SecurityandEncryptionFaq SecurityandEncryptionFAQRevision22.6.5 byDoktorWho "Nooneshallbesubjectedtoarbitraryinterferencewithhisprivacy,family,h omeorcorrespondence,nortoattacksuponhishonourandreputation.Everyoneh astherighttotheprotectionofthelawagainstsuchinterferenceorattacks." Article12UniversalDeclarationofHumanRights ThisFaq/Tutorialisofferedingoodfaithandisintendedtobeanencapsulatio nofmyknowledgeandexperiencesgainedoverthemanyyearsthatIhavebeena computer/Netuser.TherearemanyroadstosecurityandprivacyontheNet,this isonethatIhavepersonallypursuedandcanrecommendfromexperiencesgained .Iamnotmakinganyclaimthatitisthebestortheonlyroutetoprivacyand security,justthatitworksforme. Therearecountlessreasonswhysomeonemayneedthereassuranceofanonymity.T hemostobviousisasaprotectionagainstanoverbearingGovernment.Manypeop leresideincountrieswherehumanrightsaredubiousandtheyneedanonymityto raisepublicawarenessandpublishtheseabusestotheworldatlarge.ThisFaq istohelpsuchpeople. Privacyandanonymityareveryimportantprinciplesassociatedwithbothfreedom ofspeechanddemocracy. "Anonymityisashieldfromthetyrannyofthemajority...Itthusexemplifiest hepurposebehindtheBillofRights,andoftheFirstAmendmentinparticular: toprotectunpopularindividualsfromretaliationandtheirideasfromsuppres sionatthehandofanintolerantsociety." JusticeStevens,McIntyrev.OhioElectionsCommission,1996 Changessincepreviousrevision: NowincludesamethodofanonymouslyobtainingaprepaidDebitCard. Unfortunately,sincemylastFaq,eGoldhasbeencompromizedbytheFBI.Allac countsarenowsubjecttotheirscrutiny,soitisveryinadvisabletouseeGol dfortheforeseeablefuture.Thisrevisionisaholding,meaningtemporary,rev isionandIwillupdatewithalternativewaystofundananonymousprepaidDebit CardassoonasIamable.ReferencestotheuseofeGoldwithinthisFaqshou ldthereforebetreatedwithgreatcareorignored. Part1offersanoverviewapproachtoachievesecurityandanonymity. Part2.Inthesecondpartwillbethepracticalimplementationsofsomeofthe programsmentionedinPart1.Insomecasesthiswillincludedetailedsetupins tructionstohelpachievethegoaloftruecomputerandInternetprivacyandano nymity.Iassumeabasicunderstandingofcomputers,suchastheabilitytocopy andpasteandageneralknowledgeofhowtoinstallprogramsandfollowsetupi nstructions. Part1(Questions1to30) 1.Howdoesencryptionwork? Essentiallytheplaintextiscombinedwithamathematicalalgorithm(asetofru lesforprocessingdata)suchthattheoriginaltextcannotbededucedfromthe outputfile,hencethedataisnowinencryptedform.Toenabletheprocesstob esecure,akeyiscombinedwiththisalgorithm.Thekeyisprotectedbyapassp hrase.Obviouslytheprocessmustbereversible,butonlywiththeaidoftheco rrectkey.Withoutthekey,theprocessshouldbeextremelydifficult.Themathe maticsoftheencryptionshouldbeopenlyavailableforpeerreview.Atfirstsi ghtthismayappeartocompromisetheencryption,butthisisfarfromthecase. Peerreviewensuresthatthereareno"backdoors"orcryptoweaknesseswithin theprogram.Althoughthealgorithmisunderstood,itisthecombinationofits usewiththepassphrasethatensuressecrecy. Thusthepassphraseiscrucialtothesecurityofthedata. 