Contents
========
Why Encrypt?
What is PGP?
Introduction to Cryptography.
Main Types of Cryptography.
How Does Cryptography
Work?
Conventional Cryptography
Public Key Cryptography
How Does PGP Work?
A Few
Words About The Keys...
..And About Digital
Signatures
The Message Digest
Digital Certificates
Certificate Formats
Validity and Trust
Passwords and Passphrases
Why Encrypt?
============
Why the hell would you want to encrypt your data anyway? Well, for
several reasons:
(1) Suppose someone breaks into your computer. Instead of being able
to quickly grab all of your credit card numbers, passwords etc', if
you've encrypted your data he will only get encrypted garbage, which
will mean nothing to him, and will be excruciatingly hard to decipher.
(2) Suppose you're not the only one using your computer. Would you
risk putting your private information wide-open to strangers and maybe
even malicious users? I wouldn't.
I hope you get my drift. Now, let's move on.
What is PGP?
============
PGP (Pretty Good Privacy) - is an encrypting technology which combines
features of both conventional and public key cryptography (the keys
we will discuss later in this topic) and is sometimes called a hybrid
cryptosystem.
Introduction to Cryptography
============================
At first, I would like to introduce you to some new words, which will
be widely used in this tutorial:
1. "Plain text" or "clear text" is unencrypted data, which can be
read and easily understood and has not been encrypted. This tutorial
is written in clear text, for example.
2. Encryption - the process of changing plain text into ciphertext.
3. Ciphertext - is the result of encryption - meaningless garbage
at first sight. (One of the meanings is "an obsolete name for zero).
4. Decryption - it is a method to convert readable data from Ciphertext.
5. Cryptography - the science of encryption.
6. Cryptanalysis - a branch of mathematics that involves breaking
encrypted data mathematically or statistically.
7. Attackers - anybody who tries to get cleartext from ciphertext
without authorisation.
8. Cryptology - synonym for cryptography
9. Cipher - an algorithm or mathematical function that converts plaintext
to ciphertext.
10. Cryptosystem - a cipher and all the tools/algorithms associated
with it
Here is logical chain of all this process:
PLAINTEXT --> ENCRYPTION --> CIPHERTEXT --> DECRYPTION --> PLAINTEXT
\
-> SUCCESSFUL ATTACK --> PLAINTEXT
Cryptography actually is a mathematical science. It uses mathematics
to encrypt / decrypt data in order to store it or to transfer it securely
across an insecure network (the internet for example, but it could
be any other type of network, not even the electronic type) to ensure
that information is only available to authorized people.
Main types of Cryptography
==========================
A cryptosystem can be weak (easy to break), or it can be strong (hard
to break). The strength of a cryptosystem is measured in the time
and resources you need to get make a successful attack. Modern strong
cryptosystems can withstand a brute force attack using all the computers
in the world - or rather, it would take an inordinately long time
(currently about 10^9 times the age of the universe). But you never
know - tomorrow may bring a mathematical technique to attack these
cryptosystems by a method other than brute force.
How does Cryptography work?
===========================
A cipher uses a key (a piece of data) coupled with an encryption algorithm
to encrypt data (plain text). Different keys produce different ciphertext,
of course. So the strength of encrypted data relies on two factors
- the strength of cipher and the safety of the key. Therefore it is
very advisable to choose the key very carefully and to keep it secure
(best solution is to put it into a brain-cell, if possible:)). All
those components mentioned above build a cipher. A cryptosystem (like
PGP) uses a combination of various different ciphers .
Conventional Cryptography
=========================
This type of encryption uses the same key to encrypt and decrypt data
(plaintext). An example of a conventional cryptosystem is DES (The
Data Encryption Standard) which is recommended by the Federal Government
for commercial applications (despite the fact that it can be broken
very easily). Conventional Cryptography has both pluses and minuses.
It is very fast and suitable for data which won't be used by anyone
except by the person who encrypted it. Unfortunately the secure key
distribution is very difficult task to accomplish: you need to agree
with a key beforehand, which is very impractical nowadays, because
you cannot trust phone companies, couriers, e-mail and internet services.
Here arises a question: how do you get the key to the recipient without
someone intercepting it? The best way would be to have different keys
for the sender and recipient.
