Instructions for Shell *Easy PGP* Version: 0.90 of 10.05.1995 (C) Manfred Ssykor eMail: msy@lafp.tng.oche.de Contents Contents ======== 1 Introduction 1.1 What is PGP? 1.2 Why should one encrypt anyhow? 1.3 What does PGP cost? 1.4 What is RSA? What is a public key procedure? 1.5 How does RSA work? 1.6 What is IDEA? 1.7 What are encrypted PGP data-packets doing in news groups? 1.8 What are 'signatures' good for? 2 The shell 3 Shareware 3.1 Details for registering in the UK 3.2 Getting the newest release 4 Legal information 4.1 Copyright 4.2 Exclusion of liability 4.3 Trademarks 5 The future of Easy_PGP 6 Installation 7 Distribution 8 Using the program 8.1 Keyboard control 8.2 The menu bar 8.3 Menu: EASY-PGP 8.3.1 About Easy_PGP 8.4 Menu: File 8.4.1 Quit 8.5 Menu: Key Management 8.5.1 Add a key 8.5.2 Change a key 8.5.3 Extract a key 8.5.4 Generate a key 8.5.5 Remove all revoked keys 8.5.6 Remove a key 8.5.7 Remove a signature 8.5.8 Revoke a key 8.5.9 Sign a key or key-ID 8.5.10 View a key 8.5.11 Lock/Unlock key 8.5.12 View trust-parameter 8.5.13 Check keyring 8.6 Menu: Crypt 8.6.1 Decrypt 8.6.2 Encrypt 8.6.3 Generate detached signature 8.6.4 Check detached 8.6.5 Expert mode 8.7 Menu: Options 8.7.1 Edit options 8.7.2 More options 8.7.3 Save options 9 About this Help Appendix ======== A The beta-testers B Known bugs C Description of the INF-file D Exit-codes E Version history E.1 V0.90 04.10.95 E.2 V0.31 20.07.95 E.3 V0.23 21.05.95 1 Introduction ============== These instructions contain text passages that have been translated from a German version of PGP-FAQ's (for V2.3a). I would like to thank Marc Auriel here for his help. Why should I try and explain PGP (or the PGP functions) when these are included in the main PGP documentation? Therefore only a short summary is included here. The reader is referred to the DOC\ folder of the PGP program package for further details. /NOTE:/ Due to the translation of the documentation by Peter West some references don't run correctly (i can be). If you found such a "bug" please inform me, Manfred Ssykor. Thanx. /Translator's note:/ Some of the cross-references in this hypertext to external .HYP files may not work properly (unless one has the relevant files in the folders assigned by the original author; in particular, many references are made to the 'aip.HYP' folder). They have been left in to benefit users who have, or can obtain, the required hypertexts. 1.1 What is PGP? ---------------- PGP is a cryptographic program that has been implemented on many different platforms (e.g. DOS, various Unix versions, VAX/VMS, IBM mainframes, Macintosh, AMIGA, Archimedes) and has become the de-facto standard on many computer networks. Attempts are being made for PGP to become the standard on the Z-net as well. The encryption process used by PGP permits an *extremely* secure exchange of files or messages. So secure that to date no one has succeeded in developing a process to decrypt the messages -- at least no one who can talk about it. A speciality of PGP is that one can send encrypted messages to people one has never met or talked to. Traditional cryptographic techniques use a single key. Two people meet and agree this key, and both use it for coding as well as for decoding. PGP manages conventional encryption with *one* password, but additionally uses the so-called /'public key' process/ where *every* sender can encrypt messages with the freely available /public key/ of the recipient but *only* the latter can decode them (by using their private key). Note, *ONLY* the recipient, no one else! Not even the sender. The management of various public keys is undertaken automatically by PGP in a keyring file (see 'Add a key'). There is a small problem with one aspect of Key Management that PGP cannot overcome by itself. This includes questions such as: Which keys can I be /really!/ 100% certain that they belong to the alleged owners because I know them personally and I have verified their keys with them? Which users do I trust sufficiently that I can accept keys certified by them as valid without making my own checks? 1.2 Why should one encrypt anyhow? ---------------------------------- For the same reason that one doesn't send all one's snail-mail on post- cards, but uses sealed envelopes as a rule. /'I have nothing to hide!'/ Anyone participating in life on the nets for some time often finds that they form surprisingly intensive relationships with people that they have never seen. During a longish 'conversation' a certain degree of trust develops as a rule, possibly to the point where one wants to pass information to the partner that one would not give to /everyone/. This need not involve some sexual or criminal confessions -- even one's own monthly income is seen by many as /confidential information/. In many mailboxes encryption of electronic messages within the system is therefore usual. On the other hand net buffers, for instance, land quite /unprotected/ on the hard disk of the mailbox provider. /'No one is going to spy on me!'/ Encryption does not just protect from intentional prying in your data, but also from /mishaps/. The /big, bad SysOp/ who copies all the private messages that run through his system to a secret file, and then hunts through them for intimacies is, one hopes, just a figment of the imagination. On the other hand, messages that arrive at the wrong destination, or land in a dead letter box because they are /undeliverable/ and then have have to be forwarded manually by the SysOp are an everyday phenomenon. One can also think of other horror scenarios: A mailbox is closed by the legal authorities for some reason, the computer confiscated, all existing net buffers evaluated. Everyone should decide for themselves whether they have really never written a message that - in the eyes of a prosecutor looking for /incriminating evidence/ - could lead to a false or even a justified suspicion being drawn to themselves... After all (in Germany) we are living in a country that likes to pursue high-speed modem users as much as parking offenders or consumers of soft drugs. A mailbox hard disk is sold, but not wiped in a way that parts of the data it contained cannot be restored. A SysOp can no longer pay his phone bill, the telecom company seizes his computer and auctions it off. All these are possibilities how data, which we thought was completely /confidential/, could get into the wrong hands. But there is also a political aspect: In the United States a hot debate has arisen about a government attempt to standardise on a cryptographic system (the /'Clipper'/chip) that as a special /feature/allows decryption of _any_ file by the government ('when duly authorised by law'). With PGP we have the chance to establish de facto standards in European networks before governments formulate policies that saddle us with restrictions. 