2B Data Security of Workstations 1 March - May 2009 OpenPGP 2B6309 Data Security of Workstations Lars Noodén ( )

2B Data Security of Workstations 2 March - May 2009 Definitions Authenticity – making sure the message is really from who it claims to be from. Privacy – making sure that it is not read by others either in transit, or while on the server or local hard disk. Integrity – making sure the message has not changed since writing, either by accident or on purpose

2B Data Security of Workstations 3 March - May 2009 Definitions cipher – an algorithm for encrypting or decrypting individual letters, bytes or bits hash – a short and (hopefully) unique digest of a longer stream of data e.g. MD5, SHA1, SHA2 collision – two different inputs which produce the same checksum

2B Data Security of Workstations 4 March - May 2009 Pretty Good Privacy 1991 – PGP ("Pretty Good Privacy") 1993 – Problems w/ US government start 1996 – Problems w/ US government resolved 1998 – OpenPGP specification (RFC 2440) 1999 – GPG 2001 – A5-0264/ – ?

2B Data Security of Workstations 5 March - May 2009 Further Reading An Illustrated Guide to Cryptographic Hashes. (2005) "Opinion: Cryptanalysis of MD5 and SHA: Time for a new standard" ,00.html RFC

2B Data Security of Workstations 6 March - May 2009 Pretty Good Privacy Protocol vs Program PGP is an open standard OpenPGP, specifically, is the correct name OpenPGP is defined in RFC The OpenPGP specification can be used by any program, open source or closed source

2B Data Security of Workstations 7 March - May 2009 OpenPGP PKI encryption public key for encryption private key for decryption Digital signatures e.g. Ubuntu and Debian repositories Written with the goal to protect privacy even in the digital era keep encryption legal in the US

2B Data Security of Workstations 8 March - May 2009 Goals Authenticity Privacy Integrity

2B Data Security of Workstations 9 March - May 2009 Authenticity Electronic Signatures: branch of cryptography OpenPGP specification defined in RFC Whole messages can be signed Digital Signature Algorithm (DSA) Using GPG or PGP programs PGP started at MIT by Phil Zimmerman in

2B Data Security of Workstations 10 March - May 2009 Privacy Whole messages can be encrypted Elgamal or rsa encryption algorithms Using GPG or PGP programs Any message not encrypted can be read in transit, while on either server, or on the local hard disk. Big companies try to get hold of their competitors' mail when they can.

2B Data Security of Workstations 11 March - May 2009 Any unencrypted message can be read smtpsmtp imapimap TCP / IP smtpsmtp smtpsmtp imapimap smtpsmtp UTF-8 UTF-8 mail server

2B Data Security of Workstations 12 March - May 2009 Integrity Whole messages can be digitally signed parts can be signed individually signature can be inline or attached Separate files can be signed as well e.g. Ubuntu and Debian repositories

2B Data Security of Workstations 13 March - May 2009 Further Reading "Vast Spy System Loots Computers in 103 Countries" (2009)

2B Data Security of Workstations 14 March - May 2009 PGP and Package Management

2B Data Security of Workstations 15 March - May 2009 Repositories Distros sign their packages using OpenPGP authenticity integrity Debian and debian-derivatives use apt-secure see also apt-key Only the Release File is signed contains list of all packages and their MD5 checksums

2B Data Security of Workstations 16 March - May 2009 OpenPGP in Repositories Only the Release File is signed contains list of all package names and their MD5 checksums Intended to prevent man-in-the-middle attacks ( between user and repository ) replacing illegitimate packages on a mirror

2B Data Security of Workstations 17 March - May 2009 Repository Chain of Trust user checks OpenPGP key for Release File gets MD5 sum, checks package integrity archive / repository makes inventory signed packages and their MD5 sums signs inventory list (Release File) using OpenPGP maintainer uploads PGP-signed packages key signed by other maintainers, web of trust

2B Data Security of Workstations 18 March - May 2009 package name MD 5 package name MD 5 package name MD 5... MD 5 release file distro's OpenPGP key package maintainer's OpenPGP key Repository package MD 5

2B Data Security of Workstations 19 March - May 2009 Getting Keys for APT One way to get a key wget -O- | sudo apt-key add - another way to get a key gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 7FAC5991 sudo apt-key add.gnupg/pubring.gpg

2B Data Security of Workstations 20 March - May 2009 Exercise Add Opera's own repository to your list of Ubuntu repositories found in: /etc/apt/sources.list Refresh the list of packages, and note the error apt-get update Now find the instructions for adding Opera's key Add Opera's PGP key Try refreshing the list of packages, then install (you will have to search Opera's site for instructions)

2B Data Security of Workstations 21 March - May 2009 deb stable non-free

2B Data Security of Workstations 22 March - May 2009 Web of Trust

2B Data Security of Workstations 23 March - May 2009 Trust How do you know the key is good? Direct – each key is verified individually Hierarchy – validity is traced back until a trusted key is found (aka root certificate) Web – multiple root certificates

2B Data Security of Workstations 24 March - May 2009 How much can a key be trusted? The validity of each key is rated from 1 to 5 1 I don't know or won't say 2I do NOT trust keys signed with this one will be ignored 3I trust marginally at least two marginal keys must have signed 4I trust fully at least one key with full trust has signed this one 5I trust ultimately I have the private key for this one

2B Data Security of Workstations 25 March - May 2009 Direct Trust A B

2B Data Security of Workstations 26 March - May 2009 Web of Trust ① ② ➌ ➊ ➋ ③ ② ① ④ B A

2B Data Security of Workstations 27 March - May 2009 Hierarchy ① ② ③ A B

2B Data Security of Workstations 28 March - May 2009 Further Reading "The Story of PGP" Web Monkey. Michael W. Lucas (2006) "Why I Wrote PGP" Part of the Original 1991 PGP User's Guide (updated in 1999) Phil Zimmermann.

