Does your organization have a need for secure, encrypted communications? Perhaps you're working with sensitive business strategy documents that, in the wrong hands, could cause your employees and stockholders no end of grief. Perhaps you need to exchange e-mail with off-site business partners—and you need to do so without the fear that your messages are being intercepted and read, while they're en route. If so, you should take a look at GNU Privacy Guard, a public key cryptography system created by the GNU project , with assistance from the German Federal Ministry of Economics and Technology.
In this Daily Drill Down, I'll explain the fundamental concepts underlying GNU Privacy Guard. After a brief introduction to the program, you'll learn the essential concepts of public key encryption, the technology that underlies GNU Privacy Guard. In plain English, you'll learn how to decode this technology's confusing terminology, and you'll learn ways that you can apply GNU Privacy Guard to the sensitive and confidential tasks your organization undertakes.
Introducing GNU Privacy Guard
Why look at GNU Privacy Guard? In brief, GNU Privacy Guard—or GnuPG, for short—is a full implementation of OpenPGP, a public Internet standard. Unlike PGP, GnuPG does not rely on patented algorithms. What's more, GnuPG isn't a U.S. product, so it's not subject to U.S. export restrictions. In addition, GnuPG is available for a huge variety of platforms, including virtually all UNIX-like systems, Windows 95, and Windows NT. In sum, GnuPG stands a good chance of becoming the de facto standard for encryption technology.
What can you do with GnuPG? Here's the short take: You can use GnuPG to encrypt files on your computer—and what's more, you can do so with a level of encryption that is, for all practical purposes, unbreakable. You can also digitally sign your files so that, whether or not they’re encrypted, you’ll be able to tell whether someone has tampered with them. The same goes for e-mail: You can use GnuPG to send and receive secure, encrypted messages, and you can digitally sign the messages so that it's immediately apparent whether they've been altered en route.
If you're thinking about trying out GnuPG at work, be aware that many companies have strict policies against employees' possession of encrypted files. They fear that employees may try to steal sensitive documents, intending to offer them to competitors in exchange for a lucrative job offer. Before investigating GnuPG, learn your company's policies and clear your plans with your supervisor. In addition, the use of public key encryption is not legal in some countries, and other countries are contemplating legislation that would restrict or prohibit the use of this technology. For more information, see Crypto Law Survey, maintained by Bert-Jaap Koops. If you're in doubt about the legality of using encryption software in your country, consult an attorney. Also, be aware that GnuPG shouldn't be used to conceal illegal activities; although the case law on this issue is still evolving, judges may take the view that forcing you to divulge your private key does not amount to self-incrimination (see the Crypto and Self-Incrimination FAQ for an interesting discussion of this issue).
Understanding public key cryptography
All encryption boils down to some technique to scramble a readable message (called plaintext) so that its contents, if intercepted, look like gibberish. The scrambled message is called ciphertext. To read the ciphertext, the intended recipient needs the key, the formula that decodes the message and restores the readable, plaintext version. As this section explains, the encryption techniques prevailing until the 1970s had a serious flaw, which public key encryption remedies in a way that has revolutionary implications—and as you'll see, these implications extend to the technology's social as well as technical impact.
Symmetric key encryption: The old, insecure way
Until the 1970s, the prevailing encryption techniques (called symmetric ciphers) had a serious flaw. This flaw comes into play when you're trying to send a secret message from one place to another: You must send the decoding key as well as the message to the intended recipient. For this reason, you couldn't initiate secret communications with someone unless you'd made prior arrangements. Worse, you had to send the key through an insecure channel. Banks and military intelligence organizations often rely on human couriers for this purpose. But what if the courier is compromised by bribes from the bank's competitor—or turns out to be a double agent?
Public key encryption: The new, highly secure way
Public key encryption, the technology underlying GnuPG, solves the problems of previous encryption technologies. In brief, public key encryption uses two keys, not one: the public key and the private key (also called the secret key). You can freely give the public key to anyone; in fact, you can post it on the Internet. Anyone who wishes to send a secret message to you employs your public key to encrypt the message; once this is done, it cannot be read until it is decoded using your private key.
Similarly, when you wish to send a secret message to someone, you obtain this person's public key and use it to encrypt the message. The message cannot be read until it is decrypted using the recipient's private key. As this example illustrates, public key encryption eliminates the major vulnerability of single-key encryption techniques in that the decoding key is never sent to anyone. Of course, public key encryption is viable only as long as the private key cannot be determined by analyzing the public key. Experience to date suggests that, as long as you use a key of sufficient length (at least 1,024 characters), brute-force (repetitive-guess) techniques cannot be used to break messages encrypted with public key technology.
