Encryption is the transformation of data into a form
that is (hopefully)
impossible to read without the knowledge of a key. Its
purpose is to ensure privacy by keeping information hidden from anyone
for whom it is not intended.
Decryption is the reverse of encryption; it is the transformation of
encrypted data back into an intelligible form.
Encryption and decryption generally require the use of some secret information, referred as key. Some encryption mechanisms use the same key for both encryption and decryption; others use different keys for the two processes.
Cryptography is fundamentally based on so called hard problems; i.e. problems that can be solved only with a large computation waste. Some examples are factoring, theorem-proving, and the "travelling salesman problem" (finding the route through a given collection of cities which minimizes the total length of the path).
There are two types of cryptosystems: secret
key and
public key.
In secret key
cryptography (or symmetric cryptography) the same key is used for both
encryption and decryption. The most popular secret-key cryptosystem in
use today is known as DES (Data Encryption Standard), developed by
IBM in the middle 1970's.
In public key cryptography, each user has a public key and a
private key. The first one is made public and the second one remains
secret. The public key is used during encryption, while decryption is
done with the private key. Today the RSA public key cryptosystem is
the most popular form of public key cryptography. RSA stands for
Rivest, Shamir, and Adleman, the inventors of the RSA
cryptosystem.
Another popular public key technique is the Digital Signature
Algorithm (DSA), though it can only be used for signatures.
In secret key (or symmetric) cryptography the sender and receiver
of a message know and use the same secret key: the sender uses the
secret key to encrypt the message, and the receiver uses the same
secret key to decrypt the message.
Using a similar system the main problem to solve is the key management
problem, or getting the sender and receiver to agree on the secret
key without anyone else finding out. Anyone who
intercepts the key in transit can later read, modify, and forge all
messages encrypted or authenticated using that key.
In order to solve this problem,
Whitfield Diffie and Martin Hellman introduced the concept of public
key cryptography in 1976.
In their system, each person gets a pair of keys, one called the
public key and the other called
the private key. The public key is published, while the private key is
kept secret.
The sender and the receiver don't need to share any secret
information because all communications involve only public
keys: no private key is ever transmitted or shared.
Anyone can send a confidential message by just using public
information, but the message can only be decrypted with a private key,
which is in the sole possession of the intended recipient.
The communication scheme is the following: when A wishes to send a secret message to B he uses B's public key to encrypt the message and sends it. B then uses his private key to decrypt the message and read it. Anyone can send an encrypted message to B, but only B can read it (because only B knows B's private key).
In a public key cryptosystem the private key is
always linked mathematically to the public key. Therefore, it is
always possible to attack a public key system by deriving the private
key from the public key. Typically, the defense against this is to
make the problem of deriving the private key from the public key as
difficult as possible.
Some public key cryptosystems are designed such that
deriving the private key from the public key requires the attacker to
factor a large number; in this case to perform the derivation is
computationally infeasible
because multiplying two prime integers
together is easy, but as far as we know, factoring the product of two
prime numbers is much more difficult.
That is the reason because factoring is the underlying, presumably
hard problem upon which several public key cryptosystems are based,
including the RSA algorithm.
It has not been proven that
factoring must be difficult, and remains a possibility that a
quick factoring method might be discovered, though this possibility
is today considered remote.
In general, the larger the number the more time it takes to factor
it. This is why the size of the modulus in RSA
determines how secure an actual use of RSA is; the larger the
modulus, the longer it would take an attacker to factor, and thus the
more resistant the RSA modulus is to an attack.
PGP is a program developped by Phil R. Zimmermann
that allows you to communicate in a
secure way over an insecure channel. Using PGP you can easily and
securely protect the privacy of your data by encrypting them so that
only intended individuals can read it.
PGP is based on public key cryptography: two complementary keys,
called a key pair, are used to maintain secure
communications. One of the keys is designated as a private
key to which only you have access and the other is a public
key which you freely exchange with other PGP users. Both your
private and your public keys are stored in keyring files.
Before you begin using PGP, you need to generate
this key pair.
After you created a key pair, you can begin corresponding with
other PGP users. You will need a copy of their public key and they
will need yours. The public key is just a block of text, so it's quite
easy to trade keys with someone. Some standard techniques are
including your public key in an email message, copying it to a file,
or posting it on a public or corporate key server where anyone can get
a copy when he need it.
After you generated your key pair and exchanged public keys,
you can begin encrypting and signing email messages and files.
