�Editor's Note
�Free Software
�GPG
�IEEE 802.11a
�Linux
�MBSA
�METU-CC Web Site
�Thesis Advisor A. Prog.
�Viruses
�CISN Archive
�Questionnaire
�Send Feedback


Computing & Information Services Newsletter
GPG - Secure Communication with GNU Privacy Guard
     
 

Version 0.15 - May 7th, 2002
Please visit this page for the updated version of the document.

As users, we wish that the people, to whom we have sent, read our e-mail messages safely or we would like to restrict access to most of our personal files and archives. Various methods have been developed to provide this; however they all have vulnerabilities. In this document, you will be able to read about the GnuPG, which took the place of PGP in providing secure ways for e-mail correspondence and archiving, what it means and how it can be practically used.

You can access to many sites about GnuPG on Internet and you can get more information about it on GnuPG's pages. This document is prepared on both GNU/Linux operating system and WinME by using gpg (GnuPG) 1.0.6 version.

GnuPG is developed as a free software that takes the place of a well-known tool for secure communication, that is commercial and copyrighted PGP. It is an application that complies with GnuPG FRC2440 (OpenPGP) standards. German Ministry of Economy and Technology supports the development of GnuPG as well.

This document is comprised of two parts. The first part covers the installation and usage of GnuGPG, the second part explains the method to post e-mail messages securely on some e-mail clients. Before explaining all these, basic concepts should be mentioned to better grasp the subject.

1 Basic Concepts

1.1 Encryption with public keys

Traditional encryption uses only one key. The sender of the information encrypts the message with a key and the sender opens it with the same key. However, if the encryption is obtained by a third person, the communication then is revealed. And sending this key over Internet poses a great threat to secure communication at the first instance.

However, the concept of public key removed all the vulnerabilities of encrypting and decrypting with one key, mentioned here. There are two pairs of keys on public key. One of them remains absolutely with the user/it must be kept secret (private key). The other one, public key, may be given to anyone with whom the user wants to communicate.

The concept mentioned here is very straightforward; the person should own a pair of keys. If you would like to send a file by encrypting it, you should encrypt it with the public key of the receiver. The receiver then is only able to decrypt this message with his/her own private key. No other method can decrypt it for now. Maybe NSA has developed an algorithm to decrypt it; but we do not know about that. However, do not forget that the encryption method is safe and secure only as long as your system remains safe.

The most important thing to remember; do create the keys on your personal computer, never crate them on a computer that you remotely access to. Secondly, there should not be any security vulnerabilities on your own personal computer.

You can give the public key to everyone via diskette, a page on Internet, as attached to e-mail or by placing it on a server on Internet where all the keys are kept.

1.2 Digital signatures

A digital signature certifies that the message came from the person that we expect the mail from and the document is not modified in any way. Creating and verifying signatures uses the public/private keypair in an operation different from encryption and decryption. The message is sent without encryption but it has a digital signature at the end. The digital signature is created using the private key of the signer. And the receiver would use the sender's public key to check the signature to verify that the submission indeed came from the sender and that it had not been modified since the sender sent it.

1.3 Security network

The vulnerability of the keypair system is that you cannot really know whether the public key is sent actually by the person whom you think sent the message to you. If your public key is modified somehow by somebody, this unknown attacker may open the encrypted messages that are sent to you via the public key he/she owns and he/she may read them.

This vulnerability can be removed from PGP and GnuPG. To remove it, the people / institutions you trust should send their passwords by digitally signing it. That means a new public key should be sent to you by someone whom you trust with a digitally signed message.

1.4 Security vulnerabilities

PGP has no vulnerabilities. However, a trojan horse found in February 2002, searches the PGP keys on the system and sends them to an ftp site. If the passphrase that secures your private key is not strong enough, your private key may no more remain private.

Although it is quite harder to do so, attackers may take advantage of another vulnerability; they may obtain the keystrokes of your keyboard or they may transfer all the files and the display on the screen to another computer by using programs such as VNC or PCAnywhere.

