Difference between revisions of "Pretty Good Privacy"

From Wiki | LUG@UCLA
Jump to: navigation, search
 
(32 intermediate revisions by 8 users not shown)
Line 1: Line 1:
 +
{{Note|This page is still under construction. See the '''Links''' section at the bottom of this page for more info.}}
 +
 +
'''Pretty Good Privacy (PGP)''', or '''OpenPGP''', makes it possible for people to encrypt their email and other communications over the internet.
 +
 +
PGP offers end-to-end encryption, which is a trust model that does not require users to trust a centralized service provider. It is sufficient that the users trust only who they communicate with. This is unlike server-side encryption solutions, such as that used by Outlook.com ([http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data the NSA reads your encrypted Outlook messages]).
 +
 +
Furthermore, PGP implementations such as GnuPG and APG (for Android) are trustworthy because they are free and open source software (FOSS). By contrast, closed source security software may claim to offer reliable encryption, but that is very difficult to prove. Actually, these security claims are easy to disprove: [http://nakedsecurity.sophos.com/2013/05/22/microsofts-reading-skype-messages/ all Skype messages are tapped by Microsoft].
 +
 
== Motivation ==
 
== Motivation ==
  
The internet without encryption is synonymous to a crowd of people yelling at each other; a curious eavesdropper can easily walk up to the party in question and listen. It would simply be too dangerous to transmit obviously sensitive information over the internet, such as social security numbers or online banking passwords. You may try to encrypt those sensitive communications, but dedicated eavesdroppers can take the composite of the remainder of your internet communications to paint a detailed picture of your personality and habits.
+
The internet without encryption is synonymous with a crowd of people yelling at each other; a curious eavesdropper can easily walk up and listen. It would simply be too dangerous to transmit obviously sensitive information over the internet, such as social security numbers or online banking passwords. You may try to encrypt those highly sensitive communications, but dedicated eavesdroppers can collect the rest of your unencrypted internet communications to paint a detailed picture of your personality and habits. For more on motivations, see our [[Internet Surveillance]] page.
  
<blockquote>"My life's an open book," people might say. "I've got nothing to hide." But now the government has large dossiers of everyone's activities, interests, reading habits, finances, and health. What if the government leaks the information to the public? What if the government mistakenly determines that based on your pattern of activities, you're likely to engage in a criminal act? What if it denies you the right to fly? What if the government thinks your financial transactions look odd&mdash;even if you've done nothing wrong&mdash;and freezes your accounts? What if the government doesn't protect your information with adequate security, and an identity thief obtains it and uses it to defraud you? Even if you have nothing to hide, the government can cause you a lot of harm.</blockquote>
+
== Using GNU Privacy Guard ==
  
In the above passage from the book ''Nothing to Hide'', Daniel J. Solove extrapolates on what could happen if everybody simply accepted the notion that the benefits of government surveillance outweigh the disadvantages. Pretty Good Privacy is currently one of the best ways to combat surveillance and eavesdropping in the digital world.
+
This section is geared towards beginners who have never used PGP software. It will cover setup, and an example conversation.
  
== Practice ==
+
=== Setup ===
 +
Generate your PGP keypair:
 +
 
 +
$ gpg --gen-key
 +
 
 +
<span style="color:red">'''WARNING:'''</span> make sure you understand the implications of holding a private key:
 +
* DO NOT generate it on a computer you don't own and have ''full control'' over.
 +
* DO NOT store your private key on Dropbox, Sky Drive, or any other cloud storage service.
 +
* DO use a very strong passphrase (multiple words, aka "phrase")
 +
 
 +
Now, you should share your ''public'' key. You can do this by emailing your public key to your friends, or syncing it with the global network of PGP keyservers. To do the latter:
 +
 
 +
$ gpg --send-keys '''<your key ID>'''
 +
 
 +
<span style="color:red">'''WARNING:'''</span> this is irreversible. Make sure you are prepared to protect your private key and you are using a very strong passphrase.
 +
 
 +
Now you might want to import your friend's public key into your local gpg keyring. If they synced their key with the keyservers, you can search their name:
 +
 
 +
$ gpg --search-keys '''<full name>'''
 +
 
 +
and follow the instructions to import their key. If you already know their key ID, directly import it with:
 +
 
 +
$ gpg --recv-keys '''<key ID 1>'''
 +
 
 +
=== Example conversation ===
 +
<span style="color:red">TODO</span>
 +
# compose message to your friend
 +
# click the "PGP Encrypt" check box
 +
# send message
 +
# provide the passphrase for your PGP private key
  
 
== Theory ==
 
== Theory ==
 +
 +
The following is a high level description of the nuts and bolts of PGP, and is not necessary to understand if you just want to use it.
 +
 +
Two typical methods of encrypting data include 1) secret-key and 2) public-key. PGP uses public-key cryptography, but both methods are described for comparison.
  