1.3 What does PGP cost? ----------------------- PGP is freeware, so doesn't cost a penny. If we look over the big pond, then the situation is a little different: In the USA (and Mexico, possibly also Canada, but quite certainly not in Europe!) a part of PGP, namely the RSA algorithm, is protected by a national patent. Lately, however, an alternative commercial product has become available (/ViaCrypt/) whose sale price includes the licence fee for RSA. 1.4 What is RSA? What is a public key procedure? ------------------------------------------------ In the RSA cryptosystem, named after its developers Rivest, Shamir and Adleman, a complementary pair of keys is generated for each user, where the one in practice cannot be calculated from the other. Nevertheless a message that has been encrypted with one key can be decrypted with the other. The advantage of this procedure lies in the fact that one half of the pair - the 'private key' - is kept secret by its user whereas the other half - the 'public key' - can be distributed generally. Anyone who has your public key can send you an encrypted message without first having to agree a common key with you over a secure channel. 1.5 How does RSA work? ---------------------- />>> Christopher Creutzig :/ I can contribute something to the question '/How does RSA work?/' :-)) Note: Mathematical, and actually unimportant :-) *phi(x)* is a Euler phi-function that denotes the total of numbers *n* from *N* that are smaller than *x* and not divisible into *x*. This is of no further importance, the interest lies in the fact that for two *primary* numbers *p* and *q*, the following applies: phi(p*q) = (p-1)*(q-1). The following also applies: _ _ a^(phi(z)) = 1 (mod z) [ = means: 'congruent modulo' ] (!I)(Prime number theory; I don't have the proof to hand)(!i) Therefore also: _ a^(phi(z)+1) = a (mod z) (a>> Garry Glendown , extract from IX 2'94:/ In 1978 Rivest, Shamir and Adleman published the first description of the implementation of asymmetrical coding processes, based on work by Diffie and Hellman published in 1976. Presented here is a short description - without mathematical proof - of the principal procedures during (de)coding. The basis for calculating the private and public keys are first of all the two prime numbers *p* and *q*. From these one calculates a part of the public key, the number *n*: n = p q Furthermore one requires also the second part of the public key, *e* (not to be confused with the Euler-number e), as well as the private key *d*. One obtains these from the calculation: e d = 1 mod ( ?(pq) ) e d = 1 mod ( (p-1)(q-1) ) ( *?(x)* is the total of numbers that are not factors of the number *x* (and are smaller than *x*); *where x = prime* this is x - 1 ) *e* is again a prime number, which can be chosen freely. This calculation is one that can be performed relatively easily on a computer. We will work here with a small example: Let p = 3 and q = 5 n = p q = 3 * 5 = 15 e d = 1 mod ( ?(pq) ) = 1 mod (2 * 4) = 1 mod 8 Let e = 11 11d = 1 mod 8 d = 3 With this we have assembled all the data that are required for coding and decoding: e = 11 n = 15 d = 3 \ /\ / Public key Private key Encryption now proceeds as follows: x' = x ^ e mod n For x = 6 x' = 7 ^ 11 mod 15 = 13 To obtain *x* again from *x'*, one uses the following function: x = x' ^ d mod n x = 13 ^ 11 mod 15 = 6 Due to the rather small prime numbers that were used for *p* and *q*, the range of values is of course automatically restricted -- in this case only values up to 15 can be used (p*q). As soon as the number *n* (which is published, after all) can be factorised, one can crack the key. But there is a tiny problem: Even with the normally common use of 512-bit prime numbers, *n* soon becomes a 200-digit number! And to examine these for all possible pairs of prime number factors is a task that will keep even a super-computer busy for quite a time. 1.6 What is IDEA? ----------------- IDEA is a /conventional/ encryption process that has proved safer than the well-known DES process. PGP uses a combination of RSA and IDEA, as a complete RSA encryption would be too computer-intensive (= slow). So PGP generates a random key - the '/session key/' - which is then used to IDEA-code the message, and includes the key in RSA-coded form with the encrypted text. This has the additional advantage that a message can be encrypted for several recipients with little effort: PGP simply extends the encrypted text for each additional recipient with their own RSA-coded copy of the /session key/. 1.7 What are encrypted PGP data-packets doing in news groups? ------------------------------------------------------------- On generally accessible bulletin boards (news groups / areas) encrypted texts make little sense. As a rule these are public keys, or signature certificates to messages. A key looks something like: ----BEGIN PGP PUBLIC KEY BLOCK---- Version: 2.6.2 FQUtPiP9EfSASAPDEKifNIF2UN244R518X264K051G6F8HT/As30Q5rYSB22/tOR ALBcTSNkG4vAgDi5ZzwgurkogiUHm8XwgaroZZniuZSALiWf1EUzj5t9wG23Fq4C SgIP4C42ly/ffbVWwwAFEbQhTWFyYyBBdXJlbCA8NC10ZFuhukBib25nLnNhYXIu ZGU+iQB1AgUQLNzCrzaXL666tVbDAQGUjwL8DyJ32h+Ym4+6L9FEz2t64YaHozna ZT4= ----END PGP PUBLIC KEY BLOCK---- 1.8 What are 'signatures' good for? ----------------------------------- />>> Abel Deuring :/ The exchange of encrypted messages should offer safety - in particular, of course, that no one apart from the sender and recipient should be able to read the message. But equally the recipient should be able to ascertain that their message is really 'authentic', i.e. that it truly originates from the person quoted as the sender. With encryptions that operate with passwords such authentication is achieved by the fact that only the sender and recipient (one hopes) know the agreed password. If, however, a PGP public key has been published, it can (and should!) be used by all who want to send messages to the owner of the key. But then someone may create a false sender declaration and use this forged ID to transmit a PGP-encyphered message. The recipient of a message can check the authenticity of a message if the message has been 'signed': A signature certificate attached to a message can only be created by the holder of the private key, but can be checked for authenticity by anyone who has the matching public key in their keyring file. As it is practically impossible to forge the digital signatures created by PGP, one can prove that a message really comes from the purported sender, and that it has not been manipulated (or altered in any way). 2 The shell =========== Oh well, after the source-code for the first PGP-Shell went missing but the MAUS-group PGP nevertheless expressed a strong wish for a shell, I sat down once more and started work on this shell. It has been written in GFA-Basic, with the help of Gregor Duchalski's famous GFA-FlyDials and the development help *ErgoPRO* by Columbus Soft (Christof Schardt). Despite GFA-Basic, the program is usable on all ST computers, with or without graphics cards, and with resolutions from 640 x 400 pixels (ST high) or higher under Single-TOS and multitasking systems (MultiTOS and MagiC). Furthermore the 3D-look is supported on ST/TT and Falcons. Due to clean programming it ought to run on MagiCMac as well. The instructions were created as a 'UDO source', and converted to this HYPertext file with UDO itself. 