Loving PGP
PGP could be one of the most important developments in our digital lives in the last decade. PGP stands for ``Pretty Good Privacy,'' and it's an encryption program for the masses. It enables anyone to use strong encryption to safeguard their digital privacy. This cryptography is so strong that the developer, Phil Zimmerman in Boulder, CO, had to stop exporting it to foreign countries over the Internet because encryption this strong is considered a munition, like nuclear or biological weapons. Obviously, ``Pretty Good'' is an understatement.
Encryption schemes make ``cleartext'' (or text which anyone can read) into a morass of gibberish and nonsensical characters. The characters are familiar when seen individually, just as the characters in this sentence are familiar, but when placed into strings of characters they make no sense at all, like this: ``#2lki$'=!dda57nl9lwq3.''
You probably have already seen PGP in your emails or newsgroup postings. It's been in use for several years now, but it could be that you've never understood what it's all about. For example, you have have seen something like the following in an email:
-----BEGIN PGP SIGNED MESSAGE-----
Hi Joe, It's been a really long time since we spoke. Are you still an ugly cuss? Sincerely, Your Pal Bart -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMxnm/DKI/x64hwilAQE0oAQAwtFexFWARUUkNH+pf7hwnF6M q1za4tAobd5aSxi6O3ASg4I4bSrDf0QbJG2sANwBdk7D2mYbtPXJ3+d9 g1BQcPwtYNLrYLYSKDZGsHwN/oFaG9xL718EPxEVqboWy7fJ332CuRM4 WpTRU+Ktk0IrYryO9Ot6a3N1tMgcYVgoswA= =Yl9N -----END PGP SIGNATURE-----
This is actually like my digital signature, here. This is a way of proving that I wrote whatever is signed with my signature. Just as you want your signature affixed to the checks you write against your checking account, some documents require a sort of signature that says you are the author of them. That's what this signature says. Since the document is an electronic document, you cannot physically whip out your Cross pen and pen your signature. You have to affix your digital signature instead. These digital signatures are part of what PGP does.
The other important job PGP does is encrypt your documents so no one can use them until you want them to. For example, instead of faxing or emailing your sensitive financial information to your mortgage lender or car dealer, or perhaps sensitive medical information to your doctor, you should really stop and think about who else will see this information. You may not realize it, but you are sharing this information with far more people than the person you are sending it to. For example, when you fax a document to someone, your document can stay in that machine's buffer long after someone prints it out. It may also be faxed to another location, if the owner of the fax machine so desires (he may archive his faxes digitally). Likewise, his fax machine may hickup and richochet your fax to someone else by mistake. This has happened before, much to some peoples' embarrassment. Not to mention, anyone walking by the fax machine will see your fax along with, perhaps, the fax they were legitimately searching for. Faxing sensitive documents is just a dumb thing to do.
Emailing sensitive documents is perhaps just as ill-advised. Emails are often archived on various servers along the way to your email's destination. First of all, your email is more like a postcartd than a sealed envelope you send via the Post Office. Anyone who wants to see it can, as easily as anyone walking by the fax machine. And not only is your email on a single mail server, but it may be archived at any or all servers along the way. Further, police and government agencies routinely search mail servers, especially large ones, in an effort to gather evidence in criminal cases. They often seize or inspect not just the mail of people they're investigating, but also anyone else's who might be handy. Not to mention that anyone who so desires may look at any mail that is so archived or ``backed up'' for a period of time. (Servers may have to resend batches of mail due to network troubles, so archives are a common feature of mail servers.) Your mail is available for all to see during this time. Encryption ``seals'' your mail so anyone can look at your mail (or even attached binary files), but the file will appear as gibberish and be useless to them.
Encryption schemes often use digital ``keys'' to encrypt a file. You could think of the key as a ``translator'' that tells how each character should be converted into ``ciphertext'' (or that gibberish that no one can understand). The digital key, then, is what protects your file. If anyone recovers that key, they can decrypt your file.