2.IwantmyHardDriveandmyEmailtobesecure,howcanIachievethis? YouneedPGP(PrettyGoodPrivacy)foryourEmailandDCPP(DriveCryptPlusPack )version3and/orTrueCryptversion3foryourharddriveencryptedfiles. BothDCPPandTrueCryptareknownasOTF(OnTheFly)typeprograms.OTFmeanst heencrypteddataisonlydecryptedintoRAM(RandomAccessMemory)andremains atalltimesencryptedonthedrive.Thusacrashclosewillnotleavepacketso fplaintextonyourdrive.Averyimportantfeature. PGPisavailableforallversionsofWindows,Linux,Unix,Macandothers.Thes ourcecodeisavailableforcompilingyourownversionshouldyouwish. DCPPisWin2000/NT/XPcompliantbutnotcompliantwithWin98orearlier.Regrett ably,nosourcecodeisavailable.Ithastwouniqueadvantagesoverotherencry ptionprograms.(a)Itisawholebootdriveencryptionprogram.(b)Itoffersa formofverygoodplausibledeniability. TrueCryptisarelativelynew,freeandopensourceprogramofgreatpromise.It doesnotdisplayanyfileheaderinfotohelpasnooperidentifythefile'spur pose.Theheaderisencryptedandshowsasrandomgarbage.Butitwillidentify whichtypeofformatwasusedtocreatetheTruecryptvolume.DespiteWindowsan dotherprogramsclaimingthepartitionisnotformatted,Truecryptwillitself ratherunhelpfullytelltheworldthatitisobviouslyaTruecryptcreatedvolum e.Iamatalosstounderstandthelogicofthis,butthereitis. Itallowstheencryptionofawholepartitionordrive.Thesourcecodeisfreel yavailablesoitmeansanyonewiththeabilitycancompilethesameprogram.Th eimportanceofthiscannotbetoostronglystressed.Itmeanstheriskofahid denbackdoorisvirtuallyeliminated. Ifthesightingofthesourcecodeisimportanttoyou,IsuggestusingPGPand TrueCrypt.InallcasesyoumustcheckthePGPsignaturesofthesefiles,after downloadingfromatrustedsite.Iwouldneveradvocateusinganyhackedversion ofacriticalsecurityprogram,oronesourcedfromawarezorotherdubioussi te.Certainlynotifyouaretrulyseriousaboutyourprivacy. Note1:PGP,althoughexcellentatensuringEmailprivacy,doesnothingforanon ymity.Thedifferenceiscrucial. Iwillassumethatanonymityisalsoveryhighonyourlistofneedsandsowill concentrateonthatissuefurtherdowntheFaq. 3.Whatisthedifferencebetweentheseencryptionprograms? Oneofthedifficultiesbeforeasymmetricalkeyencryptionwasdiscoveredwasho wtogetthekeytothepersonwantingtosendyouanencryptedmessage.Inthe pasttrustedcourierswereusedtogetthesesecretkeystoadistantlocation, maybeanoverseasembassy.Nowadaysthisisunneccessarybecauseofthediscover yofwhatiscalledpublickeycryptography.Twodifferentkeysareused.Oneke yissecretandtheotherismadepublic.Themostwidespreadprogramofthisty peforprivateuseisPGP,inventedbyPhilZimmerman.Infactithasbecomethe defactostandardontheNet.ThisprogramisidealforEmail. AnybodysendingyoumailsimplyencryptstheirmessagetoyouwithyourPGPpubl ickey.Thepublickeyisobviouslynotsecretinfactitmaybespreadfaran dwidesothatanybodycanfinditiftheywishtosendyouencryptedEmail.The easiestwaytoensurethisisbysendingittoapublickeyserver.Ontheothe rhand,someprefernottosharetheirkey,exceptwithinasmallclosedgroup. Yourchoice. Theonlywaytodecryptthisincomingmessageiswithyoursecretkey.Itisimp ossibletodecryptusingthesamekeythatwasusedtoencryptthemessage,the publickey.Thusitiscalledasymmetricalencryption.PGPissimplicityitself toinstallanduse.Itevenofferstosendyournewlygeneratedpublickeytoa keyserver. Foryournormalharddriveencryption,youwillneedasymmetricaltypeofencry ptionprogram.Thismeansthesamekeyisusedforbothencryptionanddecryptio