'UDO' is a software product by Dirk Hagedorn and can also be downloaded from well-appointed MAUS-Net-boxes. It's perhaps safest to try MAUS MK2 (the home-mouse of the UDO-author). _From the Atari Infopages: _;-) Dirk Hagedorn In der Esmecke 9 D-59846 Sundern Email: Dirk Hagedorn @@ MK2 dh@@mk2.maus.sauerland.de (/Translator's note/: The English translation was produced with Everest, the shareware editor by Oliver Schmidt.) 3 Shareware =========== Easy_PGP is shareware. The shareware fee is 25,- DM (if you prefer to pay in sterling, see 'Details for registering in the UK'). This fee covers only the creation of a key with which Easy_PGP can then be upgraded to a full version. If you want a floppy disk containing the current version to be sent as well then there is another 6,- DM to pay. TOS2GEM is *not included* in these arrangements! Please see the status of TOS2GEM in TOS2GEM.TXT!! Or, if the HYPertext of TOS2GEM is available: The TOS2GEM documentation. To return to Easy_PGP, registration keys can be sent also by Email. It would be most convenient if you could proceed somewhat like this: Create your own key pair. But you have probably already done this some time ago, haven't you? Send me your public key by Email. /Not encrypted and also not signed!/ Now I will be able to send you an encrypted message, which I think is important for transporting the registration key. Contact address: Manfred Ssykor Httenstr. 46 D-52068 Aachen Telephone: +49-241-953703 (where + is the International access code, 00 in the UK) Email: Manfred Ssykor @@ AC3 manfred_ssykor@@ac3.maus.de msy@@lafp.tng.oche.de Bank: Citibank Dsseldorf BLZ (Bank sort code): 300 209 00 Kto (Account): 19 12 68 11 98 3.1 Details for registering in the UK ------------------------------------- Easy_PGP is shareware. The UK registration fee is 13 Pounds Sterling. To register, please send a cheque or postal order for 13 Pounds made payable to DENESH BHABUTA Send this along with your details and e-mail address to CyberSTrider 203 Parr Lane Bury BL9 8JW Denesh also accepts Eurocheques and International Money Orders made payable to him. Please add one pound to the fee if you are registering from abroad. Denesh is contactable via e-mail on: dbhabuta@cix.compulink.co.uk danny@micros.hensa.ac.uk dbhabuta@mag-net.co.uk When you register, you are entitled to MasterDisk with latest version of Easy_PGP Shell Keycode to register this and future versions of Easy_PGP Shell E-mail, snail-mail and telephone support Free update service (as long as the fee doesn't rise or it becomes commercial) Your keycode will initially be sent by e-mail if possible. /Free Update Service/ Users who register via Denesh are entitled to this service. To receive free updates, please send a blank unlabelled floppy disk with a stamped self addressed envelope to the above address. 3.2 Getting the newest release ------------------------------ You can get the newest Version of Easy_PGP in two ways: - Download ezpgp090.lzh from an BBS. You can find the newest Easy_PGP in the 'Maus Aachen 3' (49-241-54540) in file-group PGP... - Get it UUEncoded via Internet (only for Internet-people!!). For this you two choices again: * Get Easy_PGP one time: Write a mail to: fileserver@lafp.tng.oche.de Subject does'nt matter... Mailbody: open get easy_pgp help quit * Subscribe to the Mailing list: Write a mail to: fileserver@lafp.tng.oche.de Subject does'nt matter... Mailbody: open subscribe easy_pgp help quit And with "unsubscribe easy_pgp" you can get off the list. 4 Legal information =================== 4.1 Copyright ------------- All rights for the documentation, the program and the associated files as well as the source text lie with the author (Manfred Ssykor)! 4.2 Exclusion of liability -------------------------- Despite great care being taken during development, and comprehensive tests, no warranty can be given for the correctness of the contents of this documentation or the fault- free operation of Easy_PGP. I - Manfred Ssykor - do not accept any liability for any kind of direct or indirect damage -- including, but not limited to, material or financial -- that may arise from the use of Easy_PGP, or from its unsuitability for any given purpose. 4.3 Trademarks -------------- Within this documentation, reference is made to registered trademarks that are not explicitly acknowledged as such. No conclusions should be drawn from such missing identifiers that a name is free of third party rights! 5 The future of Easy_PGP ======================== - It is more or less up to you, how and whether it continues! - What, apart from the decrypted text, should one have the option of displaying? - The format of the contents file will change, but this will only happen when the 'Encrypt parameters' have been added. The file will afterwards be compatible to the key-file of CATCRYPT 2.x. 6 Installation ============== The installation Easy_PGP is extremely simple. Easy_PGP's folder is simply copied to any desired directory on the hard disk, and that's it! *I M P O R T A N T* TOS2GEM has to be installed (AUTO folder or desktop) and may not be used by any other program (see the TOS2GEM documentation about this). Otherwise an alert will inform you that TOS2GEM is not installed, or is not free for Easy_PGP. The following variables should (but need not) be set in the environment: - PGPPATH - PGPPASS - TMP (See the PGP documentation for further details) If one wishes to use PGP.TTP under a different name, or accommodate the file in a path that is not the current one (when Easy_PGP is started) and is also not defined in PATH (environment), one will have to create the following environment variable: *PGP* Here the complete path and name of PGP.TTP (or whatever you want to call the file) should be entered. Thus, for instance PGP=C:\PGP\PGP262I.TTP Once these preliminaries have been accomplished, you can start up and configure Easy_PGP. When it starts, Easy_PGP looks in the environment for the (hopefully set) variables and attempts to find PGP in the specified directories. If PGP is *not* found there, Easy_PGP tries again via SHEL_FIND. If the environment variable PATH is set (and if PGPPATH is not set, or PGP.TTP was not found there) then a search will be made in all the paths that are defined in PATH. If then PGP.TTP has still not been found, a corresponding alert will be output when an Easy_PGP function is selected. What is the meaning of the messages 'FATAL ERROR! TOS2GEM not installed!' and 'FATAL ERROR! TOS2GEM could not be reserved!' that (may) appear when the program is started? The first, just as it says, means TOS2GEM (a program by Thomas Binder) that is required by Easy_PGP is not installed. Remedy: Start up TOS2GEM from the desktop, or copy it directly into the AUTO folder and re-boot. The latter message indicates that though TOS2GEM is installed, another program is currently using TOS2GEM for itself. Easy_PGP can't therefore work with TOS2GEM and hence quits. Remedy: Close down the other program that has currently reserved TOS2GEM. If is is known that this is due to a 'false reservation' or 'incorrect deinitialisation', one can also use T2GRESET.PRG to cancel the reservation. For