Upload
benjamin-harvey
View
227
Download
2
Tags:
Embed Size (px)
Citation preview
Getting Started With PGP
Digital Signature and Encryption for E-mail and Data Files
ISC/Information Security
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Problem: E-mail is insecure
• More like a postcard than a letter• Can be read by any number of people in transit• If recipient’s account is compromised, may be
read by unauthorized person(s)• Network sniffing may capture and reveal content
to unauthorized person(s)
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Problem: E-mail is easily forged
• Current protocols date back to early 1970s• Headers, especially “From:” are ridiculously easy
to forge• If sender account is compromised, may not
actually have been sent by that person• How can you verify the sender’s identity?
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Problem: Sensitive & Confidential Data on Hard Drives
• Especially Laptops!• If system is compromised or stolen, lots of
potential fallout:– Permanent loss of irreplaceable and/or proprietary
data
– Exposure of secret or sensitive information
– Financial loss
– Disclosure requirements• …to name just a few!
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Problem: Sensitive & Confidential Data on Hard Drives (Cont.)
• Data from deleted files can be forensically recovered– Unallocated disk space often still retains data from file that most
recently occupied it– “Slack space”, i.e., allocated but not used
• On Windows systems, can still have data from a deleted file• Unix/linux systems will fill this space with ‘0’s’
• Data can even be recovered from a drive that:– Has been re-formatted!– No longer runs (platters can be removed and examined)
• How do you securely delete sensitive files?– DoD 5220.22-M standards– www.dss.mil/isec/nispom_0195.htm
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Solution(?): Windows EFS
• Offers “one-click” encryption of individual files and/or entire folders
• Problem: Encryption removed when file copied or moved to other media, e.g. floppy disc or CD
• Problem: Management of encryption/decryption keys is not “user-friendly” (more on keys in a few minutes)…lost or corrupted key may mean loss of data - FOREVER!
• Problem: EFS can be circumvented if Administrator account is compromised
• Problem: Windows XP/2000 ONLY…• Problem: Doesn’t deal with e-mail at all• Problem: No secure delete/wipe capability
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Solution: PGP (“Pretty Good Privacy”)
• Developed in 1991 by Phil Zimmerman
• Based on public/private key pair cryptography principle developed by Whitfield Diffie
• Provides highly secure, portable encryption and signature for any digital data - including e-mail
• Includes secure wipe utility conforming to DoD 5220.22-M standards (3 passes or more)
• Available for all versions of Windows and Mac OS
• Freeware unix/linux equivalent GPG (“GNU Privacy Guard”) available
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP: Drawbacks
• Not all that “user friendly”
• Public/private key concepts take some getting used to
• Doesn’t scale well to large user groups
• Requires understanding of and adherence to key maintenance standards and practices– If your private key is lost, corrupted or compromised, you have
to generate a new one and start all over again
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP: Licensing
• Freeware Windows & Mac versions available from MIT: web.mit.edu/network/pgp.html
– For personal use only!– GUI and/or command line interface– For US download and use only, due to export restrictions– In many countries, import and use of encrypting software is illegal!– Some will jail you for not providing a decryption key
• Commercial Windows & Mac versions available from PGP Inc.: www.pgp.com
– Generally about $50 per user license– Expect to use commercial product if needed in conjunction with your job at Penn
• GPG for unix/linux available as freeware from www.gnupg.org– Also works on Mac OS X: http://macgpg.sourceforge.net/ (Thanks to Larry Macy for
providing info and URL)
• Most versions include “plug-ins” for popular e-mail clients, e.g. Eudora
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP: How Does It Work?
• Let’s start with some basics of cryptography, and the high-level mathematics underneath it
• Don’t worry, there won’t be a pop quiz at the end of this presentation…this is just to give you an idea of what’s going on.
