MandrakeUser.Org - Your Mandrake-Linux Knowledge Base!


 
 

*DocIndex - Security

GPG I

* What Is GPG?
* Why And When To Use GPG
* How GPG Works
* GPG Pitfalls

Related Resources:

GnuPG.org
GnuPG FAQ
man gpg

Revision / Modified: Sep. 27, 2001
Author: Tom Berger

 

GPG I

* What Is GPG?

GPG ('GNU Privacy Guard') is a free replacement of the famous PGP ('Pretty Good Privacy') encryption program by the even more famous Phil Zimmerman. PGP and GPG allow you to encrypt, decrypt and verify text files as well as binaries.

I'm not going to describe the license and version mumbojumbo around PGP here. GPG has been developed from scratch without relying on any patented encryption algorithms, is licensed under the GPL, and adheres to the OpenPGP standard (RFC2440).
GPG is compatible to PGP 5.x and later: you can exchange encrypted messages, verify messages and use keys generated with these versions of PGP. GPG runs on all major Unixes and on MS-Windows 9x and NT.

* section index * top

* Why And When To Use GPG

The main field of application for GPG is email. Just think about it: Day by day you are sending information over an untrusted network in plain text. Anyone with sufficient knowledge, hardware and software can read yourmail: criminal organizations, your competitors in business, any government agency through which domain of legislation your mail happens to pass (and given the structure of the Internet, that can be more than you might think), everyone who manages to break into your email account ...

GPG will make sure that no one except you and the recipient can read the message. Furthermore it authenticates the messages to the recipient and assures him that the content hasn't been tempered with.

Of course it doesn't make much sense to sign or even encrypt all your messages (unless you want to prove to everyone that you are paranoid, that is ;-)), but confidential information should be kept from prying eyes. You do not send your business reports on postcards either, do you?

GPG also allows you to verify RPM packages using the public Mandrake key on your Mandrake Linux CD ('RPM-GPG-KEYS' for 7.x and later, 'RPM-PGP-KEYS' for earlier versions).

* section index * top

* How GPG Works

GPG is - like SSH - based on a two-key mechanism, the key pair. A key pair consists of a private key and a public key. These pairs are unique, i.e. each private key has one and only one matching public key (et vice versa). Whereas you should distribute your public key as widely as possible, your private key must be kept secret at all cost.

  • Your public key allows others to encrypt messages and files addressed to you and to verify your signature on files or messages from you.

  • Your private key allows you to decrypt messages and files encrypted by others with your public key and to encrypt and / or sign your own files or messages. In connection with the public key of a recipient, your private key allows you to encrypt a message or file for this recipient and / or to sign it.

As you can see, there are two basic mechanisms, signing and encrypting:

  • A signed message or file allows the recipient to check if the message or file really comes from the owner of the private key the message or file has been signed with. For this, the recipient needs the public key of the signer. Signing authenticates the sender of a message or file.

  • An encrypted message or file allows you to determine who will be able to read the file or message. Only the owner of the matching private key to the public key you used to encrypt the file will be able to decrypt it. You can specify as many recipients as you like, as long as you have all their public keys. Encryption authenticates the recipient of a message or file.

  • To authenticate both parties, the sender and the recipient, a message or file can be encrypted and signed. In fact it is recommended toalways sign an encrypted file or message.

It is possible to have more than one key pair, e.g. one for private communications and one for business. The private key must be protected with a passphrase.
It is vitally important to never compromise your private key. If someone gets hold of your private key, he or she will be able to decrypt your messages and - even more devastating - to pretend to be you to others. GPG offers a mechanism to revoke invalid key pairs.

Public keys of recipients are organized in the 'keyring', thus allowing you to authenticate as many recipients (= people able to decrypt the message) as you wish by providing the key IDs of their public keys.

You are advised to store your public key on one of the available public key servers. This way people can get your public key and send you encrypted messages without having to contact you first.

* section index * top

* GPG Pitfalls

The GPG system has some weak points:

  • the passphrase for the secret key
  • the validity of public keys
  • memory usage
  • PGP compatibility

As for the passphrase, it is up to you to choose a good phrase which cannot be easily guessed or cracked by a password cracking program. If you can't think of one, use a web-based password generator like PassMaker (which has the advantage to create easy to remember passphrases).

It is possible to fake a public key and thus decrypt messages encrypted to this faked key. To prevent this, public keys can be assigned levels of trust by recipients. With trusting a key, a recipient says that he or she is sure that this key comes from the person the key belongs to ('ownertrust'). This mechanism also serves GPG to compute the trustworthiness of a key.
If you add a public key to your keyring, you can assign it a trustlevel from 'unknown' ("Don't know if the key is valid") to 'full' ("I'mabsolutely sure that the key is valid"). The command sequence is

gpg --edit-key [ID] followed by trust

Trusted keys should then be uploaded to a keyserver, which will update the trust level of the submitted key.

You will notice that every time you use GPG, it will complain like this:

gpg: Warning: using insecure memory!

GPG can't lock memory pages while you don't run it with 'root' privileges. So it might be possible to read out the content of these pages and thus the passphrase. The only solution would be running GPG 'setuid root' (chmod 4755 /usr/bin/gpg) , but this is also considered a security risk....
By putting the option no-secmem-warning into '~/.gnu/options', you can at least turn off the warning message.

GPG does not recognize the IDEA encryption algorithm used as a standard in PGP version up to 2.x. since these rely on patented code.
Incompatible keys lead to this error message upon trying to import them:

unsupported public key algorithm

PGP 5 and later keys should be no problem. You can even import your private keys from PGP and use them in GPG.

The FAQ lists suggestions on how to increase interoperability with PGP 5.x. For PGP 2.x refer to Replacing PGP 2.x with GnuPG. Of course you can also install PGP 6.x, which is available as 'freeware' for a variety of platforms.
The 'pgpgpg' package converts calls from programs to PGP to their GPG equivalents.

* section index * top

* Installing and Using GPG

 
Legal: All texts on this site are covered by the GNU Free Documentation License. Standard disclaimers of warranty apply. Copyright LSTB (Tom Berger) and Mandrakesoft 1999-2002.