more details about this, please see the TOS2GEM documentation. TOS2GEM.PRG, T2GRESET.PRG and TOS2GEM.TXT are included with Easy_PGP. Back to the installation: If Easy_PGP has been started successfully, the configuration dialogue under Options/Edit can be opened. opens a popup menu in which various key-files can be specified. These key-files are then selectable in the corresponding positions whenever required. An entry can be filled by selecting with the mouse a 'NOT selected...' field. A file selector will appear in which the key- file can be chosen. An entry can be changed by selecting it (use the popup) while holding down the key. An entry can be deleted by using . With 'ST-GUIDE' () a path to ST-Guide can be specified (who'd have though it?). For this one clicks on the 'ST-GUIDE' button and then selects ST-GUIDE in the file selector that appears. One may choose the ACC version of ST-GUIDE. If this is not installed as an accessory as it has been deactivated (*.ACX), then the last character of the file name is replaced by a question-mark, that file (e.g. C:\ACCS\ST-GUIDE.AC?) will be searched for, and the found file (...ST-GUIDE.ACX) started as a program. The same applies to a viewer program. Under 'VIEWER' () a viewer/text editor or something similar can be specified. The installation is similar to that of ST-GUIDE. Under 'More Options' a dialogue opens in which the following parameters can be set: - Reading Keyring * 'Primary ID only' When reading the keyring only the primary ID is read. * 'Doubleclick to select?' A double-click is needed to select an ID. - PGP * Batchmode At present this entry is not in use. * Hold PGP waits for a key-press at program-end. * Wipe After encryption, PGP overwrites the original file. One should tread *very carefully* with this!! One of the beta-testers had his SECRING.PGP deleted in this way :- ( (this was unintentional, of course), but was able to save it with Diskus. - Upon QUIT * Shell . Confirm QUIT? Easy_PGP displays an alert box before quitting, asking whether the program should really be ended. . Auto-Save Easy_PGP saves the current settings automatically when quitting. * Remove . LOG-File(s) Easy_PGP deletes all the LOG-files on quitting. The file extender for the LOG-files can be selected under 'Options'. . TeMP-file(s) Easy_PGP deletes all the TeMP-files on quitting. Once you have adapted all the settings to your requirements you can quit this and the main dialogue with OK. If you quit the main dialogue with Cancel then all settings you made will be discarded. With Options/Save all the settings can then be saved. With this the configuration of Easy_PGP is complete. 7 Distribution ============== The following restrictions apply for distribution via third parties: a) The file *EASY_PGP.REG*, or its contents may not be passed on to others! This is the personal key used to bring *EASY_PGP.PRG* up to a full version. b) For all other files, the following applies: Any distribution for which the receiving party does not have to pay, such as availability in mail-boxes, private copying or distribution by FTP etc. is permitted. c) ALL files belonging to the program *EASY_PGP.PRG*, *EASY_PGP.RSC* and *EASY_PGP.TXT*) must be included complete and unchanged! d) Distribution via PD-/Shareware and similar dealers on floppy disks is generally permitted as long as 1) a disk, inclusive post and packing, does not cost more than 10.- DM (4.50), 2) the disk is usable immediately, without restrictions, and without needing any further special software. e) Distribution on CD-ROM, magnetic tape or similar mass data carriers is generally permitted if 1) ALL files belonging to the program (see 3.) are included complete and unchanged, 2) ... the whole CD, including postage and packing, does not cost more than 100.- DM (45.00) and contains a minimum of 300 MB of software (and with software I do NOT mean *.IMG, *.MOD and similar files), 3) ... the CD is usable immediately, without restrictions, and without needing any further special software, or if the complete software can be made easily usable with customary accessory programs (archivers/unpackers such as LZH, ZIP or ARC etc). f) Explicitly not permitted are * Bundling with other software (e.g. '5 programs on 5 disks for DM 30.-/15'). - Other bundles and special offers ('Buy a hard disk/interchangeable cartridge from us and we will fill it with 200 MB PD and/or Shareware software') and similar advertising offers * Distribution alongside commercial software ('free extras') unless this commercial software costs no more than DM 10.- (4.50). g) Distribution via mailboxes, computer networks and other kinds of electronic means is only permitted if all files belonging to the program (see 3.) are included complete and unchanged. Manfred Ssykor 8 Using the program =================== I have tried to make operation of Easy_PGP as simple as possible. It should be clear to everyone that this does not always work. I would therefore ask you to write down any tips that could be of use to inexperienced users and send these to me. For this reason these instructions only have 'beta-status', since in further development there is certainly much that can and should be added. I start with the assumption that you are familiar with using GEM programs under TOS/MagiC/MAGICMac. If not, then please read the corresponding pages in your computer handbook. Furthermore it is *ESSENTIAL* to study the PGP instructions, to fully understand them and to know what PGP does for each function that is selected! I neither can nor wish to replace the PGP instruction manual. These instructions refer mainly to the essentials for handling Easy_PGP itself, but not the associated background information. All you need to know about this can be found in the (excellently written) PGP instructions. A lot more should be included here ... but I lack both the time and the inclination to do this ... writing instructions is not exactly one of my strengths. ;-) 8.1 Keyboard control -------------------- Easy_PGP has been programmed in such a way that all functions, menu entries, popups etc. can be called via keyboard shortcuts. Alhough there may be some exceptions, at present I cannot think of anything that can't be operated from the keyboard. ;-) 8.2 The menu bar ---------------- Here we have a listing of the menu-bar entries and their contents: Fundamentally (applies to all dialogues): - If a popup is present prefixed with the legend 'Keyfile', then this is a popup with which one can select individual PUBRINGs (public keyrings). Selectable PUBRINGs can be defined under 'Options' (and only there). If several popups are present then usually this popup is the top one. - If no ID line is present, then the user-selection can be called up with . Depending on the setting of 'Doubleclick to select?' in the 'More options' configura- tion dialogue this can also be done with a single- or a double-click. 8.3 Menu: EASY-PGP ------------------ First of all one can, of course, access the desk accessories here, just as usual. 