(s) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Problem: E-mail is easily forged • Current protocols date back to early 1970s • Headers, especially “From:” are ridiculously easy to forge • If sender account is compromised, may not actually have been sent by that person • How can you verify the sender’s identity? Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Problem: Sensitive & Confidential Data on Hard Drives • Especially Laptops! • If system is compromised or stolen, lots of potential fallout: – Permanent loss of irreplaceable and/or proprietary data – Exposure of secret or sensitive information – Financial loss – Disclosure requirements • …to name just a few! Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Problem: Sensitive & Confidential Data on Hard Drives (Cont.) • Data from deleted files can be forensically recovered – Unallocated disk space often still retains data from file that most recently occupied it – “Slack space”, i.e., allocated but not used • On Windows systems, can still have data from a deleted file • Unix/linux systems will fill this space with ‘0’s’ • Data can even be recovered from a drive that: – Has been re-formatted! – No longer runs (platters can be removed and examined) • How do you securely delete sensitive files? – DoD 5220.22-M standards – www.dss.mil/isec/nispom_0195.htm Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Solution(?): Windows EFS • Offers “one-click” encryption of individual files and/or entire folders • Problem: Encryption removed when file copied or moved to other media, e.g. floppy disc or CD • Problem: Management of encryption/decryption keys is not “user-friendly” (more on keys in a few minutes)…lost or corrupted key may mean loss of data - FOREVER! • Problem: EFS can be circumvented if Administrator account is compromised • Problem: Windows XP/2000 ONLY… • Problem: Doesn’t deal with e-mail at all • Problem: No secure delete/wipe capability Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Solution: PGP (“Pretty Good Privacy”) • Developed in 1991 by Phil Zimmerman • Based on public/private key pair cryptography principle developed by Whitfield Diffie • Provides highly secure, portable encryption and signature for any digital data - including e-mail • Includes secure wipe utility conforming to DoD 5220.22-M standards (3 passes or more) • Available for all versions of Windows and Mac OS • Freeware unix/linux equivalent GPG (“GNU Privacy Guard”) available Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP: Drawbacks • • • • Not all that “user friendly” Public/private key concepts take some getting used to Doesn’t scale well to large user groups Requires understanding of and adherence to key maintenance standards and practices – If your private key is lost, corrupted or compromised, you have to generate a new one and start all over again Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP: Licensing • Freeware Windows & Mac versions available from MIT: web.mit.edu/network/pgp.html – – – – – • Commercial Windows & Mac versions available from PGP Inc.: www.pgp.com – – • For personal use only! GUI and/or command line interface For US download and use only, due to export restrictions In many countries, import and use of encrypting software is illegal! Some will jail you for not providing a decryption key Generally about $50 per user license Expect to use commercial product if needed in conjunction with your job at Penn GPG for unix/linux available as freeware from www.gnupg.org – Also works on Mac OS X: http://macgpg.sourceforge.net/ (Thanks to Larry Macy for providing info and URL) • Most versions include “plug-ins” for popular e-mail clients, e.g. Eudora Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP: How Does It Work? • Let’s start with some basics of cryptography, and the high-level mathematics underneath it • Don’t worry, there won’t be a pop quiz at the end of this presentation…this is just to give you an idea of what’s going on. Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Some Quick Definitions • Cryptography: the art and science of encrypting and decrypting secure messages • Cryptanalysis: the art and science of breaking cryptography • Cryptology: the mathematics of cryptography and cryptanalysis • Algorithm: a mathematical function/process used for encryption, decryption and verification • Key: a string (or number) used for character-by-character encryption and decryption Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu (Digital) Keys • In computer cryptography, a key is simply a binary number of varying length, depending on the type of cryptography being used – “Symmetric” cryptography generally relies on keys of 128 bits or more (e.g. most web browser SSL sessions) – “Asymmetric” cryptography requires keys of minimum 1024-bit length (2048 is typical these days) • A properly generated key can only be cracked by “brute force” - and only then after thousands of years (even at today’s processing speeds) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Keys: Encoding and Decoding (A bit oversimplified) One typical way keys are used to encrypt/decrypt is by use of “exclusive-OR” (XOR) logic: • If the bit to be encrypted is the same as the corresponding key bit, the encrypted bit is 0 • If they are different, the resulting encrypted bit is 1 • Without the key, you can’t be sure what the original bit was • Simple keys like this are vulnerable to “known text” attacks Getting Started with PGP November, 2005 TEXT KEY RESULT 0 0 0 0 1 1 1 0 1 1 1 0 ISC/Information Security security@isc.upenn.edu “Symmetric” Cryptography • Relies on both sender and recipient having identical copies of the encryption key - or access to a “third party” that can verify that both have the correct key (e.g. online “certificate authority”) • Can use relatively low key lengths – 128 bits is more or less standard – 56 bits has been cracked • Problem: secure key distribution Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu “Asymmetric” Cryptography (aka “Public/Private Key”) • Sender generates a “public/private” key pair • The “public” key can be freely given out – Published on website, in e-mail sigs, etc. – Some people put them on the back of their business cards • The “private” key is guarded at all costs – If lost, corrupted or compromised, a new pair must be generated – All your contacts must be notified and supplied with the new public key • Data encrypted to the public key can only be decrypted by the corresponding private key - and vice versa • PGP is based on “public/private” key cryptography Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu How are public/private key pairs generated? • Oversimplifying a bit again, but they are essentially based on mathematical operations involving two really, really large prime numbers • Prime numbers have been proven to have no known predictive pattern • Remember “factoring” from your 3rd grade math? – It’s easy to factor the smaller numbers into primes: 14, 24, 49, etc • Even?…divisible by 2 • Digits add up to a number divisible by 3?…then 3 is also a factor • Last digit is 5 or 0?…divisible by 5 – A LOT harder as the numbers get bigger - in fact, impossible Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu What is this number? 25964951 (2 )-1 (To write it out in decimal form would require 7,816,230 digits - at 1 digit per second, it would take more than 90 days, non-stop) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu The (Currently) Largest Known Prime Number (225964951)-1 Source: primes.utm.edu/largest.html (A really good site for “Stupid Number Tricks”) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP Public/Private Key Pair Strength • The public key is mathematically derived from the private key • The private key relies on the “computational difficulty” of deriving the large primes used to generate it • Private key lengths of 1024 bits are probably OK, but 2048 is the accepted standard for most users • Key lengths over 2048 bits are more secure, but tend to eat up processing power • Some keys still use the RSA standard, but most keys nowadays are generated using the Diffie-Hellman standard • Even at these lengths, “known text” attacks are a danger Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Algorithms • Used to induce “randomness” in encoded message • Helps reduce “known text” vulnerability • “Encrypting” algorithms are designed to be reversible (they have to be, don’t they?) – Some well-known ones: DES, 3DES, AES, Blowfish, RSA • “Hashing” algorithms are “one-way”, i.e., irreversible – Used to provide “signature”, or “shared secret” verification – Used for password storage on most operating systems – Well-known ones include MD5, SHA (used by PGP) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Example: MD5 Input 1 2 3 4 5 Output B026324c6904b2a9cb4b88d6d61c81d1 26ab0db90d72e28ad0ba1e22ee510510 6d7fce9fee471194aa8b5b6e47267f03 48a24b70a0b376535542b996af517398 1dcca23355272056f04fe8bf20edfce0 Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP Encryption • Encrypting algorithm is applied to the data • Appropriate key is applied to the result – Private key, if encrypting your own file data – Recipient’s public key, if sending e-mail • Why not the other way around? Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Well-known Algorithms • The best-known algorithms are used to remove patterns and predictability from encoded messages • They are not secret - in fact, they are made public and subjected to rigorous testing by mathematical peers. Proprietary algorithms are not generally accepted in public cryptographic circles. • Encryption algorithms are reversible - they have to be • Applying the key before the algorithm is pointless, because the algorithm can be reversed, leaving the key exposed to “known text” and “brute force” attacks Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Where’s the Security? In a public/private key cryptography environment, the strength lies in the length and protection of the private key - not in the algorithm Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Digital Signatures • Usually applied to e-mail messages to verify the sender’s identity • Sender “signs” the message with his private key – Hashing algorithm is applied as well – Hashing also provides check on message integrity • Anyone who has sender’s public key can apply it to verify sender’s identity – ONLY someone who has the corresponding private key could have sent it – Hashing also verifies that the message was not altered in transit Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu What does a “Public Key” look like? -----BEGIN PGP PUBLIC KEY BLOCK----Version: PGP for Personal Privacy 5.0 mQGiBDcox8ARBADlerXzXx0sVf7tWg/x/FBCuZ8w2o/5kwZricxuhuFLV1htdRjG iWoHZrjmWEApYn4ikfbTtf9bqLI/rV+dxupsTrNf0dytYHv2rqmF+RlKOcmraSFH RJlFKaDQgf0rKCJrH8skif/pMUasHO15ESKU+K67K3C0BsiP1LO1jue9JwCg/64p vGo+6GmqyPP8dB5VmH3TTSUEAJy5W/rgDQCEkiu8b8KyimI9pLTmfUVr6GB11JZR FdOsZROt8ymRGd7rmLZDV/fQN+IbL79+2m6NS+DuO1zYXKnE8mwEcp7U4ggU73bH 8joGdp+D4gKX/s9uGZi1h0al1AV3xlKM2zU/M7c7MJhkPbcQbfHKNK+earE51FaW zd/MA/4/Pi6O5qLxHRdRsQYux4aG7DPcIWU0yqpQLP5/s6iYpFawSTqw1MHEyPK6 R5BcqcYL99wva9meS08M9MfYKO0Ce6x9Tf3CS7goEn94xwU9pgPgejpRlxv3SF9l cXhMfkD3T1TgR0XrGkmE+7TpsH7D5XUfrLiAwfP3RnK4DPjUbbRLSW5mb3JtYXRp b24gU2VjdXJpdHkgYXQgVW5pdmVyc2l0eSBvZiBQZW5uc3lsdmFuaWEgPHNlY3Vy aXR5QGlzYy51cGVubi5lZHU+iQB1AwUQNynGnVcYQO1Qt5kZAQFg2AL/ds5fHHmg WHVPL7VUmUv0xlVlNzaS4kz0S+57lPcghO5F1nBQxztE+ekde18D9QLC8S3S0GDw Q7CHSrIFlKQ9WTDYv3ruP48VZvJ8q5FfI81ypojMvxBePxn647Bfov84iQA/AwUQ NynGss3oSRS59y8HEQJziACfTxlMW2pKKCXr/+sk3ivFtMUzppcAn06yEouF4x5Y g0p2hWUnKIQGGIhkiQA/AwUQNynGwqDFmzsT2y3tEQIZKACg2gdxZsq8IwtTcqW5 eTQF2OJw7i0AmwbGp3hD8XO5nH+mNDFIa3I978gciQCVAwUQNynMBEZOdo0DD6gN AQHmlwP9GK8h9NI09fClK91IGcT5gFtK9q695UUDWi7+gIGTGz5yIkXbnZCUZFPm y6FLyVpUQNVyBVXD+6aMJr3flxz0Es32mY7rgYKHITz+mmyoKB6CDz2K1Ov3a6Mw W5VlN5eHPgug2imSETO4NGOdeL67LX93bYEHba1D9/2gcG909WSJAEsEEBECAAsF Ajcox8AECwMBAgAKCRCgxZs7E9st7eiaAKC6jhAEhnhnDLr5B4V2H7SYOkokHwCe OYexEbEe0Xf2VnJO6K2MmcdmN/OJAFUDBRA3KMo/hsldwo1DqVkBAZxcAf9c6OcH RkI9ohqQFV+XmYcgRuPuLL2oD6MT/ZvLu0Gp6RucDWEoA8iQFUNte73wsAkYRU0/ Zz4KoiVbtqolta+FiQA/AwUQNyjKSuyQdaHLkpQqEQKeOQCg1vU+iQp2iqHWq5on vydUxAmTU7wAn2e/uhmCjmMXjiBec+ZP0kEbScLWiQA/AwUQNym9aUXWdKqHR/jl EQKNfACg8C+pTwIM+JVnELL4GJAfWE4X33sAnRiA9UHf3SzmidVB72m0E4HaKzMs iQCVAwUQNynMAUZOdo0DD6gNAQFChgQAo69r5WRVrJAzF49CLiOIDmRAZ3eV3MYm xfMZKao2H21Tkr72CnN3y91t+XDXjJN+ciVUZuFKNmF+ubwJ9ittfzsdcuo5bUCk bvuAAtfE3utniYvgDmWNMRzAt720cTZjVTU8nvcZbUlHJx/PSqO/FrgAT0Fenmwm