gfdl homepage > people > v. balaji's homepage > this page
Maintaining privacy of data and communication using GPG
Most guides to data protection put out by government institutions, universities and corporations tell you about protecting it from nefarious types (the mythical "Mallory" eavesdropping on "Alice" and "Bob"...) but in actual fact you should be equally concerned about protecting it from people who have legitimate access to your files (i.e a sysadmin with "root" privileges on the NEMS machines where GFDLers' mail is stored), or from institutions whose policies may not respect your data privacy.
This is a short introduction to a suite of free software tools for encrypting and signing data. The main tool described here is the GNU Privacy Guard GPG, which is a free GNU implementation of the dual-key encryption method known as Pretty Good Privacy, or PGP.
Dual-key encryption
Dual-key encryption systems are based on a having a key pair. They are anti-symmetric in that if you encrypt with either one, you can decrypt (only) with the other. SSH, PGP and other such cryptographic systems are based on the dual key method.
The key to these methods is that you make one of the key pair public, visible to all the people you may wish to communicate with (essentially anyone in the world...) privately. The pair to the public key is your secret key, which you protect as well as you wish to, using passphrases, which you change frequently, and so on. In dual-key systems, you can send a message to one person or a group which is not readable by anyone else; you can sign a message so that your correspondent can be sure it came from you; and you can verify a signed message from someone else to be sure it came from them.
- if Bob wishes to send Alice a message for her eyes only, he encrypts the message using Alice's public key. Only Alice's secret key, which only she knows, can decrypt it.
- If Alice wishes to sign a message to Bob so he knows it came from her, she signs it with her private key. He can use her public key to verify it came from her.
- To save her own data where Mallory (who has
root
privileges on her system) cannot read it, Alice encrypts it with her own public key. Only her private key can unlock that data.
That's the essence of the method, based on the beautifully elegant principle of dual-key encryption, of which one is private and the other public. The system as a whole is therefore known as public-key cryptography. There is a whole system (the public key infrastructure or PKI) in place for publishing and retrieving public keys from a network of key servers around the world.
Setting up GPG
The first thing you do is to generate your key pair, gpg --gen-key
and
follow the instructions. This will also create the directory
$HOME/.gnupg
.
The $HOME/.gnupg
directory also contains your keyrings. pubring.gpg
is
the list of public keys you need to know: people you might communicate
with (including yourself). secring.gpg
contains the secret keys,
usually yours. These files are binary and you can't read them
directly, but here are some useful commands to start with:
gpg --list-keys
lists all the keys inpubring.gpg
gpg --list-secret-keys
lists the keys insecring.gpg
gpg --search-keys <string>
helps you find the public keys of people on the PKI. When you pick the one you want, you can add it to your public keyring.
The $HOME/.gnupg
directory also contains the configuration file
gpg.conf
.
Some useful things I turned on in my gpg.conf
...
no-greeting # the greeting gets annoying... default-key D95BAE4B # key ID you prefer to use default-recipient-self # if you mostly encrypt your own stuff use-agent # the agent will remember your passphrase: see below armor # always ascii-armor
created by v. balaji (balajiprinceton.edu) in emacs using the emacs-muse mode.
last modified: 10 April 2007
this page visited: 322 times