Question

In: Computer Science

Describe the step-by-step protocol that PGP/GPG takes to simultaneously sign a message with the sender’s private...

Describe the step-by-step protocol that PGP/GPG takes to simultaneously sign a message with the sender’s private key and encrypt it with the receiver’s public key.

Solutions

Expert Solution

What is PGP?

  • PGP stands for Pretty Good Privacy.
  • it is an internet standard (called OpenPGP) used for data encryption and digital signatures.
  • Software that employs this standard is available in both a free, open source version produced by the Free Software Foundation called the GNU Privacy Guard (or GPG for short) as well as a low-cost commercial version.

In conventional encryption, a secret key is used to transform plaintext (the unencrypted data) into unreadable ciphertext. The same key is also used to decrypt the ciphertext and reveal the plaintext. While this process works well for encrypting data stored on your hard drive, it has its drawbacks for use in communication. For one, you need to somehow communicate the secret key to the other party. But how to do this securely? After all, the reason you are using encryption is because you don’t believe your communication channel is secure. You could meet in person and exchange the secret key offline, but that isn’t very convenient. Protocols have been developed to allow for secure exchange of keys across insecure communication channels, but they tend to work better for real-time chat than, say, sending encrypted emails.

PGP makes use of public-key encryption. One key (a public key) is used to encrypt the data and a separate key (the private key) is used to decrypt it.

step by step process

Step1

The first thing you need to do to get started is download and install GPG. If you use the Ubuntu operating system you’re in luck, you already have it. It can be found in the apps menu as “Passwords and Keys”.

Step 2

Generating A New Certificate

  • In PGP a “certificate” is essentially a public key with extra data attached to help others verify that the key really belongs to you.
  • In practice this is usually your name, email address and one or more digital signatures from others (more on that later).
  • Depending on your operating system, you’ll generate a new certificate by clicking “New”, “New Certificate”, or “New PGP Key”.
  • In the advanced options menu you can select your encryption algorithm (RSA, DSA/ElGamal), key size (in bits), and an expiration date if you want your certificate to expire.
  • Once this process is complete you will have generated a new certificate and private key. You can click on “export” to save your public key to a .asc file for distributing to others, or you can copy the text of the key block and share it with people that way.

STEP 3

Key Servers

  • You might want to consider uploading your public key to a key server such as the MIT Key Server or PGP Global Directory.
  • These are searchable directories from which other people can download your public key without first asking you for it. This functionality comes in especially handy when using email. Some email clients can be configured to search the key servers for the PGP keys of your contacts or anyone who has sent you an encrypted email and import them automatically.

STEP 4

Importing Keys

  • In order to encrypt files to send to others, you will first need to import their public key into PGP. You can do this by downloading the .asc file containing their public key (either directly from others or from a key server), clicking “Import” or “Import Certificate”, and selecting the file.
  • In Linux you can import a key simply by double clicking the .asc file. In Windows you have the option to copy the public key block and import it directly from the clipboard.

STEP 5

Encrypting Data

You have two options for encrypting data in PGP ― you can encrypt a plain text message from the clipboard or encrypt whole files.

Let’s start with encrypting plain text messages. The first thing you need to do is pull up your plain text editor (Notepad in Windows, GNU Emacs works well for this in Linux). Type whatever message you want and copy it to the clipboard. In Windows, you’ll need to right click on the Kleopatra tray icon and click Clipboard>>Encrypt.The software will prompt you do select a public key from your keyring with which to encrypt the message. The encrypted ciphertext will replace the unencrypted plaintext in your clipboard.

To encrypt an entire file select “Sign/Encrypt File” from the menu and select the file you want to encrypt. you’ll need to select a public key(s) from your keyring with which to encrypt the file.

step 6

Decrypting Data

To decrypt either a message or a file, you need to do all of the above in reverse. Just this time use the decypt option from the menu. Here you will be prompted to enter your password for your private key that you created along with your key pair. This is what prevents an attacker from stealing your private key and decrypting messages intended for you

step 7.