Older encryption schemes required you to give your digital key to someone else so they could decrypt the files you give them. But this was hazardous because anyone who intercepted the key could likewise decrypt your files. This was a relatively weak encryption system. Newer encryption schemes use a two-key system with a ``public key'' and a ``secret key,'' and this is what PGP uses.
Public key cryptography requires everyone who uses it to have both a public key and a secret key. The only key that is exposed is the public key, but the public key is only used to encrypt text. It is not used to decrypt text. Decrypting files requires the secret key, and that is protected by a secret passphrase (longer and more complex than a password). The secret key is stored as an encrypted file itself, so it is locked up tight. The passphrase is what you use to unlock it so it can be used to decrypt a file.
So, anyone who copies your public key can send you ciphertext that only you can decrypt with your secret key. But this is actually handy, isn't it? You would like them to have your public key so they can encrypt files to you. They don't need your secret key because you want to be the only one who can decrypt the files they send. (You still have to trust others to store those sensitive files about you as encrypted documents on their own systems, and not as cleartext, however.)
Public key cryptography depends on the ready availability of everyone's public keys for the system to work. Public ``keyservers'' (accessible through email and web pages) are made available for everyone to upload their public key for this reason. Now if you want to send your doctor or lawyer or accountant sensitive personal information, you need their public key. Obtain it from them or the keyserver. This key allows you to encrypt documents to them, but only they may decrypt them. And you should either wipe the document from your hard disk or store the document as ciphertext (an encrypted file) to be totally secure. (You can encrypt a copy to yourself using your own public key, so you can likewise decrypt it.)
In review, then, you must have the digital public key for anyone you wish to send an encrypted file to. You use their public key to encrypt mail or files to them. Anyone who wishes to send you an encrypted file must have your public key. And for you to decrypt a file someone has sent you, you use your own secret key. No one but you (and whoever may have stolen and decrypted) your secret key can do so.
As you can see, it is imperative that you protect your private or ``secret'' key. This is the reason why you encrypt and assign a passphrase to your secret key. If someone were to sneak onto your computer (or access your computer from a network), they could possibly make a copy of your secret key. PGP uses a heavy encryption algorithm to store your secret key (RSA Data Security Inc.'s MD-5). A brute force attack of trial and error on your military-grade secret key to find the right passphrase would probably require a network of supercomputers quite a long time (probably years) to arrive at the right combination of characters. In short, it's too expensive for anyone to crack, except possibly the NSA. The only logical choice for someone who wants to decrypt your files is to intercept your passphrase as you type it in.
Several ways exist for capturing your passphrase. One is for someone to look over your shoulder, and unless you make your passphrase difficult to remember, they will have it. Another way is to plant a subroutine into your copy of PGP that captures your passphrase to a hidden file that can later be retrieved or transmitted. Another possibility is using eavesdropping technology to intercept the electromagnetic impulses of your keyboard's keystrokes; unshielded computers emit small magnetic impulses that can be captured and translated into keystrokes. This technology is called TEMPEST and is expensive. Another possibility is to simply look for a place where you wrote down your passphrase. Or if you saw the movie Sneakers, you may have seen Sidney Pottier and Robert Redford with a long-distance, high speed movie camera that photographed a person's keystrokes from a building across the street.
So, how paranoid should you be? It depends on what you're trying to protect and how badly someone else wants it. If you've got professional data sharks after you like the NSA or the ones shown in Sneakers, then you'd better hire professionals yourself. But if you're trying to protect a family recipie for brownies from your next door neighbor, then just follow the basic precautions for passphrases and secret keys in the PGP documentation.
The basics are as follows:
If you've got professional data sharks after you using TEMPEST, you've got bigger problems than I can help you with. You'll need specialized equipment to defeat that technology. If you suspect that you're being watched by professionals using electronic surveilance, you'd better hire professionals yourself.