Scribd Logo
Upload

Welcome to Scribd!

  • GPG Basics

    Uploaded by

    Hemant
    12 views20 pages

    Original Title

    GPG BASICS

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views20 pages

    GPG Basics

    Uploaded by

    Hemant

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 20

    GPG

    WHAT IS ENCRYPTION?

    • Encryption encodes and scrambles data so it is difficult to obtain the original


    content unless a known secret is used to decipher it.
    • The 2 main schemes of encryption are:
    • Symmetric - The same cryptographic key is used for both encryption and
    decryption of the data. It is the simplest form of encryption.
    • Public Key - Requires two separate keys, a secret key and a public key.
    Although different, the two parts of the key pair are mathematically linked. One key locks
    or encrypts the data , and the other unlocks or decrypts the data.
    PGP

    • OpenPGP is the most widely used email encryption standard.


    • It is defined by the OpenPGP Working Group of the Internet Engineering Task
    Force (IETF) as a Proposed Standard in RFC 4880. OpenPGP was originally
    derived from the PGP software
    • It is created by Phil Zimmermann.
    OPENPGP

    • The standard covers strong public-key and symmetric cryptography to provide


    security services for electronic communications and data storage.
    • These services are:
    • Confidentiality
    • Key management
    • Authentication
    • Digital signatures
    GNUPG

    • Stands for GNU Privacy Guard http://www.gnupg.org/


    • Is a Free (open-source) implementation of the OpenPGP standard.
    • The package is separate from any GUI and refers to the Library and
    Binary tools.
    • Linux - comes with all distributions
    • Windows - http://www.gpg4win.org/ (Do NOT use the outlook plugin)
    • OS X - https://gpgtools.org/
    PGP WEB OF TRUST
    WHAT PGP/GPG DOES
    PROVIDE

    • Verification of sender.

    • Encryption of data being sent.

    • Trust relationship based on reputation of known persons.

    • Strong protection of offline data or data at rest at other location as long as

    private key is protected.


    WHAT PGP/GPG DOES NOT
    PROVIDE

    • Anonymity

    • Enumeration of Metadata (Subject, Source, Destination, Possible software version)

    • Enumeration of Relations (People that trust the parties)


    GENERATING KEYS

    • The command to generate the keys is: gpg --gen-key

    • Choose key sizes larger than 1024.

    • Set an expiration date for the key.

    • Set a good passphrase to protect the key.

    • To list the key gpg --list-keys "<your name|Email>"


    GENERATING KEYS
    Verify the KEYS

     [jose@redhat ~]$ gpg --list-key


     /home/jose/.gnupg/pubring.gpg
     -----------------------------
     pub 2048R/1DF2E820 2020-07-21 [expires: 2021-07-21]
     uid Jose H <jose.h@example.com>
     sub 2048R/5595D616 2020-07-21 [expires: 2021-07-21]
    Export your public key

     [jose@redhat ~]$ gpg --armour --export jose > jose_pub.asc


     [jose@redhat ~]$ file jose_pub.asc
     jose_pub.asc: PGP public key block
    Import others public key

    [root@redhat ~]# cp /home/bob/bob_pub.asc /home/jose/

    [jose@redhat ~]$ gpg --import bob_pub.asc

    gpg: key E63A440D: public key "Bob Marley (test user 2) <bob.marley@example.com>" imported

    gpg: Total number processed: 1

    gpg: imported: 1 (RSA: 1)

    [jose@redhat ~]$ gpg --list-key

    /home/jose/.gnupg/pubring.gpg

    -----------------------------

    pub 2048R/1DF2E820 2020-07-21 [expires: 2021-07-21]

    uid Jose H <jose.h@example.com>

    sub 2048R/5595D616 2020-07-21 [expires: 2021-07-21]

    pub 2048R/E63A440D 2020-08-03 [expires: 2021-08-03]

    uid Bob Marley (test user 2) <bob.marley@example.com>

    sub 2048R/5723B9AA 2020-08-03 [expires: 2021-08-03]


    Trust others public key
    Encrypting file

    [jose@redhat ~]$ file importantfile.txt

    importantfile.txt: ASCII text

    [jose@redhat ~]$ gpg --recipient bob --encrypt importantfile.txt

    [jose@redhat ~]$ ls -ltr importantfile*

    -rw-rw-r-- 1 jose jose 31 Aug 3 16:05 importantfile.txt

    -rw-rw-r-- 1 jose jose 370 Aug 3 16:06 importantfile.txt.gpg

    [jose@redhat ~]$ file importantfile.txt.gpg

    importantfile.txt.gpg: data
    Decrypting file

    [root@redhat ~]# cp /home/jose/importantfile.txt.gpg /home/bob/

    [root@redhat ~]# su - bob

    Last login: Mon Aug 3 15:37:20 IST 2020 on pts/0

    [bob@redhat ~]$ ls -ltr importantfile*

    -rw-r--r-- 1 root root 370 Aug 3 16:09 importantfile.txt.gpg

    [bob@redhat ~]$ file importantfile.txt.gpg

    importantfile.txt.gpg: data

    [bob@redhat ~]$ gpg -o immportantfile.txt -d importantfile.txt.gpg

    gpg: encrypted with 2048-bit RSA key, ID 5723B9AA, created 2020-08-03

    "Bob Marley (test user 2) <bob.marley@example.com>"

    [bob@redhat ~]$ ls -tlr

    -rw-r--r-- 1 root root 370 Aug 3 16:09 importantfile.txt.gpg

    -rw-rw-r-- 1 bob bob 31 Aug 3 16:10 immportantfile.txt

    [bob@redhat ~]$ file immportantfile.txt

    immportantfile.txt: ASCII text


    DEMO
    Q&A
    Thank You

    You might also like