Is public key encryption a threat to public safety?
Public key encryption is nothing short of revolutionary—and that's true for its social as well as its technical implications. Security agencies worry that foreign adversaries will obtain public key technologies and use them to their advantage. For these reasons, the U.S. government defines public key encryption technologies as a munition and imposes crippling restrictions on their export. These policies seem ludicrous in view of the fact that strong encryption technologies are easily available anywhere in the world. In fact, you'll need to obtain GnuPG from outside the United States; if GnuPG were made available from the GNU Project's home system in Cambridge, Massachusetts, it would be subject to the same, crippling export restrictions that have kept U.S. companies out of the encryption market. (You'll find information on obtaining and installing GnuPG later in this Daily Drill Down.)
In addition, U.S. law enforcement officials worry that drug dealers, terrorists, child pornographers, and other unsavory types will use public key encryption to evade detection. For this reason, the U.S. government is pushing for the mandated use of key recovery schemes, in which encryption software would include a built-in trap door that would enable law enforcement personnel to decode an encrypted message. Experts believe that such a trap door could introduce grave vulnerabilities, which attackers could exploit. The burgeoning world of electronic commerce depends on strong, reliable encryption, and key recovery systems won't fill the bill. For example, banks are solidly opposed to the government's key recovery proposals, and they're not enthusiastic about the U.S.-designed Pretty Good Privacy (PGP), which is designed to enable the type of trap door that the government wants. In fact, PGP's shortcomings in this area helped spur the GnuPG project. GnuPG contains no code that would enable a third party to decode an encrypted message.
It's inevitable that crooks, terrorists, and child pornographers will use public key encryption, but let's face it: The cat's out of the bag. It's too late to stop the dissemination of this technology. For law-abiding citizens, the only remaining question is whether you'll learn how to use it to best advantage for legitimate, lawful purposes. GnuPG has all the answers.
Just how secure is GnuPG?
GnuPG is safe enough to protect you from all but the most concerted efforts to break your code, but much depends on you. For example, there's a trade-off between execution speed and key length; if you choose a lengthy encryption key (more than 1,024 characters), you decrease the chance that an attacker could decrypt your messages using brute-force techniques, but you also increase the load on your system. (With public key encryption, CPU usage increases exponentially with every increase in the length of the encryption key you're using.) Generally, you'll be safe enough with an encryption key length of 1,024 characters. As far as anyone knows right now, keys of that length are operationally secure, in the sense that the time and expense involved to break messages encrypted with such a key almost certainly exceed the value of the encrypted messages.
But key length can't protect you against carelessness. If an attacker is intent on decrypting your data, there are much easier methods available than trying to determine the cipher you're using. For example, perhaps you've written down your passphrase somewhere in your office, where an intruder can find it. Memorize your passphrase and don't write it down! Worse, suppose you've left your secret key on the hard disk of a system connected to an insecure network, where it's accessible to electronic intruders. Always protect yourself by writing your private key to a write-protected floppy disk or a CD, and don't leave these disks in your office when you're away from your desk.
Although public key encryption solves the courier vulnerability problems of previous encryption techniques, it introduces a problem of its own: inefficiency. Public key technologies require much more CPU horsepower than symmetric ciphers. For this reason, GnuPG uses hybrid encryption: The program uses public key encryption to distribute symmetric cipher keys in a secure channel. It then relies on symmetric ciphers for most of the grunt work of encrypting and decrypting files and messages.
Here's how hybrid encryption works. When you send someone a message, GnuPG uses your recipient's public key to encrypt the session key, a symmetric key that varies for each message you send. The session key is then used to encrypt the rest of the message. When your message reaches its destination, the recipient's software decodes the session key using the private key, and then uses the session key to decode the rest of the message.
Public key encryption technology also supports digital signatures. In brief, a digital signature enables a recipient to judge whether a given message is really from you, and whether it has been altered while it was en route. You don't need to encrypt a document in order to sign it digitally; encryption is optional. However, your recipient does need your public key in order to verify your signature.
Because you'll be working with your own key pairs and your correspondents’ public keys, you need key management capabilities. GnuPG provides a number of tools to help you manage your key ring, where the various keys are stored. To help you manage keys, GnuPG enables you to associate each key with a user-friendly user ID, which consists of the person's real name and e-mail address. You can use GnuPG’s key management capabilities to examine the keys on your key ring. You can perform actions such as adding new keys, editing user IDs, and deleting unneeded keys.