 
'''Secret-key (symmetric) cryptography'''&mdash;Alice wants to send Bob a secret message. They both agree on a single secret password to use as an encryption/decryption key. Alice can use that key to encrypt data to send to Bob, and Bob can use that key to decrypt data received from Alice. Mathematically, a symmetric cipher is just a one-to-one function that is easily invertible&mdash;apply the function to encrypt data, or apply its inverse decrypt data. The key describes the characteristics of the function; without the key, one cannot determine the function or its inverse.
 
'''Secret-key (symmetric) cryptography'''&mdash;Alice wants to send Bob a secret message. They both agree on a single secret password to use as an encryption/decryption key. Alice can use that key to encrypt data to send to Bob, and Bob can use that key to decrypt data received from Alice. Mathematically, a symmetric cipher is just a one-to-one function that is easily invertible&mdash;apply the function to encrypt data, or apply its inverse decrypt data. The key describes the characteristics of the function; without the key, one cannot determine the function or its inverse.
Line 46: Line 87:
 
* Only the public (decryption) key needs to be sent over the network, so an eavesdropper cannot simply steal the key by performing a man-in-the-middle attack.
 
* Only the public (decryption) key needs to be sent over the network, so an eavesdropper cannot simply steal the key by performing a man-in-the-middle attack.
 
* Large groups of people can easily communicate because each person only needs to generate his or her own key pair. The number of key pairs in the network is linear with the number of people (2n). Alice never needed to negotiate with Bob to agree on a shared secret key&mdash;they each simply generated their own key pairs and grabbed each other's public key.
 
* Large groups of people can easily communicate because each person only needs to generate his or her own key pair. The number of key pairs in the network is linear with the number of people (2n). Alice never needed to negotiate with Bob to agree on a shared secret key&mdash;they each simply generated their own key pairs and grabbed each other's public key.
 +
 +
== Warnings ==
 +
 +
As stated in the introduction, PGP's trust model requires that the user trusts his or her computer, which means trusting ''all'' the software on his or her computer. The use of open source software on a computer is a prerequisite for trusting the computer, so we advise against the use of untrustworthy proprietary systems such as Microsoft Windows or Mac OS X. Instead, we recommend GNU/Linux or BSD. If you are not already using an open source operating system, see our [[Getting started]] page for some guidance.
  
 
== Links ==
 
== Links ==
  
 
* [http://www.gnupg.org/gph/en/manual.html The GNU Privacy Handbook]
 
* [http://www.gnupg.org/gph/en/manual.html The GNU Privacy Handbook]
 +
* [http://irtfweb.ifa.hawaii.edu/~lockhart/gpg/gpg-cs.html GPG Cheat Sheet]
 
* [https://en.wikipedia.org/wiki/Symmetric-key_algorithm Symmetric-key algorithm &ndash; Wikipedia]
 
* [https://en.wikipedia.org/wiki/Symmetric-key_algorithm Symmetric-key algorithm &ndash; Wikipedia]
 
* [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography &ndash; Wikipedia]
 
* [https://en.wikipedia.org/wiki/Public-key_cryptography Public-key cryptography &ndash; Wikipedia]
 +
* [http://docs.law.gwu.edu/facweb/dsolove/Nothing-to-Hide/ Nothing to Hide, by Daniel J. Solove (non-free book)]
 +
* [http://blog.sanctum.geek.nz/series/linux-crypto/ Linux Crypto by Tom Ryder]

Latest revision as of 12:32, 3 December 2013

Note Note: This page is still under construction. See the Links section at the bottom of this page for more info.

Pretty Good Privacy (PGP), or OpenPGP, makes it possible for people to encrypt their email and other communications over the internet.

PGP offers end-to-end encryption, which is a trust model that does not require users to trust a centralized service provider. It is sufficient that the users trust only who they communicate with. This is unlike server-side encryption solutions, such as that used by Outlook.com (the NSA reads your encrypted Outlook messages).

Furthermore, PGP implementations such as GnuPG and APG (for Android) are trustworthy because they are free and open source software (FOSS). By contrast, closed source security software may claim to offer reliable encryption, but that is very difficult to prove. Actually, these security claims are easy to disprove: all Skype messages are tapped by Microsoft.