Public Key Cryptography
=======================
Which solves the secure key distribution problem. Whitefield Diffie
and Martin Helman introduced the concept of Public Key Cryptography
in 1975. However, there are some rumours that British Secret Intelligence
Service invented it few years before, but kept in secret and did nothing
with it.
Public key cryptography is an asymmetric system and uses two keys
(a pair): a public key, used for encryption and a private key, used
for decryption. The public key is published worldwide and the personal
is kept in secret. Anyone and everyone can encrypt data with your
public key, but only you (or to be more exact the person who has your
private key) can decrypt the ciphertext.
How Does PGP Work?
==================
As mentioned above, PGP is mixed cryptosystem - that is, it combines
both conventional and public key cryptography. PGP operates in this
way:
A) Encryption:
1) First, PGP compresses plaintext. It is useful for several reasons:
you need less space on hard disk. smaller message means saving time
(and money), when sending it via internet, and increases the strength
of encryption, because in compressed data there are fewer patterns
than in uncompressed and pattern recognition is widely used by cryptanalists
to break a cipher.
2) PGP then generates a single-use encryption key, known as a session
key. It is random number, generated from random data such as the contents
of your PC's RAM, mouse movements, positions of windows on the desktop
- uou get the idea. PGP uses a very fast and secure conventional cipher
(CAST) and this session key to encrypt the data to produce ciphertext.
3) After encrypting of the data, the session key is then encrypted
to the recipient's public key and both the public key-encrypted session
key and the ciphertext are transmitted.
B) Decryption:
1) PGP uses the recipient's private key to recover the session key.
2) The session key is used to decrypt the conventionally encrypted
ciphertext.
3) The compressed data is decompressed.
The combinations of conventional and public keys provide cryptography
with very fast and secure encryption system. This is achieved by the
speed of conventional algorithms and safety of public key.
A Few Words About The Keys...
=============================
A key is a piece of data which is used by cryptographic algorithm
to produce cyphertext. In fact, keys are huge prime numbers. The size
of the key is measured in bits - the bigger the key, the more secure
the encryption. The comparison of conventional and public key sizes
is rather puzzling - conventional 128-bit key is the same strength
as 3072-bit public key. The thing is, that you can't compare those
types of the key, because of the specific algorithms used for each
type of cryptography. (you can't compare trains and brains, can you?).
To gain as much security as you can, always pick the biggest-size
keys. This is because (given enough time and processing power) any
public key can eventually be found. However, 2048-bit keys are in
fact so difficult to break that it would take AT LEAST 2,000,000,000
years to break it using all the processing power to be found on the
planet at the moment.
Keys are stored in encrypted form. Typically you use two keyrings
(files on hard disk) - one for public keys and other for private.
Don't lose private key ring, because all information which was encrypted
to keys on that ring will never be accessible (if you won't compromise
the cipher, of course).
..And About Digital Signatures
==============================
Just like written signatures, digital signatures provide authentication
of the information's origin. Usually this feature of cryptography
is much more widely used than encryption. The digital signature is
'impossible' to fake. In short - when you are dealing with this type
of signature - you can mostly always be sure you are dealing with
the right person (in the sense of authentication, of course).
The digital signature works this way:
1) The plaintext gets encrypted with your private key.
2) If the information can be decrypted with the public key of the
yours, then that information comes from you.
The digital signatures are the main way to verify the validation of
the public key.
The Message Digest
==================
How do you make sure that no-one is able to just copy and paste your
signature from your e-mail to his and claim it came from you? Well,
you use a message digest.
The message digest is the output of a hash function. This function
takes message of any length and produces a fixed-length, 64-bit output
(that's right - it's the same as the message digest hash mentioned
earlier). The mathematical side of this function ensures that even
if the data differs very slightly, you get entirely different output
(known as a message digest). The private key and the digest are used
to generate the signature, which is then transmitted along with plaintext.
The hash function ensures that no one can take your signature and
use it as his own because in such a case verification fails.
Digital Certificates
====================
Of course, when you use public key crytposystem you want to be sure
you are encrypting to the right person's key. This is the problem
of the trust. Let's say someone posts a fake key with a name of the
person who you are writing to. When you encrypt the data and send
it to the "recipient", the data goes to the wrong person. In a public
key environment, it is very important that you are sure you are using
the public key of the intended recipient. One way out is to encrypt
only to keys that the owner of has handed to you personally (on a
floppy disk, for example). But this is very inconvenient - first,
sometimes you don't even know the recipient and the second, what would
you do if you need to send some data to a person who is not available
physically - in a plane or anywhere else wher you can't meet them
physically? Send a pigeon with a note?