When you create your key pair with GnuPG, the program automatically creates two kinds of private keys: a master key, which is used for digital signatures, and a subkey, which is used to decode incoming messages. The program makes this distinction for the following reasons. You do not want your master key (also called signing key) to change very often; if you change it, your correspondents will have to update their key rings in order to tell whether your messages are really from you. However, it's wise to change your subkey from time to time. This key is used to decode the encrypted messages that are sent to you. By changing the key, you gain protection against attackers who may have obtained your private key, perhaps by breaking into your office and copying information off your computer. To safeguard yourself against such attacks, it's wise to store your subkey on a write-protected floppy disk, which you keep in your personal possession at all times.
Web of trust
To prevent man-in-the-middle attacks that involve the use of forged public keys, GnuPG applies your digital signature to your public key. When you send your public key to others, the recipients can immediately discern whether the key has been altered in some way. However, there's still a chance that the key isn't really from you. Perhaps someone has broken into your office and discovered that you wrote your passphrase on the bulletin board. GnuPG cannot provide total security because human behavior comes into play.
To include some measure of protection against users who fail to use the technology properly, GnuPG implements the Web of trust system. In this model, you attach your own digital signature to the public keys you receive. When you do, you attest your level of confidence that the key is, in fact, genuine, and that the person who created the key is a responsible and trustworthy user of GnuPGP technology. If you know the correspondent well and you are certain that the key has not been compromised, you can affirm a high level of trust. This attestation is visible to others. A given public key may receive several such attestations, which inspires confidence that it is, indeed, genuine.
To facilitate the distribution of OpenPGP-compatible public keys, volunteers have created a worldwide system of keyservers. In brief, a keyserver is a database-linked Web site that performs two functions: It enables users of GnuPG (and other OpenPGP-compatible programs) to submit their public keys, and it enables site visitors to search for and download a person's public key. For example, suppose I upload my public key to a keyserver. Once I've done so, you can visit the keyserver, search for my name, and download my public key. Then, you can send me a secret, encrypted message—even though we've never previously exchanged messages.
Several OpenPGP keyservers exist, and they're designed to periodically refresh each other’s databases so that, in time, all keyservers have copies of all the keys users have contributed. For this reason, you should visit a keyserver close to your area. Currently, there are keyservers in Austria, Belgium, Finland, Germany, Thailand, and the U.S. For more information on keyservers, visit Open PGP Keyserver .
Obtaining and installing GnuPG
To obtain GnuPG for Linux, visit one of the following sites:
- If you would like to compile GnuPG using source code tarballs, grab them from the official GNU site .
- To obtain RPM packages for the Linux version of GnuPG, go to this gpgdirectory via FTP. Currently, up-to-date RPMs are available for Intel 386 and 686 systems running Red Hat Linux 5.x and 6.x.
- A Windows 95/98 version is available from the official GNU site . Note that this is an alpha version and shouldn't be used for mission-critical purposes.
What you'll need
To run GnuPG on your Linux system, you'll need the random devices files—specifically, /dev/random and /dev/urandom. To determine whether these devices exist, do the following: In a terminal window, type cd:/dev/randomand press [Enter]. Do the same with cd /dev/random. If these devices exist, you’ll see these pathnames echoed at the terminal. If they do not exist, create them. Switch to superuser, type mknod /dev/random c 2 3 ; mknod /dev/random c 2 4, and press [Enter].
Installing GnuPG from the RPM binary
To install GnuPG from RPM binaries, type rpm -ivh gnupg*rpm.
Installing GnuPG from the source code tarball
If you've downloaded the GnuPG tarballs and you're planning to install the software by compiling from the source code, follow these steps:
- To verify that the version of GnuPG you have downloaded is genuine, type the following: md5sum gnupg*.gz. You'll see a checksum on-screen. Verify that this checksum is identical to the one published on GnuPG's download page.
- In the directory where you've downloaded the GnuPG tarball, type the following: tar -xvzf gnupg*.gz, and press [Enter].
- Switch to the directory tar created by typing cd gnupg* and pressing [Enter].
- Type ./configure, and press [Enter].
- Assuming the configure utility exits without error, type make and press [Enter].
- Switch to superuser (type su and press [Enter]).
- Type make install and press [Enter].
Bryan Pfaffenberger, a UNIX user since 1985, is a University of Virginia professor, an author, and a passionate advocate of Linux and open source software. A Linux Journal columnist, his recent Linux-related books include Linux Clearly Explained (Morgan-Kaufmann) and Mastering Gnome (Sybex; in press). His hobbies include messing around with his home LAN and sailing the southern Chesapeake Bay. He lives in Charlottesville, VA. If you’d like to contact Bryan, send him an e-mail.The authors and editors have taken care in preparation of the content contained herein, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.