
Secure Electronic Messaging & File Encryption: PGP
The Problem
For starters, e-mail is easy to forge. There was
a time when it took some smarts, but Netscape and Eudora changed
all that. Now, just about anyone can forge electronic messages.
E-mail offers little or no privacy, making it a bad medium for confidential
communications. How many times have you slipped and replied to an
entire mailing list? How many times have you mis-routed email to
the wrong person? Maybe you never make such mistakes. But don't
forget that for all practical purposes, PennNet and the entire Internet
are really just one great, big party line. The only thing preventing
someone with a little bit of technical know-how from reading your
email as it whizzes down the network is their sense of right and
wrong. Actually, it's not quite that bad. It's a lot of work sifting
out the juicy stuff from all of the network traffic. As it turns
out, stealing IDs and passwords is more efficient. An automated
"sniffer" program will sometimes sit for days quietly recording
password after password for later use by intruders. Once someone
has an ID and password, they can log in and do whatever they like,
including read private email. The Computer Emergency Response Team
reported in 1994 that tens of thousands of Internet hosts had been
compromised in this fashion.
Is secure e-mail possible?
PGP ("Pretty Good Privacy") is software which
encrypts your e-mail as well as digitally "signs" it so you don't
have to worry about forgery. PGP is available on many platforms,
including DOS, Windows, OS/2, MacOS, and most UNIX variants. PGP
is available commercially from the PGP Corporation (www.pgp.com).
PGP Basics
Click here to view
a web version of a PowerPoint presentation on basics of PGP
PGP Terminology
There are a few terms in PGP you will need to become
familiar with:
Public Key
The public half of the keypair which is shared
openly. To encrypt mail to someone, you encrypt the message with
their public key. The message can only be decrypted with that
person's private key. Public keys are generally shared widely
by publishing them on home pages, in mail signature files and
on specialized PGP key servers.
Private Key
The private half of the keypair. This must be
known by the user alone. You use your private key to decrypt mail
that was encrypted with your public key.
Pass Phrase
Private keys are long strings of seemingly random
characters, and are not easily memorized. For ease of use, PGP
saves you from having to type in your private key. Instead, it
stores your private key wherever you specify (on your hard drive,
or better yet on a removable diskette) protected with your pass
phrase. PGP will ask you for your pass phrase whenever it needs
your private key.
Key Rings
PGP stores your keys on key rings. Public keys
are stored on public key rings, and secret keys are stored on
secret key rings. You may have many keys on your public key ring
(one for each person you correspond with using PGP), but typically
you will only have one key on your secret key ring - your own.
Some issues
PGP is not a supported product on campus at Penn.
There is presently no infrastructure for supporting the sharing
of PGP keys, though informal key-signing parties are occasionally
held. If you intend to start using PGP, you should plan on an investment
of time up front for installing and learning it.
PGP is not legal for export outside of the U.S.
and is legal for use by U.S. citizens and nationals only. Before
taking PGP out of the country on foreign travel, contact the U.S.
State Department for the necessary permits.
If you want to use PGP to encrypt files on your
computer, make sure you don't lose the key. Once encrypted,
data can probably never be recovered without the key. It may be
years before the file is needed, and if the key is forgotten, the
file is worthless. Don't rely on your memory. Make sure that keys
are stored some place safe before encrypting important information.
PGP may be supplanted by a new standard at
some time in the not- too-distant future (see below). Consider this
before investing time and effort climbing the learning curve.
The Future of Secure E-mail
PGP does not support one of the fundamental
standards which makes the web so easy to use (MIME, short for Multipurpose
Internet Mail Extensions.) Consequently, PGP does not work too well
over the web.
Vendors and proponents of secure e-mail are working
to reconcile competing standards that address the problem. Netscape
has said that they plan this year to support an option called S/MIME
for secure e-mail. Siren has indicated that they will probably support
S/MIME as well. The makers of Eudora have no plans for direct support
of S/MIME or competing standards, but plan to open Eudora up for
others to provide security add-ons. The makers of elm have not committed
to any one standard, but have they expect to support one when it
emerges.
For More Information
For PGP Key Signing Party Procedures:
http://www.upenn.edu/computing/security/keyparty.php
Last updated: Wednesday, January 3, 2007
|