8.3.1 About Easy_PGP Here the 'About' dialogue appears and some further information dialogues such as the author and his address and bank accounts, to whom the program is registered, what the shell was programmed with, thanks... 8.4 Menu: File -------------- 8.4.1 Quit Leave the program. There is little more one can say about this... Wait a minute, there is still something: In 'More Options' you can choose whether Easy_PGP should issue a safety query before quitting or not. So if the 'Confirm QUIT' check-box is active (crossed), an alert will appear asking whether you really want to quit. 8.5 Menu: Key Management ------------------------ Now we are really getting down to it so we'll subdivide the entry... 8.5.1 Add a key Here one can pass a file to PGP and PGP will attempt to pick up any keys that are contained in that file. The public keyring in which the new keys should be included can be chosen via a popup. More about this later... 8.5.2 Change a key This is provided to: a) Change one's own key (to add a new user-ID, say, or to alter the password), or to b) Change the trust-parameter of someone's key. For this you will be asked whether you are quite certain of the keyholder's identity, and how far you trust them for introducing new keys (1 - 4, corres- ponding to 'Not', 'I don't know', 'As a rule' and 'Always'). More about this later... 8.5.3 Extract a key What is the use of all the collected, signed etc. keys if they are only on one's own keyring? That is why this option permits you to 'extract' individual, groups of, or even all keys from their present keyring and store them separately. The format in which this is done can be determined with a variable in the CONFIG.TXT file of PGP itself (for details, please see the documentation distributed with PGP). In any case, this is the menu entry you can use to make other users acquainted with the public key that you have taken so much trouble to create. This function applies not only to your own public key, but to all keys in your public keyring. Note: For encrypting and decrypting you will always need a *key pair*, consisting of a public and a private key! The private key (the one in SECRING.PGP) may *NEVER* be passed on/published. The public key (in PUBRING.PGP) *should* be distributed to everyone who is likely to send you encrypted messages, or published where they will be able to find it. More about this later... 8.5.4 Generate a key Here PGP is induced to generate a new key pair. You will first see an alert generated by the shell, which has to be confirmed. You should think very carefully before you take this step (see 'RSA Key Generation' in the PGP documentation)!! Normally a new key pair needs to be generated only when you work with PGP for the first time or when you want to withdraw an old key. So PGP is started and will require the input of several details. Which these are and what they are called is best taken from the PGP instructions. Therefore only a short crash-course will be given here. To generate a unique key pair is a time-intensive process. You should remember this, and not start generating your key pair just when you are late already, and have to catch a bus/train/tube etc. ;-). But wait a minute: That is just the right time! Start PGP, input the required data, and in the time that PGP needs to create the keys you can go shopping! ;-) The key creation process is largely controlled by PGP. First you are asked what kind of key you want to generate. This refers to the length (and with it the security) of the key. Three levels are offered by PGP (1, 2, 3), but one can also select any desired value between 384 and 2048 bits. I don't consider this as good, however. _What should one pay attention to in key generation?_ - Key length: Most PGP users select a 1024-bit key (military grade), even though the encryption - depending on the computer used - can take noticeably longer. A 384-bit key (casual grade) is not recommended. * The simplest level is a key of 384 bits length, which is fast but only moderately secure. * The second level is a compromise between speed and security which generates a 512 bits long key. * The third level is the key with -- on all computers to date -- the highest, therefore so-called 'military' security level. This key has a length of 1024 bits and is fairly slow but in return has the highest achievable security level. No, this is incorrect, of course. The attentive reader will have surely noted this. One can after all generate a key of 2048-bit length. *That* is of course the slowest and the most secure. But I would advise anyone against generating and using such a key. The excessive time needed for encrypting and decrypting data is no longer matched here by noticeable improvements in security. - Once you have overcome this hurdle, you will be asked for a password (or a pass-*phrase*). This is an extra safety measure. Although you are not forced to create password protection for your private key and can skip this step by pressing , I would *strongly* recommend that you use a password; otherwise anyone that may get hold of your private key can use it and read any encrypted messages addressed to you, for instance. Note: A PGP key without a password is like a credit or bank service card with your PIN number written on it. The pass-phrase that PGP asks for during key generation should protect the private key from use by strangers. As for most passwords, you should choose one that is not easy to guess. In contrast to many other passwords, the PGP *pass- phrase* has virtually no limits placed on its length. Famous quotations are not recommended; instead, one should choose a mixture of numbers, text and non-alphanumeric characters, such as e.g.: $Clark42Kent-Fuppes(FloedelDoe( But even with the *securest* of pass-phrases, one has to always try and ensure that no one has access to the file containing the private key. - As a rule PGP keys are distributed and may well wind up in an Internet keyserver. One should therefore make sure of using a unique /user-ID/ that includes the Email address. It isn't enough for the user-ID to be 'Helmut in the LINK-MZ'. A user- ID should contain the name of the key owner and a sufficiently detailed Email address, e.g.: Helmut Kohl The angled brackets '<' and '>' are important, so please *don't* omit them. A typical example for Maus-users: Manfred Ssykor @@ AC3 becomes Manfred Ssykor A further reason for including the full Email address is the habit of some PGP users of mis-using their keyring file as an address-book. ;-) (Easy_PGP needs this as well, so please keep to it!) Before the key is finally generated, you will be asked to type some random characters on your keyboard. (PGP is only interested in the more or less random time intervals between key presses; the typed characters themselves don't matter.) After a number of key presses PGP declares that the typing is finished and the calculation of the key begins. For the above purposes copying text from, say, a book gives a wider spread of the data than typing away quickly at random, or composing original text. Now a succession of plus-signs (+) and dots (.) will show you the progress of the key generation. When your key is ready, PGP quits and you will have three