Signing Data

Just like with encryption you can either sign a message from your clipboard or sign whole files. The process is just as straightforward as before except this time you will select “sign” rather than “encrypt”. Here you will again be prompted for your password.

step 8

Verifying Signatures

To verify a signature on a signed message or file you will obviously have to first download and import the corresponding public key. Just like with decryption, you can either verify the signed message from your clipboard or by selecting the file. If you’re verifying a signed file, you’ll likely be prompted to select both the file and the detached signature (.sig) file.

step 9

Key Management

Finally, we should probably talk a little about key management. One of the downsides to PGP is susceptibility to something called a man-in-the-middle attack. This attack works like this: Let’s say you want to securely communicate with someone using PGP. The first thing you would do is download their public key. However, it may be possible for an attacker to intercept your internet communications before they reach the server containing the public key. The attacker could send you one of his own public keys and make you think it’s the public key of your communication partner. Not knowing any better, you would encrypt your messages with the attacker’s public key allowing him view all your communications. Even worse, the attacker could re-encrypt the message with the correct public key and forward it along it the destination. Neither you nor your communication partner would know the message was intercepted.


Related Solutions

Describe a message-transfer protocol for buffered sends and receives in which the buffering is performed only...
Describe a message-transfer protocol for buffered sends and receives in which the buffering is performed only by the sending process. What kind of additional hardware support is needed to make these types of protocols practical?
Write a step by step protocol of how to transfer a culture from a petri dish...
Write a step by step protocol of how to transfer a culture from a petri dish to a broth and name three practices that are part of Aseptic Technique that prevents your culture from getting contaminated by outside microbes?
William is attempting to sign in to his operating system but he receives an error message...
William is attempting to sign in to his operating system but he receives an error message stating that he has entered an invalid password. How can he solve this problem?
Consider Aloha protocol and assume that in addition to collisions a message may also experience bit...
Consider Aloha protocol and assume that in addition to collisions a message may also experience bit errors due to noise. Message lengths are L bits and with probability p each bit may be received in error by the destination. Thus a message will be successfully received if it doesnot experience any collisions and it is received error free. Derive the throughput equation of this protocol.
A typical SMS protocol allows 128 distinct ASCII characters to be used in a message. However,...
A typical SMS protocol allows 128 distinct ASCII characters to be used in a message. However, to save bandwidth, instead of using straight 8-bit ASCII characters to transfer data (one byte per character), SMS uses 7 bits per character and compacts the bits such that it only requires 140 bytes to send a 160 character message, for an approximately 12.5% savings of bandwidth. 12.5% savings in bandwidth is not good enough. They would like a system that can save up...
Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control...
Describe the services of the IP protocol, and potentially ICMP protocol, with respect to flow control (ensuring the sender does not overwhelm the receiver).
Two teams are simultaneously competing in a programming competition. The time it takes team 1 to...
Two teams are simultaneously competing in a programming competition. The time it takes team 1 to solve the set of programming tasks is uniformly distributed between 5 and 10 hours. For team 2, the time is uniformly distributed between 7 and 10 hours. (a) Find the probability density function (pdf ) of the completion time for the entire competition. Assume independence between the completion times in both teams. (b) Find the expected competition completion time.
In the Week 4 experiment, an additional “wash” step was added to the extraction protocol. Discuss...
In the Week 4 experiment, an additional “wash” step was added to the extraction protocol. Discuss the difference between the extraction step (ethyl acetate extraction of aqueous caffeine) and the wash step (dilute base wash of the ethyl acetate layers). Your answer should mention what is happening to the caffeine and impurities in each step as well as the intermolecular forces involved in the process explain fully
4.What is the purpose of padding, Message Authentication Code (MAC), handshake protocol, change cyber suite (CCS)...
4.What is the purpose of padding, Message Authentication Code (MAC), handshake protocol, change cyber suite (CCS) protocol? 5.How does TLS provide: confidentiality, availability, integrity, non-repudiation? 6.Is TCP a user of TLS services or does it provide services to TLS (hard question) – explain your answer in one sentence? 7.Does TLS use sequence numbers? 8.Sequence numbers can be used to launch replay attacks (as in TCP).How does TLS protect against replay attacks?
Create a Persuasive Message Step 1 Select one of the following means of communication:               •...
Create a Persuasive Message Step 1 Select one of the following means of communication:               • Ad               • Direct Mail               • Tweet 1. In one paragraph tell me why you selected the communication forum. 2. In one paragraph describe who the piece is to and why you are sending it. Describe why this format is best method to use. 3. In one paragraph describe or tell me tips that you have learned through researching. You may include links to...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT