## Notes from my GNUPG talk

Monday, 19. October 2009

*What is GNUPG?*

*What is GNUPG?*

GNUPG is the open source alternative to PGP. It allows you to sign and / or encrypt digital information that you are sending to others. They then can verify / decrypt the data. It uses the asymmetric cryptography model for signing data and can use both symmetric and asymmetric cryptography for data encryption.

**Why use GNUPG**

**Why use GNUPG**

GNUPG creates an additional layer of security and authenticity of data that you transmit or receive. This helps verify and protect your identity on the web. Using GNUPG for encryption also protects sensitive information during transmission to others, as well as protecting data on storage media.

**How symmetric cryptography works**

**How symmetric cryptography works**

Symmetric cryptography uses a single shared key (usually a pass-phrase) to both encrypt and decrypt the data in question. Example:

encrypt: gibberish = algo(data,password) decrypt: data = algo(gibberish,password)

This method works well if all you are trying to do is save something for you to access later. But if you are sending this data, across the net, the recipient will not be able to verify that the data is:

- Actually from you.
- Is unaltered from what you initially sent.

Also, if we need to send this to many recipients, we will need to share the same pass-phrase with all of them. So, anyone in the group could intercept the data, change it, and then send it on as if it was actually from you. Not a very good method of distributing of data.

**How asymmetric cryptography works**

**How asymmetric cryptography works**

Asymmetric cryptography uses a pair of keys to encrypt and decrypt data. It consists of both a public and a private key. anything encrypted with the public key can only be decrypted by the private key of the set. The reverse is also true, where anything encrypted by the private key can only be decrypted by the matching public key.

encrypt: gibberish = public(data) decrypt: data = private(giberish) or encrypt: gibberish = private(data) decrypt: data = public(giberish)

The private key (also called the secret key) is typically encrypted with symmetric cryptography to password protect it. The public key can then be freely distributed to anyone that wants it.

**How GNUPG uses symmetric and asymmetric cryptography to encrypt data**

**How GNUPG uses symmetric and asymmetric cryptography to encrypt data**

GNUPG, and PGP for that matter, use both symmetric and asymmetric cryptography to insure that data can only be decrypted by the paired key that encrypted it, as well as allowing the user to sign the data to insure it has not changed. Here is an overview…

- Encrypt Data
- Generate random 128 bit password
- Use a symmetric cryptography algorithm to encrypt the data using the random password
- Use the destination public key to encrypt the random password
- Package the encrypted data and the encrypted random password into a single blob

Using AES 256 as the symmetric algorithm: gibberish = [ AES256(data,random) + public(random) ]

- Decrypt Data
- Use private key to decrypt the randomly generated password
- Use that password to decrypt the AES256 encrypted data

Decrypting the gibberish: random = private(public(random)) data = AES256(gibberish,random)

And there we go…

**How GNUPG allows us to trust data**

**How GNUPG allows us to trust data**

As we saw above, we can encrypt data for anyone without having to send them a password, all we need is that person’s public key, and we can send them data that no one else can decrypt. But how do they know that the data is really from you? This is where data signing comes in. As a matter of fact, you can sign data without encrypting it. This is done by encrypting a digest hash of the data and sending it with the data itself.

Signing Data: signature = private(sha256(data)) Verifying Signature: sha256(data) = public(signature)

As you can see, by using the public key of the user sending the data, the user receiving the data can verify that the data is the same data sent by the sender.

*The Final piece of the trust puzzle*

*The Final piece of the trust puzzle*

So, if you have been following along, you probably have realized a bit of a problem with this whole model… The problem is, how do we distribute the public keys and assure that the public key that says it belongs to “Stuart Sheldon <stu@actusa.net>” really does belong to “Stuart Sheldon <stu@actusa.net>”. Well, this is where the **“Ring of Trust”** comes in.

The **“Ring of Trust”** is basically the idea that if I know Gareth, and Gareth knows Jenn, and I trust Gareth, then Gareth can vouch for Jenn’s identity. In the real world, Gareth would introduce me to Jenn, but in the digital world, all he needs to do in sign Jenn’s public key, here is how it works:

I sign Gareth signs Jenn’s key: garethprivate(sha128(jennpublic()))

Now Jenn’s key can be authenticated with Gareth’s key.

That covers the highlights. If you want to learn more, here are some great links:

— Stu