new files in the corresponding directory: RANDSEED.BIN, SECRING.PGP and PUBRING.PGP (if these were not there already). *TIP:* As soon as these files have been created save them to a floppy disk. Do this also as soon as anything has changed in your keyring! Then, if anything goes wrong at any time, you can at least recreate your old installation from the copy. If you do not have a copy then PGP has to create a new key pair and all encrypted messages sent to you previously will be lost. So: Prepare a safety copy! 8.5.5 Remove all revoked keys This is one of the more complex functions - even though it doesn't appear so at first sight. The removal of old keys that have been revoked is split up into three phases: a) Creating a key list (-kv). When using a non-English version of PGP then the @{"LANGUAGE" LINK "pgpdoc.hyp\\LANGUAGE"}.TXT file is renamed before PGP is called in order to always obtain the original English output (because a search is made for 'revoked'). b) Search for the revoked keys. c) Removal of the found keys. For this, PGP will be called for each key to be deleted. More about this later... 8.5.6 Remove a key Here one can selectively delete a key or a key-ID. This - like all functions handling deletion - should be thought about carefully before it is invoked! /By the way:/ It is better to have one key too many in your public keyring then to delete one by accident that one still needs! More about this later... 8.5.7 Remove a signature [Remove signature] serves to remove *one's own* signature certificate attached to one's own or someone elses's key. 8.5.8 Revoke a key *Revoke a key* is used to create a 'Key revoking certificate' or to remove it again. /That's fine, but why should I want to create such a thing?/ Well, it can happen to anyone: One has the feeling that someone has peeked while one has typed in one's pass-phrase. Then there is only one thing to do - one has to declare one's key invalid and 'revoke' it (naturally there may also be other reasons for revoking a key - see the PGP documentation - but we'll stay with this one for the time being). To do it, one calls this function from Easy_PGP. PGP then creates a document, a 'key revocation' certificate, stating that one's key is no longer valid. In order to inform one's Email partners about this, one has to make the key revocation certificate available to the public by Email or any other suitable method. Everyone who then adds this 'key' to their public keyring will observe that the key has been revoked, and after this will remove the old key from their keyring (see 'Remove a key') and wait for a new key - which you then have to create anew and distribute... Note: Keys that have been revoked are not yet marked as such in the user-selection. 8.5.9 Sign a key or key-ID Naturally this - like all functions in Easy_PGP - is also very easy to do. Attach one's signature certificate, I mean. But just here one should tread with care and only after due consideration. This means that one really has to be 100% certain that the key that one wishes to sign really belongs to the purported owner! It is *imperative* to read the PGP documentation about this!!! PGP will ask if you are ready to confirm with your PGP signature that the key in question belongs to the stated person. If you do that, you are asked further how far you trust similar confirmations issued by that person. (You should take great care with this trust rating as well!) You cannot choose the degree of trustworthiness freely: PGP offers four levels - unknown, untrusted, marginally trusted, or completely trusted to certify other public keys. The decision is made by inputting the number corresponding to your degree of trust (1 to 4) in your partner. After this assessment the key of your mail partner will be 'signed' with your signature certificate, and that fact will be available to anyone who is in possession of that public key. The trust rating that you assigned is stored on your keyring with the relevant key, but when you tell PGP to copy a key off your keyring PGP will not copy the trust information along with the key, since your private opinions on trust are regarded as confidential. More about this later... 8.5.10 View a key Well, this too is an unpretentious entry. With it you can have all keys in your keyring displayed on screen. One can either view the total contents of one's keyring ('View key- ID'=OFF) or only a selection ('View key-ID'=ON). In the latter case one of course has to choose a corresponding ID (with the selector, F10 or double-click), or enter one on the command line. If you have several keyrings, please select the corresponding ring with the top popup 'Keyfile' (as usual). The checkboxes 'View fingerprint' and 'View with sign's' determine how much detail of the key is to be shown. Normally only the size of the key, the personal ID and the name of the keyholder as well as their Email address/name are displayed. With the 'fingerprint' one can check that the key really belongs to its putative owner. For this a row of hex digits will be displayed, made up of 16 pairs of 2 characters. You can make a note of this number string, or have it printed out, and then have it confirmed by the owner on the telephone or personally. If one also wants to know who has already signed the key, then one can activate the last entry: 'View with sign's'. More about this later... 8.5.11 Lock/Unlock key Well, this is hard for me to translate what PGP here does cause i don't know it exactly ;-) An attempt: When you don't want to remove a key but you want that you cannot use this key. With this menuentry (Lock key) you can disable an key. You can see this key when you view the content of a PUBRING but you cannot; Remove it, encrypt (or decrypt) with it. Eventually there are more restrictions... I don't know them, sorry. More about this later... 8.5.12 View trust-parameter Oh well, here it is a little harder to supply an exact description. The best thing is to take a quick look at what PGP outputs. In the 'first run' the ultimately trustworthy keys will be searched for and displayed. These are, as a rule, at least one's own key(s). In the 'second run' signature certificates attached to keys already inserted previously will be looked for. One calls these chained signatures. In the 'third run' the whole keyring will be searched again for all signature certificates. This time the ID, the trust-status and trustworthiness assigned to the user(s) for validating keys will be shown, together with the user name(s) and their Email address. More about this later... 8.5.13 Check keyring Oh well, here it is a little harder to supply an exact description. The best thing is to take a quick look at what PGP outputs. The purpose of this item is to check a public keyring for possible faults. This is done in a number of steps. First of all the public keyring is tested for errors. Any faults that appear will be displayed e.g. 