GnuPG would not provide you with ultimate privacy. However, your ultimate goal is to make it more difficult for eavesdroppers to attain their goals. You have to consider the system as a whole and address the issues with respect to your own security needs.

2 Use of GnuPG

2.1 GnuPG installation

You can install GnuPG program from this page. On this site, the source code or the installation file for UNIX versions and Microsoft's various operating systems are available. However, in an average GNU/Linux release, this program is available as rpm, deb or tgz package.

2.1.1 Installation of GnuPG on UNIX operating systems

You should check whether the file you have downloaded from Internet is modified/damaged or not. In UNIX operating systems, you can check the integrity of the file with the command md5sum gnupg-?.?.?.tar.gz. The value obtained after performing this operation should be the same with the value that the site of download has provided.

You should open the file you have downloaded with tar -xvzf gnupg-?.?.?.tar.gz command; then, we recommend you to read the README file. You can read about the parametres that suit your preferences. However, tar.gz packages are installed with default istallation parametres as shown in the following lines.

./configure
make
make install

In GNU/Linux systems, you should check whether it is installed or not on your system.

2.1.2 The Installation of GnuPG on Windows operating system

Download the gnupg-?.?.?.zip file which is developed for Windows operating systems; then open it in a directory. Then create the directory "c:\gnupg". You can run it in the directory where "gpg.exe" is located and you can run it by entering the following commands on MS-DOS mode.

2.2 Creating keys

The command you should enter on command field is gpg --gen-key. The response of the system will be as follows:

gpg (GnuPG) 1.0.6; Copyright (C) 2001 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: /home/altay/.gnupg/secring.gpg: keyring created
gpg: /home/altay/.gnupg/pubring.gpg: keyring created
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) ElGamal (sign and encrypt)
Your selection?

Your selection is the task of selecting encryption algorithm. The tasks that it will carry out are explained in the parantheses. Select 1 which carries out default tasks. After selecting the kind of key, the system prompts the length of the key for key creation task. Default is 1024 byte and the recommended one is the 2048 byte, which is the maximum value.

Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
minimum keysize is 768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
What keysize do you want? (1024)

If your answer is 2048; the system will ask you whether such length is necessary. Write down yes; then the expiry date of the key that will be created shall be asked. You can change this date later. Then the system will prompt the user name of the key that will be created.

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) "

Real name: Altay S. Ozaygen
Email address: ozaygen@metu.edu.tr
Comment: altay
You selected this USER-ID:
"Altay S. Ozaygen (altay) "
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

After you answer the questions, the password that will protect your private key shall be prompted twice. Then the system will start creating the keys. It takes 3-4 minutes a PII 350MHz computer with GNU/Linux to create a 2048 byte key. The following lines will then be displayed:

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++.++++++++++..++++++++++++++++++++.+++++++++++++++.++++++++++++++++
+++++++++.++++++++++++++++++++++++++++++.++++++++++++++++++++>+++++..........<++
+++........................>++++++++++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++++++++++++.+++++++++++++++.+++++++++++++++.+++++..+++++++++++++++.++++
++++++++++++++++++++++++++..+++++..+++++..+++++..++++++++++...+++++.+++++.++++++
++++>+++++..+++++>.+++++...........>+++++.......................................
............................................<+++++>....+++++....................
.........................................+++++^^^^
public and secret key created and signed.

You will have created two keys at the end of these processes. You can distribute the public key to whom you want to communicate to. Your private key is protected by this password.

2.3 The first use of the key

If you would like to use the key you have created, you can try and test it on one of your files (myconfessions.txt). You can encrypt this file with your own public key.

gpg --encrypt -r altay myconfessions.txt

The encrypted file generated is myconfessions.txt.gpg. However, your previous unencrypted file is still on the system. The last command enabled you to create a new encrypted file. This encrypted file can only be opened by user altay with his/her own private key.

