Secure Electronic Messaging & File Encryption: PGP

The Problem

For starters, e-mail is easy to forge. There was a time when it took some smarts, but Netscape and Eudora changed all that. Now, just about anyone can forge electronic messages. E-mail offers little or no privacy, making it a bad medium for confidential communications. How many times have you slipped and replied to an entire mailing list? How many times have you mis-routed email to the wrong person? Maybe you never make such mistakes. But don't forget that for all practical purposes, PennNet and the entire Internet are really just one great, big party line. The only thing preventing someone with a little bit of technical know-how from reading your email as it whizzes down the network is their sense of right and wrong. Actually, it's not quite that bad. It's a lot of work sifting out the juicy stuff from all of the network traffic. As it turns out, stealing IDs and passwords is more efficient. An automated "sniffer" program will sometimes sit for days quietly recording password after password for later use by intruders. Once someone has an ID and password, they can log in and do whatever they like, including read private email. The Computer Emergency Response Team reported in 1994 that tens of thousands of Internet hosts had been compromised in this fashion.

Is secure e-mail possible?

PGP ("Pretty Good Privacy") is software which encrypts your e-mail as well as digitally "signs" it so you don't have to worry about forgery. PGP is available on many platforms, including DOS, Windows, OS/2, MacOS, and most UNIX variants. PGP is available commercially from the PGP Corporation (www.pgp.com).

PGP Basics

Click here to view a web version of a PowerPoint presentation on basics of PGP

PGP Terminology

There are a few terms in PGP you will need to become familiar with:

The public half of the keypair which is shared openly. To encrypt mail to someone, you encrypt the message with their public key. The message can only be decrypted with that person's private key. Public keys are generally shared widely by publishing them on home pages, in mail signature files and on specialized PGP key servers.

The private half of the keypair. This must be known by the user alone. You use your private key to decrypt mail that was encrypted with your public key.

Private keys are long strings of seemingly random characters, and are not easily memorized. For ease of use, PGP saves you from having to type in your private key. Instead, it stores your private key wherever you specify (on your hard drive, or better yet on a removable diskette) protected with your pass phrase. PGP will ask you for your pass phrase whenever it needs your private key.

PGP stores your keys on key rings. Public keys are stored on public key rings, and secret keys are stored on secret key rings. You may have many keys on your public key ring (one for each person you correspond with using PGP), but typically you will only have one key on your secret key ring - your own.

Some issues

PGP is not a supported product on campus at Penn. There is presently no infrastructure for supporting the sharing of PGP keys, though informal key-signing parties are occasionally held. If you intend to start using PGP, you should plan on an investment of time up front for installing and learning it.

PGP is not legal for export outside of the U.S. and is legal for use by U.S. citizens and nationals only. Before taking PGP out of the country on foreign travel, contact the U.S. State Department for the necessary permits.

If you want to use PGP to encrypt files on your computer, make sure you don't lose the key. Once encrypted, data can probably never be recovered without the key. It may be years before the file is needed, and if the key is forgotten, the file is worthless. Don't rely on your memory. Make sure that keys are stored some place safe before encrypting important information.

PGP may be supplanted by a new standard at some time in the not- too-distant future (see below). Consider this before investing time and effort climbing the learning curve.

The Future of Secure E-mail

PGP does not support one of the fundamental standards which makes the web so easy to use (MIME, short for Multipurpose Internet Mail Extensions.) Consequently, PGP does not work too well over the web.

Vendors and proponents of secure e-mail are working to reconcile competing standards that address the problem. Netscape has said that they plan this year to support an option called S/MIME for secure e-mail. Siren has indicated that they will probably support S/MIME as well. The makers of Eudora have no plans for direct support of S/MIME or competing standards, but plan to open Eudora up for others to provide security add-ons. The makers of elm have not committed to any one standard, but have they expect to support one when it emerges.

For More Information

For PGP Key Signing Party Procedures:

http://www.upenn.edu/computing/security/keyparty.php

 

Last updated: Wednesday, January 3, 2007