Lab 4 : Pretty Good Privacy CMSC 355 Due: October 31, 2019 by 11:59:59Pm

Lab 4 : Pretty Good Privacy CMSC 355 Due: October 31, 2019 by 11:59:59pm

The RSA (Rivest, Shamir, Adleman) cipher is a public-key or asymmetric cipher. Instead of using a single key, it uses a pair of complementary keys. One key, the “public key” can be shared with the world. The other key, the “private key” or “secret key” remains hidden.

Anything encrypted with the public key can be decrypted by the secret key (and ONLY by the secret key). Anything encrypted with the secret key can be decrypted by the public key (and ONLY by the public key).

This lets us encrypt files, web pages, and e-mail messages using the public key in a way that ensures that only the intended recipient (who has access to the private key) can read them.

It ALSO lets us digitally sign documents using the secret key. Since anyone can get access to the public key, anyone can decrypt the digital signature. But since ONLY the secret key is compatible with the public key, only someone who had the secret key could have signed the document. This provides a new (and useful) form of authentication.

Both forms of encryption are used to secure web pages using the the "SSL" (secure socket layer) and “TLS” (Transaction Layer Security) protocols. Any web page that uses “https” relies on digital certificates to verify that the web site is who they say they are – and to encrypt sensitive information (such as passwords) transmitted to the site.

For this to work, it is necessary to manage and distribute keys -- both the secret key and the public key – and digitally signed certificates that verify a user or web site’s credentials. It also requires software for adapting these algorithms to common message types (such as e-mail, web pages, and text documents).

The most commonly used software for applying RSA (as well as DSA and other cryptographic algorithms) is a suite of tools called PGP or "Pretty Good Privacy". The Linux version of these is called "gpg" (GNU Privacy Guard). Using gpg, you can encrypt documents using a public key so that they can only be decrypted with your secret key. You can also digitally sign e-mail messages or other documents to authenticate them -- to prove they came from you.

PGP is also supported by many web browsers and e-mail programs (such as kmail and Thunderbird with the Enigmail extension). I highly recommend that you use such a program (and enable the cryptographic features) in your e-mail client (though Microsoft Outlook only has limited support for these features).

In this lab, you are going to create a gpg key pair and use it both to sign messages, to encrypt and decrypt files, and to generate a (self-signed) SSL certificate.

Step 1. Setting Up

Create a folder named Lab4 and make it your current working directory: mkdir Lab4 cd Lab4

Step 2. Creating a key pair

The first step in encrypting a file is to generate a public and private key . The public key is a key you can distribute to anyone. The private key is a key you will keep secret. It will be stored in a special database file called a "gpg keychain" for later use in decrypting messages sent using your public key. To create a public/private key pair, type:

gpg2 --full-gen-key and follow the instructions.

If you are asked for a key type, select "RSA and RSA" key with a length of 2048 bits and an expiration of one year (1y). You will be prompted for your name and e-mail address. You can leave the comment field blank.

Set the password to "CMSC355" (be sure to use all caps). The system may complain that this is an insecure password. You can safely ignore that for now (use “Take This One Anyway”). Make sure you remember the password and the e-mail address you entered -- you will need them later.

If you now type:

gpg2 --list-keys and hit enter, you should see your new public key listed. It should look something like this: pub rsa2048 2017-10-12 [SC] [expires: 2018-10-12] AAA445B784398647F5C43B37C78E956AB5C7CD4EFA uid [ultimate] Robert Marmorstein sub rsa2048 2017-10-12 [E] [expires: 2018-10-12]

This identifies the key as an RSA key that is 2048 bits long. It expires next October. The big long string of letters and numbers is called the “fingerprint”. The fingerprint is a way to identify a particular key. Since you might have several different keys for different purposes, you may need to use the fingerprint to tell gpg2 which one to use.

If you type: gpg2 --list-secret-keys you should see your new private (secret) key. It should look very similar to: pub rsa2048 2019-10-24 [SC] [expires: 2020-10-23] FD48B70FCFC1C6D51683FA9A4C14FC6B0B9693DB uid [ultimate] Robert Marmorstein sub rsa2048 2019-10-24 [E] [expires: 2020-10-23]

Step 3. Exporting your public key

In order for someone to verify messages you have signed or encrypt messages to send to you, they need to obtain a copy of your public key. The gpg program provides an option for exporting your public key to a file so that you can easily send it to another user. To do this, type: gpg2 --export --armor [email protected] > public_key.txt

Replace "[email protected]" with the e-mail address you used to create the key.

The --export flag tells gpg to export your public key to the console. The --armor flag tells it to output it in ASCII rather than in binary (which makes it readable). This will create a file named "public_key.txt" containing your public key. You can view the contents by typing:

cat public_key.txt

When you submit your project, I won't have your -private- key, but I will be able to use the public key from the file you just created to verify that you encrypted and signed things correctly.

Step 4. Importing my public key

In order to encrypt messages, you need the public key of the person you want to send the message to. I've published my public key at http://marmorstein.org/~robert (look for a link directly below my office hours).

Download that key (which should be named "marmorstein.key"):

wget -c http://marmorstein.org/~robert/marmorstein.key and type the following:

gpg2 --import marmorstein.key

This will pull my public key into your keychain so that you can use it for encrypting messages (and for verifying that messages come from me!)