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Some Quick Definitions
• Cryptography: the art and science of encrypting and decrypting secure messages
• Cryptanalysis: the art and science of breaking cryptography
• Cryptology: the mathematics of cryptography and cryptanalysis
• Algorithm: a mathematical function/process used for encryption, decryption and verification
• Key: a string (or number) used for character-by-character encryption and decryption
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
(Digital) Keys
• In computer cryptography, a key is simply a binary number of varying length, depending on the type of cryptography being used– “Symmetric” cryptography generally relies on keys of 128 bits or
more (e.g. most web browser SSL sessions)
– “Asymmetric” cryptography requires keys of minimum 1024-bit length (2048 is typical these days)
• A properly generated key can only be cracked by “brute force” - and only then after thousands of years (even at today’s processing speeds)
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
Keys: Encoding and Decoding(A bit oversimplified)
One typical way keys are used to encrypt/decrypt is by use of “exclusive-OR” (XOR) logic:
• If the bit to be encrypted is the same as the corresponding key bit, the encrypted bit is 0
• If they are different, the resulting encrypted bit is 1
• Without the key, you can’t be sure what the original bit was
• Simple keys like this are vulnerable to “known text” attacks
TEXT KEYRESULT
0 0 0
0 1 1
1 0 1
1 1 0
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
“Symmetric” Cryptography
• Relies on both sender and recipient having identical copies of the encryption key - or access to a “third party” that can verify that both have the correct key (e.g. online “certificate authority”)
• Can use relatively low key lengths– 128 bits is more or less standard– 56 bits has been cracked
• Problem: secure key distribution
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
“Asymmetric” Cryptography(aka “Public/Private Key”)
• Sender generates a “public/private” key pair• The “public” key can be freely given out
– Published on website, in e-mail sigs, etc.– Some people put them on the back of their business cards
• The “private” key is guarded at all costs– If lost, corrupted or compromised, a new pair must be generated– All your contacts must be notified and supplied with the new
public key• Data encrypted to the public key can only be decrypted by the
corresponding private key - and vice versa• PGP is based on “public/private” key cryptography
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
How are public/private key pairs generated?
• Oversimplifying a bit again, but they are essentially based on mathematical operations involving two really, really large prime numbers
• Prime numbers have been proven to have no known predictive pattern
• Remember “factoring” from your 3rd grade math?– It’s easy to factor the smaller numbers into primes: 14, 24, 49,
etc• Even?…divisible by 2• Digits add up to a number divisible by 3?…then 3 is also a factor• Last digit is 5 or 0?…divisible by 5
– A LOT harder as the numbers get bigger - in fact, impossible
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
What is this number?
(225964951)-1
(To write it out in decimal form would require 7,816,230 digits - at 1 digit per second, it would take more than 90 days, non-stop)
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
The (Currently) Largest Known Prime Number
(225964951)-1
Source: primes.utm.edu/largest.html(A really good site for “Stupid Number Tricks”)
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP Public/Private Key Pair Strength
• The public key is mathematically derived from the private key
• The private key relies on the “computational difficulty” of deriving the large primes used to generate it
• Private key lengths of 1024 bits are probably OK, but 2048 is the accepted standard for most users
• Key lengths over 2048 bits are more secure, but tend to eat up processing power
• Some keys still use the RSA standard, but most keys nowadays are generated using the Diffie-Hellman standard
• Even at these lengths, “known text” attacks are a danger
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Algorithms
• Used to induce “randomness” in encoded message
• Helps reduce “known text” vulnerability
• “Encrypting” algorithms are designed to be reversible (they have to be, don’t they?)– Some well-known ones: DES, 3DES, AES, Blowfish, RSA
• “Hashing” algorithms are “one-way”, i.e., irreversible– Used to provide “signature”, or “shared secret” verification
– Used for password storage on most operating systems
– Well-known ones include MD5, SHA (used by PGP)
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Example: MD5
Input Output
1 B026324c6904b2a9cb4b88d6d61c81d1
2 26ab0db90d72e28ad0ba1e22ee510510
3 6d7fce9fee471194aa8b5b6e47267f03
4 48a24b70a0b376535542b996af517398
5 1dcca23355272056f04fe8bf20edfce0
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP Encryption
• Encrypting algorithm is applied to the data• Appropriate key is applied to the result
– Private key, if encrypting your own file data
– Recipient’s public key, if sending e-mail
• Why not the other way around?
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Well-known Algorithms
• The best-known algorithms are used to remove patterns and predictability from encoded messages
• They are not secret - in fact, they are made public and subjected to rigorous testing by mathematical peers. Proprietary algorithms are not generally accepted in public cryptographic circles.