To open this encrypted file, use the command below. This command enables the user altay to open the file myconfessions.txt.gpg, which is encrypted with this altay's public key, with altay's private key.

gpg --decrypt -r altay myconfessions.txt.gpg

The response of the system will be as follows and it will prompt the password that will allow you to use your private key.

You need a passphrase to unlock the secret key for
user: "Altay S. Ozaygen (altay) "
2048-bit ELG-E key, ID 3BCA38D4, created 2002-04-03 (main key ID 865CB8C7)
Enter passphrase:

Though the gpg --decrypt -r altay myconfessions.txt.gpg command displays this txt.file, it cannot display it by writing the open text into a file, the command gpg --decrypt -r altay myconfessions.txt.gpg >> openconfession.txt opens the file and places it into openconfession.txt that it creates.

Your first experience with encryption is over. Do not forget however that if you would like to send an e-mail with an attachment (sending encrypted e-mail will be explained later), that attachment will not be encrypted. Only the text of the e-mail, can be encrypted on e-mail programs. For that reason, encrypt the important e-mail attachments with the public key of the receiver as in the case above.

2.4 Other tasks available on the command line

Working on the command line might be boring at the beginning. But, more hands-on experience with them will render it easier for you to understand what you are actually performing. Now, a few other commands shall be explained.

If you have not received any public key yet, the only public key available on the system (that is your key) will be written into the own_public_key. txt file after you run the command below.

gpg --export -a > own_public_key.txt

However, if you placed a public key of someone on the system, and if you would like to write it into a file,enter the following command:

gpg --export -a [user_name] > user_public_key.txt

This command will enable you to enter the public key with .txt extension, which is sent to you by a person with whom you want to communicate with or which you have taken from a web page, into your own public key database

gpg --import someones_public_key.txt

The following command diplays the keys and the owner of the keys available in the database where you keep the public keys.

gpg --list-keys

The response will be as follows:

/home/altay/.gnupg/pubring.gpg
------------------------------
pub 1024D/865CB8C7 2002-04-03 Altay S. Ozaygen (altay)
sub 2048g/3BCA38D4 2002-04-03

pub 1024D/BD5D97EC 2002-04-02 Ayberk Koc (ayberk)
sub 2048g/773E5A72 2002-04-02 [expires: 2002-04-16]
gpg --list-secret-keys

This command displays the private keys that you own. The numbers of the private keys are just no more than two or three. In fact, only one will do the job. If you have generated only one keypair, you can display that only.

The following command allows you to delete a public key of a user from your public key database,

gpg --delete-key [user name]

The following command allows you to delete a private key of a user,

gpg --delete-secret-key [user name]

The following command allows you to change the settings of a keypair that belongs to you (such settings include expiry date etc.). Of course, you have to use the password required for the keypair to do this.

gpg --edit-key [user_name]

2.5 GPA - GNU privacy assistant

GPA is a graphical interface with which you can use GnuPG on the UNIX systems. This graphical interface facilitates the use of commands and replaces commands mentioned above with a few mouse clicks. GPA is still work in progress; therfore, as also mentioned on GPA's site, you should be careful when using it. There is no need to explain how to use this program here; since it renders it possible for us to do the operations we have done on the command line through a grahical interface.

3 Using GnuPG on e-mail client programs

After you generate your keys, it is very easy to use this program on advanced e-mail programs. However, it is NOT safe to open an encrypted e-mail on another server, which you accessed remotely. It is strongly recommended that you perform all these processes on your desktop computer.

Many popular e-mail clients support GnuPG. You can check that from the web page of your e-mail client program or from this page that lists which e-mail clients are running with which plug-ins. You should be careful when using thriving e-mail clients such as Sylpheed since their GnuGP support is yet tentative.

The mental model for e-mail clients that supports GnuPG or PGP is all the same. In the first place, you should generate your keypair as mentioned above. Then, you should enter your personal pgp/gnupg id that you use on your e-mail client. To be able to send encrypted e-mails, the public keys of the people you want to communicate with should be available in your public key database. If you have not changed the default settings of your e-mail client, check it with a mark to indicate whether the e-mail will be encrypted and/or signed before sending. If you posess the plain password of the address you have sent the e-mail to, your wish will come true.