2B Data Security of Workstations 29 March - May 2009 What's in a Key?

2B Data Security of Workstations 30 March - May 2009 What's in a key ? Keys DSA signature RSA signature encryption ElGamal encryption Passphrase Metadata name address comment id fingerprint creation date expiration date

2B Data Security of Workstations 31 March - May 2009 PGP Algorithms Digital Signatures DSA – Digital Signature Algorithm 1024 bit key (exact) RSA – 768 to bit key larger = slower smaller = weaker Encryption Elgamal – 1024 to 4096 bit key larger = slower smaller = weaker

2B Data Security of Workstations 32 March - May 2009 Key Example Key fingerprint = C0AE 13D5 2B27 29D8 BB68 5AB8 D3D0 02F3 A Public key = -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (Darwin) mQGiBEZBgxURBAD4z93T0hiJh7uRsGxG//PKg2Iw8zXnKjHHQPcE5QzCEWPmMPkj klATAsd/5RIDp/ox9DYartpxynvR3vuGF/KCgFmqztX89xQliU86Xv/lncOSZAIp XvkDXXAFGb3WP+BweFkKFTNHnXJfXNCweoIraVcvbBEEzhIL0SVW3jn0xwCgiLDs rDl08npdg6zzX2jKm1vyOL8EAPWKe0Ma9vZ/SVLH6FU2YEr4pV3Dwt1Vnrq9K AAAoJENPQAvOndJQDwcgAniQ4WRrGbNK9EoMpkXKep9GFoxmAAJ0VVlyVQRgL kKUfXo6RewcsG6uf8Q== =udlU -----END PGP PUBLIC KEY BLOCK-----

2B Data Security of Workstations 33 March - May 2009 Revokation Certificate Example Revokation key = -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.6 (Darwin) Comment: A revocation certificate should follow iFIEIBECABIFAkZBgXILHQFubyByZWFzb24ACgkQcvrYn9QAoDVUxACgp5eYvib9 pOuzo2QFoKwYfiTDZCkAn2j7BktjV1Aj3XCT2Neuak5e+wrF =ymx END PGP PUBLIC KEY BLOCK----- note that this certificate is short enough to use from a paper printout

2B Data Security of Workstations 34 March - May 2009 Revokation / Expiration Revokation lost keys compromised keys keys no longer in use Expiration lost keys die out automatically if expiration date is not renewed can sometimes help limit life of compromised keys expired keys can be used to decrypt/verify

2B Data Security of Workstations 35 March - May 2009 Creating Keys Use the DSA algorithm for signatures Always assign an expiration date at least until you are familiar with managing keys can be extended later as needed Create a revocation certificate archive on paper, even if you have to copy by hand

2B Data Security of Workstations 36 March - May 2009 Managing keys Key servers remote database Key rings local database Authentication agent local cache Fingerprints verification hash Key signing ultimately by trusted key web of trust hierarchy

2B Data Security of Workstations 37 March - May 2009 PGP Tools Text interface – for remote access, programs or scripts pgp gpg Graphical interface Kgpg Mac GPG

2B Data Security of Workstations 38 March - May 2009 GnuPG OpenPGP – specification (1998) See RFC PGP – proprietary software GnuPG – Free Software (gpl) unencumbered encryption algorithms

2B Data Security of Workstations 39 March - May 2009 Further Reading Elgamal encryption scheme FIPS-186-3, draft for the third revision to the official DSA specification. _March2006.pdf

2B Data Security of Workstations 40 March - May 2009 Further Reading "Chapter 8 - Public-Key Encryption" Handbook of Applied Crytpography. Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. (2001)

2B Data Security of Workstations 41 March - May 2009 Two Tools for Encrypting Enigmail for Mozilla Thunderbird (not Gallo Thunderbird) FireGPG for Mozilla Firefox works with Gmail

2B Data Security of Workstations 42 March - May 2009 " mirror: WWW database of PGP keys pool.sks-keyservers.net subkeys.pgp.net pgp.mit.edu ldap://certserver.pgp.com

2B Data Security of Workstations 43 March - May 2009 Further Reading "Is Your T-Shirt a Lethal Weapon?" David Loundy (1996).

2B Data Security of Workstations 44 March - May 2009 In-Class Exercise Install Fluxbox Install two additional themes for Fluxbox Compare with KDE and FVWM-Crystal

2B Data Security of Workstations 45 March - May 2009 OpenPGP 2B6309 Data Security of Workstations Lars Noodén ( )

2B Data Security of Workstations 46 March - May 2009