Step 5. Encrypting a file

Now that we have created a public/private key pair and you have imported my public key, you can encrypt a file for me to decode using my private key. Create a file named "summer.txt". In that file, write a short description of your summer plans this year.

Then type the following to encrypt it with my public key: gpg2 -e --armor summer.txt

When prompted for a user ID, type "Robert Marmorstein" and hit enter. If asked “Use this key anyway?” type “y” and hit enter again. When prompted for the next user ID, simply press enter.

This should create a file named "summer.txt.asc" which is an encrypted form of your original message.

Step 6. Signing a file

To prove a file really came from you, you should sign it. In fact, it is often wise to both sign and encrypt a file.

Let's sign the encrypted file you just created. Type: gpg2 --clearsign summer.txt.asc

This will create a file named "summer.txt.asc.asc" which contains both the encrypted message and a digital signature of the encrypted message. Remember – your password is "CMSC355". Step 7. Verifying a message

Just as you can use gpg to encrypt and sign messages, you can use it to decrypt and verify messages. Of course, since you encrypted with MY public key, you don't have the private key you would need to decrypt your message.

On the other hand, since you have my public key, you CAN verify that a message I send you is really from me. On the course web site, there is a file named "message.txt.asc".

Download it now: wget -c http://narnia.homeunix.com/~robert/Fall2019/cs355/message.txt.asc and then type: gpg2 --verify message.txt.asc

GPG will tell you that the message really was signed by my public key. It may also give you a warning about my key not being trusted – that's because while it knows the message was signed with my private key, it has no way to know for sure that the key really belongs to ME.

Suppose, for instance, that someone had hacked my web site and replaced the public key with their own key. They could easily have created a private key to match it which contains my name and e-mail address. In other words, the digital signature proves that the message was signed by that particular secret key -- but not that that secret key belongs to a particular user. The only way to get that sort of guarantee is to have a trusted authority certify that the key really is mine.

There are lots of companies that provide this (sometimes very expensive) service. They issue keys to people or corporations only after receiving documentation that proves their identity. Usually they use birth certificates, tax records, billing statements and other means of authentication. Then they issue a “certificate” which is a file containing a unique public key for that client together with the client’s address and contact information. The certificate file has been signed by the “Certificate Authority” with their own private key. Since only the Certificate Authority has that key, you can use their public key to check that the certificate itself is legitimate.

Step 8. Creating a self-signed certificate

Many web servers require you to install an SSL certificate to support the https "secure" HTTP protocol. There are two ways to obtain an SSL certificate: through a certificate authority (which usually costs a LOT of money) or to sign your own certificate.

Self-signed certificates do not indicate the same level of authenticity that a certificate authenticated by a certificate authority provides, but they are much better than nothing. Certificate authorities sometimes charge several thousand dollars a year for a signed and verified certificate. For many purposes, a self-signed certificate is all that's needed. It allows you to securely transmit passwords or other sensitive data across the network without much risk of them being intercepted.

Until recently, the only way to get a signed-key without spending lots of money was to use CACert or FreeSSL, organizations that provided free community-signed keys. Community-signed keys don't go through the rigorous background check and vetting process that commercially signed keys do, so they are not trusted by most web browsers. But they do give you a little more confidence than self-signed keys.

More recently, however, the Electronic Frontier Foundation (EFF) and the “Let’s Encrypt” organization have created a tool called “certbot” that makes generating free authenticated certificates quick and (relatively) easy.

Nevertheless, a self-signed certificate is sometimes still useful, so you should know how to create one.

To create a self-signed certificate, you need to use the "openssl" program. OpenSSL has to encrypt with a private key. We could export the secret key we created earlier, but it's better (and easier) to simply generate a new one for the certificate.

Type: openssl genrsa -des3 -out des.key 1024

When you type this command, you will be given a set of instructions. Follow them. Use “CMSC355” (all caps) for the password.

This will produce a file named “des.key” which contains a TRIPLE-DES key. Now we can use that private key to generate a “certificate signing request.” Type: openssl req -new -key des.key -out certificate.csr

The country code should be “US”. The state is “Virginia”. The locality is “Farmville”. The Organization Name should be your last name. The Organizational Unit should be your first name. The Common Name should be “cs.longwood.edu” Leave all the “extra” fields blank (simply press enter).

This will create a "certificate request" (.csr) file that you could send to a certificate authority. To sign it yourself instead, type: openssl x509 -req -days 365 -in certificate.csr -signkey des.key -out certificate.crt

The x509 protocol is a hierarchical certificate model that is often used as an alternative to PGP. We set the certificate to expire in 365 days (about a year) and signed it using your public key.

You now have a self-signed certificate named "certificate.crt" that you can use on a web server or mail server.

Submitting

To submit, you should create a tarball of your entire Lab4 folder, including all the gpg, asc, key, csr and crt files you created in the previous steps. To do that, type: cd .. to get to the parent directory, then type: tar czvf Lab4.tar.gz Lab4/

You can now upload the Lab4.tar.gz file to the course web site: http://marmorstein.org/~robert/submit/