The following informations and commands refer to PGP
5.0i. Some changes may occur using a different PGP
release. Informations about getting and installing the program are not
covered in this article.
In order to use PGP features, the first operation you must accomplish is generating a key pair. From the command line enter:
pgpk -g
You must reply to some question in order to generate your keys:
The algorithm to use in the encrypting messages (DSS/DH or RSA).
The key size, or the number of bits used to construct your digital key. A larger key is stronger but it takes more time to encrypt and decrypt. Unless you are exchanging extremely sensitive information you are safe using a key composed of 1024 bits.
Enter your user ID. It's not absolutely necessary to enter your real name or even your email address. However, using your real name makes it easier for others to identify you as the owner of your public key. For example:
Matteo Dell'Omodarme <[email protected]>
If you do not have an email address, use your phone number or some other unique information that would help ensure that your user ID is unique.
Enter a passphrase, a string of characters or words you want to use to maintain exclusive access to your private key.
The generated key pair is placed on your public and secret keyrings in your $HOME/.pgp directory. Here you can find the file pubring.skr, containing the public keys and the file secring.skr, the file of your secret key.
pgpk is the command to use in order to manage public and private keys for PGP. So you can extract your public key from your keyring in such a way:
pgpk -x my_username@my_hostname > my_keyTo add a new public key, stored in keyfile, into your database:
pgpk -a keyfileand, to remove a key:
pgpk -r newuser@new_hostname
pgpe encrypts and signs files using public key cryptography,
or encrypts files using conventional cryptography.
The simplest use of the command is the following:
pgpe text_file newuser@new_hostnamewhich encrypts the plaintext file text_file using the public key of the intended receiver. Many options are available (see the pgpe manual page), some of them are reported here:
-a, --armor:
Turn on "ASCII Armoring". This outputs a text-only
version of your encrypted text. This makes the
result safe for mailing, but about 30% larger.
-f:
Stream mode. Accepts input on stdin and places
output on stdout. If no files are specified as
arguments, PGP executes in this mode by default.
-o outfile:
Specifies that output should go to outfile. If not
specified, output goes to the default filename.
The default filename for each input file is the
input filename with ".pgp" appended, unless ASCII
Armoring is turned on, in which case it is ".asc".
It is an error to specify multiple input files with
this option.
-t:
Turns on text mode. This causes PGP to convert
your input message to a platform-independent form.
It is primarily for use when moving files from one
operating system to another.
pgpv decrypts and verifies files encrypted
and/or signed by PGP.
In order to decrypt a message encrypted using your public key enter the command:
pgpv text_file.pgpSome options are available; among them there are:
-f:
Stream mode. Accepts input on stdin and places
output on stdout. If no files are specified as
arguments, PGP executes in this mode by default.
-o outfile:
Specifies that output should go to outfile. If not
specified, output goes to the default filename.
The default filename for each input file is the
input filename with the ".pgp" ".asc" or ".sig"
removed. It is an error to specify multiple input
files with this option.
An useful option of the the mailer Pine makes possible to handle automatically the encryption of outgoing messages and the decryption of the received ones. In the file $HOME/.pinerc search for the lines starting with display-filters and sending-filters and do the following insertions:
# This variable takes a list of programs that message text is piped into # after MIME decoding, prior to display. display-filters=_BEGINNING("-----BEGIN PGP MESSAGE-----")_ /usr/bin/pgpv # This defines a program that message text is piped into before MIME # encoding, prior to sending sending-filters=/usr/bin/pgpe -taf _RECIPIENTS_
The display-filters line says that: "when a received mail starts with the given string (i.e. -----BEGIN PGP MESSAGE-----) process its contents using the program /usr/bin/pgpv". Since all PGP messages start in such a way all PGP encrypted messages are automatically trapped by pgpv and decrypted (obviously only if they are encrypted with your public key).
The sending-filters line sets /usr/bin/pgpe as the program processing outgoing messages, using the email address (i.e. _RECIPIENTS_) of the intended receiver to select which public key must be used by PGP encryption mechanism.
Occurred the previous modifications, you are able to send encrypted messages or plaintext messages, choosing among them at sending time. A question is asked before your mail is sent out:
Send message (unfiltered)?
Replying Y to the question forces Pine to
send the mail in a
plaintext form, while hitting Ctrl-N sequence (i.e. Next
Filter option) make you able to choose among different filters.
If pgpe is the sole filter defined, the following message is displayed:
Send message (filtered thru "pgpe")?
Replying Y to that question makes Pine encrypt the message with the appropriate public key and send it.