CJDFbu8+SA+5Ag0ENyjHwBAIAPZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg 2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvO meFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YA WCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtV jLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZ lp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH/1pIvuZa4dPy 6Si59ZYQpuHNX1YEVRuUH5wEP0A0agNue0MOyg6liYFhx+mit7tEFe91wviQVU2v FPthdoqlP0fFlXbMg4SM65U6/NliF5qv1MHfj7TVZ5MQrKGwk0uGYBhESzGat0rU /j6v/XiU5Bzxd9r/Vr/HHSALfk9Q/8NhCXQPjaMuEym4CeVy/IbbuR472k5/O5+s P0eK7xx4eDub+Yg1TELYBoheLvf/FzmNSML/rBpL4jP+ApJbHb/SjW5f0/0dOiUi LmGHNR8zku46WTGd0eOKUoI7rRnNfFMnhFIgv4FunhI6h8alQDfBj31XkyGl40yV +f5C6O30ZYyJAD8DBRg3KMfAoMWbOxPbLe0RAkPUAKCo4sGborU5vtJ0TTh+UcV8 k5ynyACeKbCeSGtAKrYcbCtROyRzYAP/BiI= =SgNt -----END PGP PUBLIC KEY BLOCK----- Getting Started with PGP November, 2005 Hashed “fingerprint”: 7D91 F6E2 8BA6 F501 1550 A904 A0C5 9B3B 13DB 2DED (Hexadecimal) -OR - klaxon miracle village tomorrow obtuse paragon vapor adviser backfield embezzle revenge alkali ragtime resistor puppy councilman Aztec suspicious button unify (Keywords) ISC/Information Security security@isc.upenn.edu Public Key Distribution • Published on your personal website • Carry it around on floppy disc, CD-ROM, USB “jump drive”, etc. for people to copy • Send as e-mail attachment • Upload it to a “key server” • Print it out on a sheet of paper, along with the “fingerprint” – We’ll talk about “key signing parties” in a few minutes • Rent a billboard…well, you get the idea Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu How do I know that’s really your public key? • Generating public/private key pairs does NOT require any authentication - you can associate any name and e-mail address with a key pair you choose • To be completely certain that a given public key actually belongs to the person it claims, you need to physically verify the person’s identity and key in person – Ask for photo ID if necessary – Ask the person to read the “fingerprint”, and verify against a printed copy – Verify printed copy “fingerprint” against the electronic copy OR… Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Is the public key “signed”? • PGP public keys can be “signed” by other private keys as “third party” verification • If the signer’s public key is one you already have, you can use it to verify the signature • If you can trust the signer’s key, you can trust the signed key Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP “Web of Trust” • Built on a network of transitive trust relationships – If Tom trusts Dick… – And Dick trusts Harry… – Then Tom can trust Harry • Only in the context of identification and authentication – Doesn’t necessarily mean Tom is assured Harry is a trustworthy person…only that he really is Harry • Functions as sort of an “ad hoc Certificate Authority” • The more links in the chain, the more likely there’s a weak link somewhere along the line Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP “Key Signing Parties” • Opportunity for several people to get together and exchange public keys • Held regularly by ISC Information Security • Print out your public key & fingerprint, bring with copy of your key - and your PennCard • Security will verify all identities and keys, sign and distribute them to all attendees Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP “Keyring” Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP Key (General Info) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP Key (SubKeys) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu PGP Mail Menu Window (Mac OS X) (Windows version uses tray icon/menu) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Preferences (General) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Preferences (Files) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Preferences (Email) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Preferences (Server) Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu Questions? Comments? Getting Started with PGP November, 2005 ISC/Information Security security@isc.upenn.edu