• Encryption algorithms are reversible - they have to be
• Applying the key before the algorithm is pointless, because the algorithm can be reversed, leaving the key exposed to “known text” and “brute force” attacks
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Where’s the Security?
In a public/private key cryptography environment, the strength lies in the length and protection of
the private key - not in the algorithm
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Digital Signatures
• Usually applied to e-mail messages to verify the sender’s identity
• Sender “signs” the message with his private key– Hashing algorithm is applied as well– Hashing also provides check on message integrity
• Anyone who has sender’s public key can apply it to verify sender’s identity– ONLY someone who has the corresponding private key could
have sent it– Hashing also verifies that the message was not altered in transit
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
What does a “Public Key” look like?
-----BEGIN PGP PUBLIC KEY BLOCK-----Version: PGP for Personal Privacy 5.0
mQGiBDcox8ARBADlerXzXx0sVf7tWg/x/FBCuZ8w2o/5kwZricxuhuFLV1htdRjGiWoHZrjmWEApYn4ikfbTtf9bqLI/rV+dxupsTrNf0dytYHv2rqmF+RlKOcmraSFHRJlFKaDQgf0rKCJrH8skif/pMUasHO15ESKU+K67K3C0BsiP1LO1jue9JwCg/64pvGo+6GmqyPP8dB5VmH3TTSUEAJy5W/rgDQCEkiu8b8KyimI9pLTmfUVr6GB11JZRFdOsZROt8ymRGd7rmLZDV/fQN+IbL79+2m6NS+DuO1zYXKnE8mwEcp7U4ggU73bH8joGdp+D4gKX/s9uGZi1h0al1AV3xlKM2zU/M7c7MJhkPbcQbfHKNK+earE51FaWzd/MA/4/Pi6O5qLxHRdRsQYux4aG7DPcIWU0yqpQLP5/s6iYpFawSTqw1MHEyPK6R5BcqcYL99wva9meS08M9MfYKO0Ce6x9Tf3CS7goEn94xwU9pgPgejpRlxv3SF9lcXhMfkD3T1TgR0XrGkmE+7TpsH7D5XUfrLiAwfP3RnK4DPjUbbRLSW5mb3JtYXRpb24gU2VjdXJpdHkgYXQgVW5pdmVyc2l0eSBvZiBQZW5uc3lsdmFuaWEgPHNlY3VyaXR5QGlzYy51cGVubi5lZHU+iQB1AwUQNynGnVcYQO1Qt5kZAQFg2AL/ds5fHHmgWHVPL7VUmUv0xlVlNzaS4kz0S+57lPcghO5F1nBQxztE+ekde18D9QLC8S3S0GDwQ7CHSrIFlKQ9WTDYv3ruP48VZvJ8q5FfI81ypojMvxBePxn647Bfov84iQA/AwUQNynGss3oSRS59y8HEQJziACfTxlMW2pKKCXr/+sk3ivFtMUzppcAn06yEouF4x5Yg0p2hWUnKIQGGIhkiQA/AwUQNynGwqDFmzsT2y3tEQIZKACg2gdxZsq8IwtTcqW5eTQF2OJw7i0AmwbGp3hD8XO5nH+mNDFIa3I978gciQCVAwUQNynMBEZOdo0DD6gNAQHmlwP9GK8h9NI09fClK91IGcT5gFtK9q695UUDWi7+gIGTGz5yIkXbnZCUZFPmy6FLyVpUQNVyBVXD+6aMJr3flxz0Es32mY7rgYKHITz+mmyoKB6CDz2K1Ov3a6MwW5VlN5eHPgug2imSETO4NGOdeL67LX93bYEHba1D9/2gcG909WSJAEsEEBECAAsFAjcox8AECwMBAgAKCRCgxZs7E9st7eiaAKC6jhAEhnhnDLr5B4V2H7SYOkokHwCeOYexEbEe0Xf2VnJO6K2MmcdmN/OJAFUDBRA3KMo/hsldwo1DqVkBAZxcAf9c6OcHRkI9ohqQFV+XmYcgRuPuLL2oD6MT/ZvLu0Gp6RucDWEoA8iQFUNte73wsAkYRU0/Zz4KoiVbtqolta+FiQA/AwUQNyjKSuyQdaHLkpQqEQKeOQCg1vU+iQp2iqHWq5onvydUxAmTU7wAn2e/uhmCjmMXjiBec+ZP0kEbScLWiQA/AwUQNym9aUXWdKqHR/jlEQKNfACg8C+pTwIM+JVnELL4GJAfWE4X33sAnRiA9UHf3SzmidVB72m0E4HaKzMsiQCVAwUQNynMAUZOdo0DD6gNAQFChgQAo69r5WRVrJAzF49CLiOIDmRAZ3eV3MYmxfMZKao2H21Tkr72CnN3y91t+XDXjJN+ciVUZuFKNmF+ubwJ9ittfzsdcuo5bUCkbvuAAtfE3utniYvgDmWNMRzAt720cTZjVTU8nvcZbUlHJx/PSqO/FrgAT0FenmwmCJDFbu8+SA+5Ag0ENyjHwBAIAPZCV7cIfwgXcqK61qlC8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscBqtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFstjvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISnCnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVekyCzsAAgIH/1pIvuZa4dPy6Si59ZYQpuHNX1YEVRuUH5wEP0A0agNue0MOyg6liYFhx+mit7tEFe91wviQVU2vFPthdoqlP0fFlXbMg4SM65U6/NliF5qv1MHfj7TVZ5MQrKGwk0uGYBhESzGat0rU/j6v/XiU5Bzxd9r/Vr/HHSALfk9Q/8NhCXQPjaMuEym4CeVy/IbbuR472k5/O5+sP0eK7xx4eDub+Yg1TELYBoheLvf/FzmNSML/rBpL4jP+ApJbHb/SjW5f0/0dOiUiLmGHNR8zku46WTGd0eOKUoI7rRnNfFMnhFIgv4FunhI6h8alQDfBj31XkyGl40yV+f5C6O30ZYyJAD8DBRg3KMfAoMWbOxPbLe0RAkPUAKCo4sGborU5vtJ0TTh+UcV8k5ynyACeKbCeSGtAKrYcbCtROyRzYAP/BiI==SgNt-----END