You should remember that e-mail clients generally do not encrypt the attached files of the e-mails. Before sending the e-mail with attached file, you should encrypt the attached file with the public key of the receiver as mentioned above.

3.1 KMail 2.2.x

KMail is an e-mail client that is made available in KDE, which is the most popular desktop graphical interface used in GNU/Linux.

Enter your own user id that you use with GnuPG in the PGP user id field under Settings -> Configure KMail -> Identity. Then select Settings -> Configure KMail ->Security. Then click PGP tab.

  • Remember the password in memory: If this option is selected, every time you send an encrypted e-mail or sign an e-mail with KMail, the password will be prompted only when KMail session is started; then Kmail keeps it in memory and does not write it anywhere on the hard disc. If you do not mark this option, password will be prompted every time an e-mail is encrypted or signed.
  • Always encrypt automatically: If this option is selected, you can view the encrypted messages plainly on sent messages field.
  • Show ciphered/signed text after composing: If this option is selected, the e-mail encrypted or signed is displayed before it actually is sent. This enables you to view the final shape of the message that will be sent. We recommend this option.
  • Encryption Tool: You have to mark the tool you have used during encryption, GnuPG is explained in this file.
  • Writing E-mail: Two icons will be displayed on the right side of the toolbar. One of them is "mark the attachment" and the other is "encoded attachment". All through this file, mark the attachment will be referred to as e-signed message, and encoded attachment will be referred to as encrypted message. Mark these options according to your preferences of sending this e-mail. If you would prefer sending your public key to the people you communicate with via an e-mail, please select "Attach" -> "Attach my Public Key (PGP)" on the menu above when writing an e-mail. If you select "Attach Public Key" option, a list of people in your public key database will be displayed.

3.2 Evolution 1.x

Evolution is an advanced e-mail client, which is avialable in GNOME window manager project. This e-mail client is available in all GNU/Linux releases. After you select "Mail Settings" under "Tools" menu, the directory where the PGP runs is specified under "Other". Usually this varies according to the release; but it is specified /usr/bin/gpg as a standard.

No other settings are required. Your GnuPG id, which you have crated previously and the public key of the person you intend to send the e-mail to should be present in your database.

When writing an e-mail, click New Message and select "PGP sign" and/or "PGP encrypt" options according to your preferences. An e-mail that you have sent by selecting "PGP encrypt" option will be received as encrypted.asc file. The receiver must open this file with "gpg --decrypt -r altay encrypted.asc" command where "altay" should be the name of the receiver.

3.3 Mozilla/Netscape

For quite a length of time, Netscape has been engaged with the Mozilla project. Mozilla is being developed following the principles of free software philosophy. If you want to use GnuPG on Mozilla/Netscape, you need a plug-in named Enigmail. Before downloading it, you should NOT forget that Enigmail has many versions. You should download the file that is compatible with the Mozilla version you are using or you should click the Install option next to your Mozilla version. If you are using Linux, you should NOT forget to run Mozilla as root user.

After you install Enigmail successfully, you have to reboot the machine with Windows operating systems and you have to restart Mozilla program on machines with GNU/Linux. Then you will see that Enigmail menu and Decrypt button is created on the e-mail client.

You should follow the path "Edit -> Preferences -> Privacy&Security -> Enigmail" to do the settings. On the screen that is displayed, you can perform some required simple settings. You have to specify the location of the executable file of GPG by clicking the advanced button. The other settings are features that you may use according to your own preferences.

The settings you can specify on the menu of Enigmail when writing a new e-mail;

  • Default send: Sending the e-mail with predefined default settings; that is, with the settings explained above.
  • Signed send: Sending digitally signed e-mail. If an error is received, the user is notified of it.
  • Encrypt+sign send: Sending both encrypted and digitally signed e-mail. If an error is received, the user is notified of it.
  • Plaintext send: Sending plaintext e-mail.
  • Sign mail by default: Signing each e-mail by default.
  • Encrypt mail if possible: Encrypting as much outgoing e-mail as possible. If there is an error with the encryption, no warning message will be displayed.
  • Insert public key: Attachment of public key in ASCII format to the outgoing messages.