Digital certificates simplify this task of checking that you have
the correct key. A digital certificate is a piece of data that you
can use like a normal physical certificate. This information is included
with a person's public key to provide help to verifying the validity
of the key. Certificates are used to prevent people substituting one
person's key for another.
A digital certificate consists of:
1) a public key
2) certificate information (some information about the user: name,
ID and so on)
3) one or more digital signatures
The digital signature on a certificate shows that some person approves
the certificate information. The digital signature does not attest
to the authenticity of the certificate as a whole; it vouches only
that the signed identity goes along with the public key. In short
- a certificate is a public key with several forms of ID attached,
and approval from some other trusted individual(s). You get most of
the benefits of digital certification when it is necessary to exchange
public keys with someone else and it is impossible to do manually.
Manual public key distribution has its advantages, but is useful only
to a certain point. Sometimes it is necessary to put everything in
one place - central storage, for instance, with exchange of public
keys for anyone who need them. Systems that store such data are called
Certificate Servers and systems that provide some additional key management
features are called Public Key Infrastructures.
Certificate Servers (aka cert. server / key server) are nothing more
than databases that allow users to submit and retrieve digital certificates.
Such a server can and usually does provide some administrative features.
These features enable a company to maintain its security policies
and so on.
A Public Key Infrastructure contains the same the certificate storage
facilities of a certificate server, but also provides certificate
management facilities - the ability to issue, revoke, store, retrieve
and trust certificates. PKI introduces the Certification Authority
(CA), which is a person who has authorisation to issue certificates
for some company's computer users. A CA creates certificates and digitally
signs them, using the CA's private key. If you trust the CA, you can
almost always trust the holder of their certificate.
Certificate Formats
===================
A digital certificate is a collection of some identifying information
imbedded together with a public key and the signatures of people who
trust it's authenticity. PGP recognises two different certificate
formats:
1) PGP certificates;
2) X.509 certificates.
A PGP certificate consists of:
1) the PGP version number, which identifies the version of PGP program
which was used to create the associated key.
2) The certificate holder's public key together with the algorithm
of the key, which can be RSA or DH/DSS (recommended).
3) The certificate validity period which indicates when the certificate
will expire;
4) The symmetric encryption algorithm for the key. This information
indicates the encryption algorithm to which the certificate owner
prefers to have information encrypted. These algorithms are CAST (recommended),
IDEA or Triple-DES.
Validity and trust
==================
Validity is confidence that something (a public key or certificate,
for example) belongs to its real owner. Validity is very important
in public key systems where you must know if the certificate is authentic
or not.
When you are sure that some certificate belongs to someone, you can
sign the copy on your key ring to attest to the fact that you've checked
the certificate and that it is an authentic one. If you export the
signature to a certificate server others will know that you approved
it. To believe someone who has signed approval of any certificate,
you need to trust them.
You can check validity by meeting the intended recipient and taking
the key from him physically. The other way is to use fingerprints.
A PGP fingerprint is a hash of the certificate (similar to a message
digest). All fingerprints are unique. It can appear as hexadecimal
number or a series of biometric words, which are phonetically distinct.
When you have fingerprints and know the voice of the owner, you can
just call him and ask him to read his. But sometimes, you don't know
the voice - in such cases you need to trust some third party, like
a CA.
But don't forget that unless the owner of the key hands it to you
personally you must trust some third party to tell you that this key
is valid.
Passwords and passphrases
=========================
Almost everyday, when you are using computers you need to enter a
secret combination of characters (a password) to access some information.
So you should be familiar with the concept. If not, you have been
reading the wrong tutorial.
A passphrase is a longer version of a password and is supposed to
be more secure. A passphrase helps you to be more secure against dictionary
attacks (compromising PGP will be covered in Part II - Compromising
PGP). The best passphrases are relatively long and complex, containing
non-alphabetic characters. PGP uses a passphrase to encrypt your private
key on your disk using a hash of your passphrase as the secret key.
You use the passphrase to decrypt and use your private key. A
passphrase should be hard for you to forget and difficult for others
to guess. It should be something already firmly embedded in your long-term
memory, rather than something you make up from scratch, because without
your passphrase your private key is totally useless and nothing can
be done about it. At all.
|