'Malformed or obsolete signature' (happened to me today!). If any errors were found, PGP asks whether these should be removed. Here signature certificates can get lost (because they are faulty), perhaps even complete keys. It is better, therefore, to work first with a backup of the public keyring. And then the trust check follows. This is also known as 'Edit trust- parameters'. /Technical:/ During PGP's output keys and signatures are marked in various ways: _Keys_ are marked as follows: *#* denotes that the key has been revoked. It should therefore no longer be used. *** denotes that the key belongs to you. Hence it has the ultimate degree of trust. _Signatures_ are marked as follows: *!* denotes that the signature is OK. *%* denotes that an error has arisen in checking this signature. *?* denotes that, though the signature is in order (at least as far as the data is concerned), it was not possible to check it 100% because the key for the signature is not in the public keyring. If anyone has further information about this, it would be nice if they could give me details. More about this later... 8.6 Menu: Crypt --------------- 8.6.1 Decrypt Here encrypted data can be converted back to readable ASCII text or binary files. You can use the file selector for this, or pre-set some frequently- used filenames in the dialogue under 'File to decrypt:'. With the checkboxes lying below this you can control the procedure during decrypting: 'Leave signature in place' leaves any signature present in the decrypted file, 'Restore filename' recreates the old name. 'Output to Viewer' says that the output (the decrypted file) would be given to the Viewer. I have installed an Texteditor as Viewer and with this Option i can read and comment the mail (most times it is an eMail what i decrypt). More about this later... 8.6.2 Encrypt In the registered version you can encrypt your text or binary file with this entry. Here too a number of options are available that we will attempt to point out to you: 'Encrypt:' Here the selected file will be encrypted with your key and with the name(s) entered in the ID line. (Yes, you have read this correctly: It's possible to encrypt a text in such a way that several recipients can decrypt it.) The result is a kind of binary file. For transmission via Email the data has to be in ASCII format (lower set, ASCII 32-127), however. So that it is not necessary to make another PGP run for this, there is a switch below 'Encrypt' with which the 'ASCII-armor' option can be activated. When switched on, the original file after encryption will be converted automatically into the RADIX-64 format, which represents a special kind of ASCII text. You can also let the input file be converted directly to RADIX-64. For this, you simply switch off 'Encrypt'. (That is the reason why separate switches are provided for these two functions.) /In early versions (0.17, 0.18)/ you could choose in the next column whether you wished to sign the input file with a signature certifi- cate. This was achieved when the adjacent 'Detached sign' button was active, and only worked with non- encrypted input files. If the file was to be encrypted, this function was disabled. In all of the later versions, this function is offered by a separate menu entry. Finally, by clicking on 'Crypt conventional', you can also encrypt the input file with a single key instead of a key /pair/. This can be useful if you don't know the public key of the recipient. But one should not conceal the fact that this 'conventional' encryption does not offer the same level of security as a key pair! Conventional encryption proceeds by starting PGP, which will ask you to input a password with which the input file is to be encoded. Naturally the recipient must know this password. But don't post it to him/her in the same mail!! ;-) More about this later... 8.6.3 Generate detached signature [Gen. det. sign.] can be used to generate signature certificates that are detached from the text they sign. It is normal to attach the signature physically to the text since it provides a simple way to check signatures. But sometimes it may be desirable to have the signature certificates stored as a separate file. For this one only needs to select a file for which such a SIGnature file is to be created. See also: Check detached 8.6.4 Check detached [Check det. sign.] Here one can check a file, comparing it to its detached signature. To do this one has to select two files: The signed file and the file containing the signature (*.SIG). The purpose of a detached signature can be explained quickly: With its help, any desired files - including binaries such as programs, for instance - may be 'sealed' or certified. PGP will recognise the signature only if the signed file has not been altered since the signing. So, for example, the author of a program can include with his work a detached signature that was generated with the aid of his secret key. Everyone who has the author's public key can now check whether their program version has remained unaltered. Any manipulation of a signed file invalidates the signature. For this reason this feature is also useful for detecting a subsequent virus infection. Also, it is not possible to decrypt a file from its signature. (You can try it by all means - if the universe lasts long enough...) A signature therefore offers a reasonable assumption that the file has been authorised by the signatory. Well, that's just what you can check with this option. 8.6.5 Expert mode This function is not yet complete, but it is already usable. One has two lines available here on which a command line for PGP can be input. Both lines have to be regarded as *one*; internally the second is simply attached to the first. In this command line one can input a sequence of commands, just as normal. One can also use various placeholders to save at least some typing. These are, in detail: *%cml* If this is found in the command line it will be replaced by the file that Easy_PGP was passed via a command line, i.e. the file that normally appears in the second entry of a popup (e.g. for 'Add a key'). *%keyring* This will be replaced by the selected 'Keyfile' popup entry in the 'Expert-mode' dialogue. So if one enters '%pubring' and the popup currently contains 'c:\bin\pgp\ pubring.pgp' then this will be replaced by +pubring=c:\bin\pgp\pubring.pgp 8.7 Menu: Options ----------------- 8.7.1 Edit options Here all set-ups for the first use of the shell are made, such as where the Help-system and the Viewer are to be found, for instance. For experienced users, I recommended in the past direct editing of the *.INF file. But as noted in 'Description of the INF- file', this has now been altered and editing it by hand is no longer advised. After the keyfile has been selected, and the paths for the Help- system and the Viewer, please click the mouse on 'More options'. More about this later... 