PGP

Introduction

PGP (Pretty Good Privacy) provides a way to

• send and receive files (and e-mail) securely - as long as the other people use PGP
• establish the authenticity of a file or program that's been 'signed' using PGP (so you can find out whether it's been tampered with)

Many code systems require that both parties know a secret codeword, but that requires transmitting the secret codeword and trusting others. With PGP each person has a private "key" which only they need to know. They also have a public "key" which others need to know in order to communicate with that person using PGP. A user's private "key" is stored in a file in their space but it can't be used until the user types in a pass phrase, so even if the machine is stolen, messages are still safe.

So how does all this work in practise? Suppose sender A wants to send a secure message to B. Sender A encrypts the message using B's public "key" before sending it. This encryption might be done transparently by the mailer, or by preparing the message beforehand using pgp from the command line. Then B decrypts it using their own private "key". Even if the message is intercepted it's very hard to decode.

Setting Yourself Up at CUED

• Set yourself up so that you have access to the pgp programs (add /opt/pgp/bin to your PATH, and /opt/pgp/man to your MANPATH - see the customisation page for details)
• Create a private/public key pair using pgpk -g. Note that
  • It's best to choose RSA as the public key type
  • Use at least 1024 bits.
  • As your ID put in your full e-mail address
  • You should choose a strong but easy-to-remember pass phrase. Don't forget it!
  Your private keyring (the file where your private key is held) will be ~/.pgp/secring.skr with ~/.pgp/secring.bak created as a back-up. Your public keyring will be ~/.pgp/pubring.pkr.
• Advertise the public key. The Computer Lab has a directory of PGP keys but CUED hasn't. You could advertise your public key on your WWW space, etc.
• Set up your mailer so that PGP is used. Setting the mailer to cope with incoming PGP messages is harmless, but you may not want to send out PGP'd messages all the time, so perhaps you might only want to change the incoming mail settings. To integrate pgp with pine, modify the corresponding lines in your .pinerc to:

  # This variable takes a list of programs that message text is piped into
  # after MIME decoding, prior to display.
  display-filters=_BEGINNING("-----BEGIN PGP")_ /opt/pgp/bin/pgpv -f +OutputInformationFD=1
  
  # This defines a program that message text is piped into before MIME
  # encoding, prior to sending
  sending-filters=/opt/pgp/bin/pgps -atf,
        /opt/pgp/bin/pgpe -astf -r _RECIPIENTS_
  

  That last line starts with a tab. The display filter should cope with verifying signatures and decrypting messages. The first sending filter (pgps) signs your outgoing message. The second sending filter signs the message and then encrypts it to the recipients, assuming that you have their public keys on your public keyring.

Signing and Verifying Documents

Sometimes you may need to deal with a file (a contract maybe, or a program) whose authenticity you want to verify. If the file has been "signed" you can use pgpv to verify it.

To sign a file yourself, use pgps -ta textfile, which produces a signed file called textfile.asc (the -ta means that a human-readable file is produced, rather than a compressed one). The signature appended to the end of the file depends on the contents of the document and on your private key, so any change to the file will make the signature "bad".

To check the signature integrity of a signed file use pgpv signedfile. As a test, try creating a signed file, then check its integrity, change it and check its integrity again. There are options to encrypt the file as well as sign it.

Maintaining Keyrings

• To see which keys you have, use pgpk filename
• To add the contents of keyfile to your keyring use pgpk -a [keyfile]
• To extract a key of a known user, use pgpk -x userid. This is particularly useful if you want to give a copy of your public key to someone else. If the key has any certifying signatures attached to it on your key ring, they are copied along with the key. If you want the extracted key represented in printable ASCII characters suitable for email purposes, use the -xa options.

Authentifying Public Keys

How can you know whether to trust a public key? Public keys can be "certified" by someone else, just as signed documents can, so if you're sure about A's public key and A has certified B's public key then you can trust B's public key. In this way a chain of trust can be built up, ending perhaps, at a Certifying Authority.

You can set validity and trust setting for the keys on your public key ring. Typing pgpk -c will show the keys' current settings.

More Information

• If you've set yourself up correctly, you'll have access to the following manual pages - pgp, pgpe (encrypt), pgps (sign), pgpv (verify), pgpk (keys), pgp.cfg (configuring), pgp-intro
• PGP User's Guide, Volume I: Essential Topics
• http://www.pgpi.com
• http://www.cl.cam.ac.uk/PGP/