Motivation[edit]

The internet without encryption is synonymous with a crowd of people yelling at each other; a curious eavesdropper can easily walk up and listen. It would simply be too dangerous to transmit obviously sensitive information over the internet, such as social security numbers or online banking passwords. You may try to encrypt those highly sensitive communications, but dedicated eavesdroppers can collect the rest of your unencrypted internet communications to paint a detailed picture of your personality and habits. For more on motivations, see our Internet Surveillance page.

Using GNU Privacy Guard[edit]

This section is geared towards beginners who have never used PGP software. It will cover setup, and an example conversation.

Setup[edit]

Generate your PGP keypair:

$ gpg --gen-key

WARNING: make sure you understand the implications of holding a private key:

  • DO NOT generate it on a computer you don't own and have full control over.
  • DO NOT store your private key on Dropbox, Sky Drive, or any other cloud storage service.
  • DO use a very strong passphrase (multiple words, aka "phrase")

Now, you should share your public key. You can do this by emailing your public key to your friends, or syncing it with the global network of PGP keyservers. To do the latter:

$ gpg --send-keys <your key ID>

WARNING: this is irreversible. Make sure you are prepared to protect your private key and you are using a very strong passphrase.

Now you might want to import your friend's public key into your local gpg keyring. If they synced their key with the keyservers, you can search their name:

$ gpg --search-keys <full name>

and follow the instructions to import their key. If you already know their key ID, directly import it with:

$ gpg --recv-keys <key ID 1>

Example conversation[edit]

TODO

  1. compose message to your friend
  2. click the "PGP Encrypt" check box
  3. send message
  4. provide the passphrase for your PGP private key

Theory[edit]

The following is a high level description of the nuts and bolts of PGP, and is not necessary to understand if you just want to use it.

Two typical methods of encrypting data include 1) secret-key and 2) public-key. PGP uses public-key cryptography, but both methods are described for comparison.

Secret-key (symmetric) cryptography—Alice wants to send Bob a secret message. They both agree on a single secret password to use as an encryption/decryption key. Alice can use that key to encrypt data to send to Bob, and Bob can use that key to decrypt data received from Alice. Mathematically, a symmetric cipher is just a one-to-one function that is easily invertible—apply the function to encrypt data, or apply its inverse decrypt data. The key describes the characteristics of the function; without the key, one cannot determine the function or its inverse.

Symmetric cryptography has some disadvantages:

  • At the very beginning, when Alice and Bob initially exchanged the key, the exchange could have been transparently intercepted by a third party (assume Alice and Bob were not using a secure channel to exchange the key because that is precisely what we are trying to build!). With a stolen key, a third party can eavesdrop on Alice or Bob, and even pretend to be Alice or Bob.
  • It is unwieldy for large groups of people to communicate privately, since the number of keys is polynomial with the number of people (recall the number of edges in a complete graph of n nodes):
    # people # keys
    2 1
    3 3
    4 6
    5 10
    6 15
    n n(n-1)/2
    A series of complete graphs from n=2 to 15. Each edge represents a secret key that has been exchanged between two people (nodes).

Public-key (asymmetric) cryptography—rather than just using one key, a public-key cipher uses a pair of keys for sending messages. One is a public key used for encryption, and the other is a private key used for decryption. Anybody, including Alice, can use Bob's public key to encrypt messages, but those messages can only be decrypted with the corresponding private key which Bob keeps to himself. If Alice also has a public/private key pair then she can send and receive secret messages to and from Bob.

Public-key cryptography addresses some problems with secret-key cryptography:

  • Only the public (decryption) key needs to be sent over the network, so an eavesdropper cannot simply steal the key by performing a man-in-the-middle attack.
  • Large groups of people can easily communicate because each person only needs to generate his or her own key pair. The number of key pairs in the network is linear with the number of people (2n). Alice never needed to negotiate with Bob to agree on a shared secret key—they each simply generated their own key pairs and grabbed each other's public key.

Warnings[edit]

As stated in the introduction, PGP's trust model requires that the user trusts his or her computer, which means trusting all the software on his or her computer. The use of open source software on a computer is a prerequisite for trusting the computer, so we advise against the use of untrustworthy proprietary systems such as Microsoft Windows or Mac OS X. Instead, we recommend GNU/Linux or BSD. If you are not already using an open source operating system, see our Getting started page for some guidance.

Links[edit]