8.7.2 More options This dialogue contains all the important basic settings for the shell and PGP. In the first field you can choose whether the user can/should be able to select only their primary ID (but this is not yet properly implemented). Furthermore, whether a single mouse-click or, as in the desktop, a double-click should call up the user- selector. Next to this you can choose how PGP is to behave. If you don't know what to do with these fields, leave everything as it is at first. Below this you can set up options that determine what the shell is to do when you as a user select 'Quit'. When 'Confirm QUIT' is checked it means that you have to explicitly confirm a query dialogue with 'OK' before leaving the shell. If 'Auto save' is active, any changes made to the shell will be saved automatically when it is quit. If 'Append LOG' is active, the LOG-Files would be append to an exiting LOG-File (if there is an LOG-File). Otherwise the LOG- File would allways be created! All contents of an old LOG-File will be lost without any comment! The entries for 'Remove:' determine which files will be deleted on quitting, but... ...due to changes made to the routines this is not supported at the present time. More about this later... 8.7.3 Save options Saves the configuration. There is little else to say about this. 9 About this Help ================= This is a Help for Easy_PGP which does *not* replace the study of, or about, PGP! (At least 4 terms, proof required! ;-) ) Please be sure to read the texts PGPDOC1.TXT and PGPDOC2.TXT or the relevant hypertexts (if present). The first two should be included in the PGP package archive. Otherwise you can get all the (German) texts in various Boxes of the MAUS-Net. You will naturally get at least some rudimentary help for PGP with this Help file. ;-) Oh yes: Brand names and/or trademarks occuring in this text are the property of their owners. Their use does not indicate that they are free from the rights of third parties, and does not relieve you of the obligation to take these rights into consideration. Since presumably more than just one person has helped write these instructions, herewith a listing of the 'authors' of this file: - Manfred Becker @@ BM (general, all sections). - Heiko Gisselmann @@ UN (Section INF-file and Installation) - Peter West, London (English translation) A The beta-testers ================== Here I would like to thank my beta-testers, who have bombarded me with bug reports, suggestions and ideas. Without them, Easy_PGP would not have become what it is now ;-) B Known bugs ============ - PGP return-codes are not yet fully evaluated. - If only one public keyring has been defined, one can still use the popup in the various dialogues. That's not too bad and works OK. I'll change it when I can. (MW) - Slider in the scrollbox doesn't work. I can't find the error. Will have to take a closer look... (MW) - F10 doesn't work properly. Somehow I can't get this to work. ;-(( - The user-list is read in anew each time the dialogue is called (the contents file is meant here). C Description of the INF-file ============================= In the past, this contained a description of the variables in the INF-file... ...but as I have fundamentally altered the format this is no longer necessary. One should say that line 1 contains the number of buffer lines, and line 2 the number of characters that TOS2GEM should buffer before they are displayed. Otherwise the INF-file should not be edited manually. And make sure you don't delete any lines! D Exit-codes ============ An exit-code is the value that every program returns when it quits. The value 0 (zero or null) means, as a rule, that everything has worked without problems arising. All values smaller than zero are returned by the operating system. -33, for instance, means that a file couldn't be found. But PGP has its own (special) exit-codes, that are present only in PGP. These are naturally evaluated by Easy_PGP and output as plain text. Up to Version 0.22 the exit-code was output as follows, for example PGP-Exit-code: 0 Now (from 0.23) it is output as: PGP-Exit-code: 0 (EXIT OK) E Version history ================= The beta-testers who have reported bugs to me, or made suggestions for improvements are shown here as initials. These translate as: Harald Von-Essen (HVE), Heiko Gisselmann (HG), Hendrik Mylius (HM), Manfred Becker (MB), Michael Wedding (MW), Carsten Friehe (CF) and my trifles - Manfred Ssykor. E.1 V0.90 04.10.95 ------------------ - Easy_PGP is now fully translated to english. Many thanx to Peter West for translating the dokumentaion!! - Lock/Unlock a key now possible. - New checkbox in 'Decrypt'. 'Output to viewer' - New checkbox in 'More options'. 'Append LOG' - Now an english version of TOS2GEM is included in the package. This was translated by Peter West too. Many thanx again for this!! E.2 V0.31 20.07.95 ------------------ * PGP can now also be started in 'VERBOSE=2' mode. This is quite useful for debugging. One can do this by pressing a key when calling PGP. So: Instead of selecting the 'OK' button with , one uses + and holds down the key. If an alert appears after 'OK' then one has to press the key after quitting the alert. * The format of the INF-file has now changed *fundamentally*. Any old INF-file present has to be deleted, and Easy_PGP reconfigured anew. The INF-file now has a rigid format (fixed sequence and no variables any more). Thanks to this the reading of the INF-file (and hence the program initialisation) has become much faster. * It is now possible to check a public keyring for errors. * 'View Trust-parameter' and 'Check keyring' can now also be used from the command line: For this -view_trustparameter or -check_keyring must be passed as the command line to Easy_PGP. Shorter forms will be possible at a later stage. I am only just starting to implement some things via the command line. * There is now a (preliminary) German version of Easy_PGP. * New file in the SYS folder (Easy_PGP.MSG). This contains the phrases that Easy_PGP outputs to the screen and makes translation to other languages much simpler. It is only a start. Everything has not been translated yet... * The /German release* provisionally installs the German RSC and MSG files by default and provides an 'ENGLISH' folder for the English equivalents. /This doesn't apply to the English release./ * Many dialogues could only be used after a short delay. Fixed. * One can now specify an output buffer for TOS2GEM smaller than 0. See the TOS2GEM documentation... No check is made for a correct TOS2GEM version!! The version included with Easy_PGP works, in any case... * Various other small changes to the program. E.3 V0.23 21.05.95 ------------------ - A couple of dialogues could only be used after a short delay. Fixed. - Easy_PGP now looks first for the PGP environment variables to ascertain the path (and possibly filename) of PGP. If the variable '*PGP*' is not present, then PGP.TTP will be searched for, as before. In other words: If you want to use PGP.TTP under another name then you have to set the PGP environment variable. - The 'OK' button was not deselected when a new file was input. (MB) - Error rectified in an alert that appeared when the Viewer was WRONGLY defined. - The dialogue in which the destination name for encrypted and decrypted files could be chosen looked a little funny. Fixed. - The exit-codes of PGP are now evaluated and output. But unfortunately I only had the source code of V 2.3a of PGP and so don't know whether later PGP versions have had new exit- codes added.