PGP/GPG

Self-test problems

Graded problems

Note: everyone must complete this exercise in person. You will use the techniques here to identify your contributions to the exam later.

1. Think of a phrase which is easy to remember, then make yourself a public-private key pair with

   gpg --key-gen
   

   Choose all the default values. If you make a mistake, delete your keys cd; rm -r .gnupg and start again.
2. If anyone gets hold of your private key, they have the digital equivalent of your fingerprints and DNA! Draw a vulnerability tree for your private key. Bear in mind that the key is stored in a file on your disk. How would your tree be different if you were working on a Windows machine?
3. Download my public key, by typing

   gpg --import filename
   

   If you are complete certain that this key is mine, you could sign it, to indicate that you trust that they key is mine. If you are not sure, you could ask me for my key in a more secure way.

   gpg --edit-key mark
   command> sign
   

4. A slightly more secure way for me to distribute my key is for me to sign my key like this:

   gpg --clearsign markskey 
   

   This results in a file called markskey.asc. Save this to a file and type

   gpg --verify markskey.asc 
   

   or simply

   gpg markskey.asc 
   

   You can now verify that the owner of the private key for "Mark Burgess" is the same person as the owner of the public key that you have received, because the signature was made with the private key. For these exercises we are using "cleartext" keys and signatures, so that you can see what they look like. These cleartext forms are useful for sending by E-mail, but it is also possible to save in binary format..
5. Ask yourself how you know that the key you have collected is mine? Do you trust it? If so why? Is there anything stopping you from making a keypair for Bill Clinton or Mickey Mouse? Do you see why PGP does not solve the problem of trust?
6. Make your public key available to others as a file in your home directory, by doing this:

   gpg --export -a loginname > ~/www/pubkey; chmod 644 ~/www/pubkey
   

   Check that the file is readable, and that it appears on the web page of local public keys, so that others can see your public key, and you can see theirs.
7. This part must be done with your group, and documented for your project. This problem is about a trust attack on these encryption and sign mechanisms. For several years it was believed that, if a message was encrypted and signed, then it was secure because
   • It could only be read by the intended recipient (because on he/she had access to a key which could decrypt it).
   • That the identity of the sender would be confirmed by signing the message, since only the owner of the sender's private key could sign a message with his/her own identity.
   In this problem you will see that, based on what PGP/GPG normally tells you about a message, you can be fooled about who wrote what to whom! You will need three users, each with their own key-pairs in order to do this problem.
   • Sign then encrypt:
     1. A writes a message, signs it, then encrypts the message for B.
     2. B receives the message and decrypts it. B now has a message with A's signature on it, which can be kept. The message says "I love you!".
     3. B is cold and unsympathetic to A's declaration of affection and decides to embarrass A by sending the message to C.
     4. B encrypts a message, already signed by A, for C and sends it.
     5. C receives the message, but PGP/GPG does not say who encrypted the message, only who signed it. Thus C believes that the message was sent by A directly to C, and that A loves C.
   • Encrypt then sign:
     1. A describes a secret money-making invention, encrypts it for B and signs it.
     2. C intercepts the message to B and hijacks the message.
     3. C strips off A's signature and replaces it with his own.
     4. C sends the altered message to B, whereupon C believes that it came from B.
8. Think of some more examples of how these attacks could be used in commerce.