3.4 Outlook

You should be very careful when using Microsoft products because it is very easy to send viruses involuntarily to here and there with Microsoft programs.

Outlook e-mail client does not directly support GnuPG. You should download the required plug-in from this link and install it on your system. Peform the following steps afterwards:

  • Click "Setup Secure E-mail" under "Tools" -> "Options" -> "Security" button on Outlook.
  • Specify a name for "Security Settings Name" field.
  • Click "Choose" button for the "Signing Certificate" box. Choose your identity from the list (Only the valid e-identities are available on the list).
  • Click "Choose" button for the "Encryption Certificate" box. Choose your identity from the list (Only the valid e-identities are available on the list).
  • Mark the "Send these certificates with signed messages" option to receive encrypted messages. Now, your e-id will be attached to the digitally signed e-mails you will be sending and this will allow you to receive encrypted e-messages.

Sending digitally signed e-mail messages

  • Write the message.
  • Click the "Options" on the message window.
  • Select "Add digital signature to outgoing message" option.
  • Mark "Security" under "Properties" on "File" menu to set the security settings.
  • Click "Send" button.
  • If you would like to send all the e-mail messages with signature, mark "Add digital signature to outgoing messages" option under "Tools" -> "Options" -> "Security" in Outlook.

3.5 Outlook Express 5.x/6.0

Outlook Express e-mail server does not directly support GnuPG. You should download the required plug-in from this blink and install it on your system. Peform the following steps afterwards:

  • Firstly, you should specify your e-id you will use on Outlook Express to be able to send your e-mails encrypted or signed. Start an Outlook Express session. Click "Accounts" button from "Tools" under "Menu". Click "Properties" button on the page that is displayed next.
  • Click "Security" under "Menu" on the page that is displayed next and proceed further.
  • In this screen, you can specify the e-id you will be using to electronically sign your e-mail by clicking the "Select" button above. You can specify the e-id you will be using to decrypt your e-mail by clicking the "Select" button below.
  • Click the "Select" button to specify the e-id you will be using to e-sign your e-mails. On the screen that is displayed, select your e-id and click "OK" button.
  • Click the "Select" button below to specify the e-id you will be using to decrypt your e-mails. Select your e-id and click "OK" button to proceed.
  • After you complete this procedure, click "OK" button. Next, click "Close" button. Now, you can send digitally signed e-mail messages with Outlook Express.

Sending digitally signed e-mail messages

  • Start an Outlook Express session and press "New Mail" button under "Menu".
  • Click "Tools" button under "Menu" and select "Digitally Sign" option.
  • Click "Send" button under "Menu".
  • If you would like to send your e-mail encrypted, you should have previously received a digitally signed e-mail from the person you would like to send the mail, or you should have promoted the e-id of the person to Internet Explorer. To send an encrypted e-mail, click the"Tools" button on "Menu"; then click "Encrypt" option. Enter the e-mail address of the receiver to "To:" field. Later, click the "Send" button on "Menu". Congratulations, you have sent an encrypted e-mail.
  • If you would like to send an e-mail both as digitally signed and encrypted, click "Tools" button on "Menu"; and click both of the options "Encrypt" and "Digitally Sign". Enter the e-mail address of the receiver to "To:" field. Later, click the "Send" button on "Menu.

4 Conclusion

GnuPG is a significant tool for secure communication. GnuPG program can be effectively used both on Windows and Linux. Kmail and Evolution have built-in tools as against the e-mail clients like GNU/Linux, which require plug-ins; therefore it is easier to use them and they are more stable.

Enjoy secure communications.

Altay S. Ozaygen

 
     
  - TOP -  
© 2002 METU CC
Design: CC - INFO