GPG I
GPG ('GNU Privacy
Guard') is a free replacement of the famous PGP ('Pretty Good Privacy') encryption program
by the even more famous Phil Zimmerman. PGP and GPG allow you to encrypt,
decrypt and verify text files as well as binaries.
I'm not going to describe the license and version mumbojumbo
around PGP here. GPG has been developed from scratch without relying on any
patented encryption algorithms, is licensed under the GPL, and adheres to
the OpenPGP standard (RFC2440).
GPG is compatible to PGP 5.x and later: you can exchange encrypted messages,
verify messages and use keys generated with these versions of PGP. GPG runs
on all major Unixes and on MS-Windows 9x and NT.
section index top
The main field of application for GPG is email. Just
think about it: Day by day you are sending information over an untrusted
network in plain text. Anyone with sufficient knowledge, hardware and software
can read yourmail: criminal organizations, your competitors in business,
any government agency through which domain of legislation your mail happens
to pass (and given the structure of the Internet, that can be more than you
might think), everyone who manages to break into your email account ...
GPG will make sure that no one except you and the recipient
can read the message. Furthermore it authenticates the messages to the recipient
and assures him that the content hasn't been tempered with.
Of course it doesn't make much sense to sign or even
encrypt all your messages (unless you want to prove to everyone that you
are paranoid, that is ;-)), but confidential information should be kept from
prying eyes. You do not send your business reports on postcards either, do
you?
GPG also allows you to verify RPM packages using the
public Mandrake key on your Mandrake Linux CD ('RPM-GPG-KEYS' for 7.x and
later, 'RPM-PGP-KEYS' for earlier versions).
section index top
GPG is - like SSH - based on a two-key mechanism, the
key pair. A key pair consists of a private key and a public key. These pairs
are unique, i.e. each private key has one and only one matching public key
(et vice versa). Whereas you should distribute your public key as widely
as possible, your private key must be kept secret at all cost.
-
Your public key allows others
to encrypt messages and files addressed to you and to verify your
signature on files or messages from you.
-
Your private key allows you to decrypt
messages and files encrypted by others with your public key and to encrypt
and / or sign your own files or messages. In connection with the public key
of a recipient, your private key allows you to encrypt a message or file
for this recipient and / or to sign it.
As you can see, there are two basic mechanisms, signing
and encrypting:
-
A signed message or file allows the recipient
to check if the message or file really comes from the owner of the private
key the message or file has been signed with. For this, the recipient needs
the public key of the signer. Signing authenticates the sender of
a message or file.
-
An encrypted message or file allows you
to determine who will be able to read the file or message. Only the owner
of the matching private key to the public key you used to encrypt the file
will be able to decrypt it. You can specify as many recipients as you like,
as long as you have all their public keys. Encryption authenticates the recipient
of a message or file.
-
To authenticate both parties, the sender and the
recipient, a message or file can be encrypted and signed. In fact
it is recommended toalways sign an encrypted file or message.
It is possible to have more than one key pair, e.g.
one for private communications and one for business. The private key must
be protected with a passphrase.
It is vitally important to never compromise your private
key. If someone gets hold of your private key, he or she will be able to decrypt
your messages and - even more devastating - to pretend to be you to others.
GPG offers a mechanism to revoke invalid key pairs.
Public keys of recipients are organized in the 'keyring',
thus allowing you to authenticate as many recipients (= people able to decrypt
the message) as you wish by providing the key IDs of their public keys.
You are advised to store your public key on one of the
available public key servers. This way people can get your public key and
send you encrypted messages without having to contact you first.
section index top
The GPG system has some weak points:
- the passphrase for the secret key
- the validity of public keys
- memory usage
- PGP compatibility
As for the passphrase, it is up to you to choose a good
phrase which cannot be easily guessed or cracked by a password cracking program.
If you can't think of one, use a web-based password generator like PassMaker (which has the advantage to create
easy to remember passphrases).
It is possible to fake a public key and thus decrypt
messages encrypted to this faked key. To prevent this, public keys can be
assigned levels of trust by recipients. With trusting a key, a recipient
says that he or she is sure that this key comes from the person the key belongs
to ('ownertrust'). This mechanism also serves GPG to compute the trustworthiness
of a key.
If you add a public key to your keyring, you can assign it a trustlevel from
'unknown' ("Don't know if the key is valid") to 'full' ("I'mabsolutely
sure that the key is valid"). The command sequence is
gpg --edit-key [ID] followed by trust
Trusted keys should then be uploaded to a keyserver,
which will update the trust level of the submitted key.
You will notice that every time you use GPG, it will
complain like this:
gpg: Warning: using insecure memory!
GPG can't lock memory pages while you don't run it with
'root' privileges. So it might be possible to read out the content of these
pages and thus the passphrase. The only solution would be running GPG 'setuid
root' (chmod 4755 /usr/bin/gpg ) , but this is also considered
a security risk....
By putting the option no-secmem-warning into '~/.gnu/options',
you can at least turn off the warning message.
GPG does not recognize the IDEA encryption algorithm
used as a standard in PGP version up to 2.x. since these rely on patented
code.
Incompatible keys lead to this error message upon trying to import them:
unsupported public key algorithm
PGP 5 and later keys should be no problem. You can even
import your private keys from PGP and use them in GPG.
The FAQ lists suggestions on how to increase interoperability
with PGP 5.x. For PGP 2.x refer to Replacing PGP 2.x with GnuPG.
Of course you can also install PGP 6.x, which is available as 'freeware'
for a variety
of platforms.
The 'pgpgpg' package converts calls from programs to PGP to their GPG equivalents.
section index top
Installing and Using GPG
|