Archive

Archive for September, 2016

Using GPG for Public-Key Cryptography

September 25, 2016 Leave a comment

Wikipedia has an accessible introduction of the subject. The GNU Privacy Manual is a good resource for detailed documentation.

Export Public Keys

To allow us to encrypt files with the public key of our correspondent, we first need to have access to their public key. Users may export their public key as follows:

% gpg --export --armor musa@persia.com \
      \<musa@persia.com\>.public.gpg-key

Import Public Keys

We may import public keys into our public keyring as follows. Doing so will enable us to encrypt data using this key.

% gpg --import \<musa@persia.com\>.public.gpg-key

Delete Public Keys

We may remove the public key from our public-key keyring by using name.

% gpg --delete-key musa@persia.com

List Public Keys

We can see the public keys listed in our public-key keyring using --list-keys

% gpg --list-keys
pub   4096R/9E520AE7 2016-09-15
uid                  Umar Kalim <umar@vt.edu>
sub   4096R/38C5C69A 2016-09-15
sub   4096R/5DE83AAF 2016-09-15

pub   4096R/B7AC8904 2016-09-25
uid                  Musa Al-Khwarizmi <musa@persia.com>
sub   4096R/4E74D6FE 2016-09-25
sub   4096R/7756B7E1 2016-09-25

Encrypting Files

To encrypt data we need to use the recipient’s public key. We may identify the recipient using the -r or the --recipient option followed by the recipients name or email. The --encrypt option highlights our intent to encrypt. By default gpg outputs encrypted content in binary format. To generate output in ASCII-armor format, we use the --armor option.

% gpg --encrypt --armor -r musa@persia.com file-1.pdf

Signing and Encrypting Files

By signing the contents, the recipient can guarantee that the contents were signed by our primary key.

% gpg --encrypt --sign --armor -r musa@persia.com file-1.pdf

Decrypting Files

Assuming that the private key associated with the public key used to encrypt the data is in our keyring, we may decrypt the encrypted contents as follows.

% gpg --decrypt file-1.pdf.asc > output.pdf

Creating a GPG Keypair for Public-Key Encryption

September 25, 2016 Leave a comment

GPG may be used to encrypt data and protect it from prying eyes. To use the public-key encryption method, we first need to generate a private-public keypair. This post summarizes the process of creating a new private-public keypair.

Wikipedia has an accessible introduction of the subject. The GNU Privacy Manual is a good resource for detailed documentation.

Choosing a Passphrase

When prompted for a passphrase, please follow guidelines for a strong passphrase. See Stanford University’s guidelines for choosing a strong passphrase.

Generating the Keypair

When generating the keys, it is recommended that we use the highest possible values for key lengths. This is relevant because, with the evolution of compute capabilities and accelerators (e.g., GPUs) it is becoming easy by the day to break keys with shorter lengths. Using longer keys would make it much more computationally challenging to break them.

It is also a good practice to set an expiry date for the keys. For the sake of simplicity, we’ll not set an expiry date in this post.

% gpg --gen-key
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Musa Al-Khwarizmi
Email address: musa@persia.com
Comment:
You selected this USER-ID:
    "Musa Al-Khwarizmi <musa@persia.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.    

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
...........+++++
.......+++++
gpg: key B7AC8904 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   3  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 3u
gpg: next trustdb check due at 2018-08-19
pub   4096R/B7AC8904 2016-09-25
      Key fingerprint = E79A 6B36 C40A AE5D 7E0B  3EB6 2108 BEBE B7AC 8904
uid                  Musa Al-Khwarizmi <musa@persia.com>
sub   4096R/4E74D6FE 2016-09-25

Strengthening Hash Preferences

It is preferable to use a stronger hashes. We may change the preferences using the --edit-keys option. The options used below are setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed.

% gpg --edit-key musa@persia.com
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/B7AC8904  created: 2016-09-25  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  4096R/4E74D6FE  created: 2016-09-25  expires: never       usage: E
[ultimate] (1). Musa Al-Khwarizmi <musa@persia.com>

gpg> setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
Set preference list to:
     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA512, SHA384, SHA256, SHA224, SHA1
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify
Really update the preferences? (y/N) y

You need a passphrase to unlock the secret key for
user: "Musa Al-Khwarizmi <musa@persia.com>"
4096-bit RSA key, ID B7AC8904, created 2016-09-25

pub  4096R/B7AC8904  created: 2016-09-25  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  4096R/4E74D6FE  created: 2016-09-25  expires: never       usage: E
[ultimate] (1). Musa Al-Khwarizmi <musa@persia.com>

gpg> save

Revocation Certificate

In case the primary key is compromised, we may use the revocation certificate to inform people about the key being stolen and not to trust content encrypted or signed using those keys. Please remember to keep this certificate in a different place than the master keypair.

% gpg --output \<musa@persia.com\>.gpg-revocation-certificate \
      --gen-revoke musa@persia.com

Exporting Primary and Public Keys

The commands below will generate the primary and public keys.

