File Encryption – ensuring only your intended recipient can read it
Take away point: PGP can be used to create a message that only the recipient can read. You probably don’t need to do this, but PGP will be used in a later tutorial to verify that the security programs you download have not been tampered with.
Suppose you want to send an important message to a newspaper reporter but it is absolutely imperative that nobody except the reporter can read the contents of the message. You see that the journalist has published a key that looks something like this:
Note that this is an entirely random choice for an example. I know nothing about these people and have no reason to trust or not to trust them. They could be the CIA for all I know.
I will now step through the sequence required to prepare a message with this key, using some rather out of date methods, but I think it will give you better idea of what is actually happening than an automated solution. There are products that automate this by looking up the e-mail address of your recipient in a key server and encrypting the message on the fly but the downside is that you have no idea what is going on.
The first step is to download and install a version of PGP. In this example, I will use GnuPG. The best program I have found for this is PGP desktop, but unfortunately, after moving through various owners, Symantic being the latest, it can no longer be trusted. Given the ability of the US government to get corporations to do whatever they want with a simple phone call, you have to assume there is a back door in it or there will soon be. Therefore, it is safer to use an older, international version. I had a PGP license for many years but finally let it expire. GnuPG is also useful for verifying downloaded files.
Start by downloading GnuPG . The installation file for windows is called gnupg-w32cli-1.4.11.exe . You can use the default values when you install it.
This is a command line program, so for those that don’t remember MS-DOS (Microsoft Disk Operating System), you can go back in time on a windows XP machine by going to Start->Run and then typing cmd and pressing ok. You will then get a terminal window that looks like the screen on an IBM PC, 20 years ago.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\YourAccountNameHere>
Then you need to change the current directory to the location of the command line executables. The command for this in DOS is cd. If you type dir you will get a list of the files in that directory. If you need to kill a program and get back to the command prompt, pressing the Ctrl key and the C key at the same time will usually do the trick.
The next step is to create a key pair for yourself by typing gpg –gen-key . Here is an example:
The maximum level of encryption, 2048 bits was selected, the key expires in 1 year and it will be associated with the email address entered. Now we press o for ok followed by enter. You will be prompted for a pass phrase to protect your secret key. Use a long sentence something like this for the pass phrase: What is the use of a bOOk, without $99 pictures or conversations?. This is a quote from Alice in Wonderland with some oddities added to it. You can remember such foolishness and it is will never be guessed.
You now have a key chain that has two keys in it. One is a secret key that when used with your pass phrase, can decrypt a document that was encrypted with your public key. The other is your public key – a key that you can post on your web site or store on a public key server. This is the key that other people will use when they want to send you a message.
The next step is to run the program notepad (just type notepad and press the Enter key and it will pop up). Cut the key from the web page and paste it into the notepad window. You will end up with something like this:
The save command is in the file menu of the notepad window. The file name you choose isn’t important. Make sure there are no blank spaces at the beginning or end of the key block you pasted into the notepad window, otherwise adding the key will generate an error message.
The next step is to import this key into the key chain so that it will be available to encrypt messages. The command to import is: gpg –import scrap.txt where scrap.txt was the file name used when notepad saved the file containing the public key.
The next step is to encrypt a message or file with the private key that was just imported. In this example, there is a file called message.txt in the current directory that I created earlier by typing it into notepad and saving it as message.txt. You can use the type command in DOS to display the contents of a text file. The file can be anything. As you can see, the message is very important.
Now we are ready to encrypt the message so that only the recipient can see it. The command is gpg –encrypt message.txt
There are a couple of important things to note here. They key is not trusted so there is a warning. This is to be expected because it is not signed, and we simply downloaded it from a web site. You can have trust relationships, but when dealing with anonymous users, having it signed by other anonymous users doesn’t really make much sense. On the other hand, a trusted key from the New York Times would make sense to be signed by reputable authorities. The second point is that it asks for multiple recipients. If you were using a commercial program and it added an additional recipient without your knowledge, there would be a back door. Remember that the message can be decoded by any of the recipients.
A new file has been created with the extension .gpg added. If you use the type command to print out the contents of message.txt.gpg you will just get binary junk.
The file just created is now junk for anyone other than the intended recipient. Not even you can read it. If you delete the original message.txt then you have lost the message forever. The recipient must have his secret key file and his pass phrase. If you had simply encrypted the file with 7-zip and told him the password, then anyone who intercepted the conversation and file could decrypt it. This way, they have to get physical possession of the file you sent, the key ring with the secret key on the recipients computer (and it may be somewhere else like on a smart card) and convince him to divulge the pass phrase.
The next step is to find a way to transfer the message. You could e-mail it to the recipient from a computer in a library, but that adds the risk of someone intercepting it. They wouldn’t know about Elvis, but they would know who you were trying to contact. I will cover this part more in a follow-on post.
Also remember that in DOS, when you delete a file, it isn’t really deleted. The space is freed up, but the information is there. To completely delete a file you need to delete it and then use a utility program to overwrite all the free space on the disk. PGP Desktop has a utility for this, plus there are several good free alternatives.
If you have to do this regularly, then you would want to look at setting up an integrated system that looks up the key server automatically to get keys and transparently takes care of the encryption and decryption. However, you would want to read up a lot of FAQ’s, tutorials and warnings and make sure you have configured everything perfectly. The last thing you need is a message that says “recipients public key not found, send insecurely anyway?” and accidentally press Yes.
I will take a look at Hush Mail’s free accounts (Canadian based) in a separate posting.