PGP PUBLIC KEY BLOCK-----
Hashed “fingerprint”:7D91 F6E2 8BA6 F501 1550 A904 A0C5 9B3B 13DB 2DED
(Hexadecimal)
-OR -
klaxon miracle village tomorrow
obtuse paragon vapor adviser
backfield embezzle revenge alkali
ragtime resistor puppy councilman
Aztec suspicious button unify
(Keywords)
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Public Key Distribution
• Published on your personal website
• Carry it around on floppy disc, CD-ROM, USB “jump drive”, etc. for people to copy
• Send as e-mail attachment
• Upload it to a “key server”
• Print it out on a sheet of paper, along with the “fingerprint”– We’ll talk about “key signing parties” in a few minutes
• Rent a billboard…well, you get the idea
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
How do I know that’s really your public key?
• Generating public/private key pairs does NOT require any authentication - you can associate any name and e-mail address with a key pair you choose
• To be completely certain that a given public key actually belongs to the person it claims, you need to physically verify the person’s identity and key in person– Ask for photo ID if necessary– Ask the person to read the “fingerprint”, and verify against a
printed copy– Verify printed copy “fingerprint” against the electronic copy
OR…
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Is the public key “signed”?
• PGP public keys can be “signed” by other private keys as “third party” verification
• If the signer’s public key is one you already have, you can use it to verify the signature
• If you can trust the signer’s key, you can trust the signed key
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP “Web of Trust”
• Built on a network of transitive trust relationships– If Tom trusts Dick…
– And Dick trusts Harry…
– Then Tom can trust Harry
• Only in the context of identification and authentication– Doesn’t necessarily mean Tom is assured Harry is a trustworthy
person…only that he really is Harry
• Functions as sort of an “ad hoc Certificate Authority”
• The more links in the chain, the more likely there’s a weak link somewhere along the line
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP “Key Signing Parties”
• Opportunity for several people to get together and exchange public keys
• Held regularly by ISC Information Security• Print out your public key & fingerprint, bring
with copy of your key - and your PennCard• Security will verify all identities and keys, sign
and distribute them to all attendees
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
Getting Started with PGPNovember, 2005
ISC/Information [email protected]
PGP Mail Menu Window (Mac OS X)
(Windows version uses tray icon/menu)