% gpg --export-secret-keys --armor musa@persia.com \
      \<musa@persia.com\>.private.gpg-key
% gpg --export --armor musa@persia.com \
      \<musa@persia.com\>.public.gpg-key

Adding Signing Subkey

Creating subkeys allows us to remove the master keys from the keyring and dedicated subkeys for specific purposes. If we happen to lose our subkeys, we may easily revoke those subkeys with the master keypair. Note that the revocation certificate is meant for the master keypair and not the subkeys. In the example below we create a signing subkey.

% gpg --edit-key musa@persia.com
gpg (GnuPG) 1.4.18; Copyright (C) 2014 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/B7AC8904  created: 2016-09-25  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  4096R/4E74D6FE  created: 2016-09-25  expires: never       usage: E
[ultimate] (1). Musa Al-Khwarizmi <musa@persia.com>

gpg> addkey
Key is protected.

You need a passphrase to unlock the secret key for
user: "Musa Al-Khwarizmi <musa@persia.com>"
4096-bit RSA key, ID B7AC8904, created 2016-09-25

Please select what kind of key you want:
   (3) DSA (sign only)
   (4) RSA (sign only)
   (5) Elgamal (encrypt only)
   (6) RSA (encrypt only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
......+++++
.+++++

pub  4096R/B7AC8904  created: 2016-09-25  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  4096R/4E74D6FE  created: 2016-09-25  expires: never       usage: E
sub  4096R/7756B7E1  created: 2016-09-25  expires: never       usage: S
[ultimate] (1). Musa Al-Khwarizmi <musa@persia.com>

gpg> save

Using GPG for Symmetric Cryptography

September 25, 2016 Leave a comment

GPG may be used to encrypt data and protect it from prying eyes. We may either use symmetric-ciphers or the public-key cryptography method to protect our data. In this blog, I’ll summarize the use of symmetric ciphers on OSX.

When we have more than one file to encrypt, it would be prudent to encrypt an archive of the files instead of encrypting them one by one.

% ls -la
-rw-r--r--@   1 umar  staff   916K Sep 25 01:08 file-1.pdf
-rw-r--r--@   1 umar  staff   5.3M Sep 25 01:08 file-2.pdf

% tar cfvj my-files.tar.bz2 file-*
a file-1.pdf
a file-2.pdf

Choosing a Passphrase/Password

When encrypting files, GPG would prompt for a passphrase. Please follow guidelines for a strong passphrase. See Stanford University’s guidelines for choosing a strong passphrase.

Encrypting a File

The -c or --symmetric option is used to encrypt files with a symmetric cipher.

The output files may be saved in binary or ASCII-armor format. The ASCII-armor versions, although relatively larger in size, are typically used when sharing encrypted files through email. The default option is to generate binary output (i.e., .gpg files). The --armor option generates the ASCII-armor version of the encrypted output.

GPG uses CAST5 as the default cipher. However, the 256-bit Advanced Encryption Standard (i.e., AES256) is one of the ciphers recommended by the Computer Security Resource Center at NIST. We can select the encryption algorithm with the option --cipher-algo.

% # Binary output
% gpg --output my-files.tar.bz2.gpg \
      --cipher-algo AES256 \
      --symmetric \
      my-files.tar.bz2

% # ASCII-armor output
% gpg --output my-files.tar.bz2.gpg \
      --cipher-algo AES256 \
      --armor \
      --symmetric \
      my-files.tar.bz2

% ls -la
-rw-r--r--@   1 umar  staff   916K Sep 25 01:08 file-1.pdf
-rw-r--r--@   1 umar  staff   5.3M Sep 25 01:08 file-2.pdf
-rw-r--r--    1 umar  staff   4.7M Sep 25 01:13 my-files.tar.bz2
-rw-r--r--    1 umar  staff   6.4M Sep 25 01:17 my-files.tar.bz2.asc
-rw-r--r--    1 umar  staff   4.7M Sep 25 01:16 my-files.tar.bz2.gpg

Decrypting a File

The -d or --decrypt option may be used to decrypt the encrypted files (whether .asc or .gpg)

% gpg --output decrypted-files.tar.bz2 \
      --decrypt \
      my-files.tar.bz2.asc
gpg: AES256 encrypted data
gpg: encrypted with 1 passphrase

% ls -la
-rw-r--r--    1 umar  staff   4.7M Sep 25 01:28 decrypted-files.tar.bz2
-rw-r--r--@   1 umar  staff   916K Sep 25 01:08 file-1.pdf
-rw-r--r--@   1 umar  staff   5.3M Sep 25 01:08 file-2.pdf
-rw-r--r--    1 umar  staff   4.7M Sep 25 01:13 my-files.tar.bz2
-rw-r--r--    1 umar  staff   6.4M Sep 25 01:17 my-files.tar.bz2.asc
-rw-r--r--    1 umar  staff   4.7M Sep 25 01:16 my-files.tar.bz2.gpg

We can confirm that the output after decryption is the same as the input before encryption using MD5 checksums.

% md5sum my-files.tar.bz2 decrypted-files.tar.bz2
MD5 (my-files.tar.bz2)        = cbdff2d18d943d36c4224aada805e6ce
MD5 (decrypted-files.tar.bz2) = cbdff2d18d943d36c4224aada805e6ce