n.DCPPandTrueCryptareofthistypeandespeciallygoodbecausetheyareOTF (OnTheFly)typeprograms. DCPPandTrueCryptusethepassphrasetoencryptarandomlycreatedkey.DCPPst oresanencryptedcopyofthiskeyinthekeystorewhichisaseparateentityto theencrypteddisk.TrueCryptstoresanencryptedcopyofthekeywithinthehe adersoftheencrypteddevice.Itistheplaintextofthekeythatisusedtoen crypt(anddecrypt)thecontentsofthediskorcontaineronanasneededbasis intoRAMmemory. WithPGPapublickeyischosentoencryptthemessage.PGPwillthengeneratea onetimesessionkeywhichitusestoencryptthemessage.Thissessionkeyis thenitselfencryptedwiththepublickeyoftheintendedrecipientofthemessa ge.Thisencryptedcopyofthesessionkeyisthenwrappedintheheadersandse ntalongwiththeencryptedcopyofthemessagetotherecipient.Onlytherecip ienthastheprivatekeywhichcandecryptthissessionkey.Iftherearemultip lerecipients,thenthissessionkeyisencryptedtothepublickeyofeachreci pientinturn.Allthesedifferentencryptedversionsofthesessionkeyarethe nwrappedintheheadersofthemessage.Eachrecipientcandecrypthisversion ofthesessionkey,whichwillthenbeabletodecryptthemessage.PGPalsohas akeystore.ThekeystoresforbothPGPandDCPPareprotectedbythepassphrase . ThesenderofaPGPmessagemaychoosetosignamessage.Themessagemayormay notbeencrypted.PGPwillthenencryptthehashofthemessagecontentsusing thesendersprivatekey.Hispublickeycanthenbeusedbytherecipienttoche ckthathishashofthemessageisidenticaltotheoriginal,thusprovingitwa smadeusingthesender'sprivatekey.Onlyoneprivatekey,thesender's,cane ncryptthehashsuchthatitwillcheckoutcorrectlywiththesender'spublick ey.Ifevenawhitespacebetweentwowordsisclosedupinamessage,thesigna turewillshowasbad.Thisoffersaverysecuremethodofcheckingboththeacc uracyandtheauthenticiityofamessage. Truecryptandmanyothersymmetricalencryptionprogramsstorethekeywithinth eheadersofthepartitionorcontainer.Onequestionoftenaskedbynewbiesis whetherthepassphraseisalsostoredsomewherewithintheencryptedfile.No.T hepassphraseispassedthroughahash.Itisthehashoutputthatisstoredwit hintheheadersoftheencryptedcontainer.Theprogramwillcomparethishashw iththehashitproducesfromyourpassphrasethatyoutypeintomount(open)t hecontainer.Iftheyareidentical,theprogramwilluseyourpassphrasetodec ryptthekeythattheprogramgeneratedtoencryptthediskorcontainer.Itis thiskeythatwillthenbeusedtodecryptthediskorcontaineronthefly. Hashingisaonewayactiononly;itisimpossibletoderivethekeyfromtheha shoutput.Thehashingprocessissimplyawayofcheckingthatthecorrectpass phrasehasbeeninput.Iftheprogramwassomehowalteredtoforceittousean incorrectpassphrase,theoutputwouldbegarbage.Thereisnoshortcutorfix, withoutthecorrectpassphrasetheoutputwillbejunk. 4.IhaveWindows,amIsafe? Windowsisaclosedsourceoperatingsystemwhichisalawtoitself.Eachnewu pdatethatisreleasedbyMicrosoftseemstoneedfurtherupdatestofixthesec urityholesdiscoveredinthepreviousreleases.Ithasbeenanongoingprocess overmanyyearswithnoendinsight.Theseweaknessescanmanifestthemselvesa ssecurityholeswhenontheNet.Afurtherproblemwiththisoperatingsystemi sitsseemingdeterminationtowritetoyourharddiskallsortsofinformation thatmaybehiddenfromyourviewinallsortsofplacesthatcouldbefoundby aforensicexaminationofyourcomputer. Thuswehaveatwofoldproblem.Firstly,theproblemofWindowshavingthepote