PGP Desktop Security for Windows 95, Windows
Contents
1. E Abe lt abe company com gt 4096 1024 Beth lt beth company com gt 2049 1024 f Carl lt carl company com gt 2048 1024 E Dave lt dave company com gt 3072 1024 fed Elle lt elle company com gt 30721024 Frank lt frank company com gt 2048 1024 f Gwen lt gwen company com gt 2048 1024 f Howard lt howard company com gt 2048 1024 Recipients 0 vay se E Iris lt iris company com gt 2048 1024 fe Jack lt jack company com gt 2048 1024 F Text Output Cancel Help T Wipe Original T Conventional Encryption I Self Dectypting Archive Figure 5 1 PGP Recipients dialog box You can select the recipient s public keys for the file you are encrypting or signing 3 Select the public keys by dragging them to the Recipients list You can choose from the following encryption options depending on the type of data you are encrypting PGP Desktop Security Text Output When sending files as attachments with some email applications you may need to select the Text Output checkbox to save the file as ASCII text This is sometimes necessary in order to send a binary file using older email applications Selecting this option increases the size of the encrypted file by about 30 percent Wipe Original Select this checkbox to overwrite the original document that you are encrypting so that your sensitive information is not readable by anyone who can access your hard dis2. 0 246 Public key tampering 2 200 e eee eee eee eee eee 246 Not quite deleted files 0 00 e eee eee eee 247 Viruses and Trojan horses 000ee eee eee eee eee eee 248 Swap files or virtual memory 202 200 e eee eee eee 249 Physical security breach 00 20 eee eee eee eee eee 250 Tempest attackS 000 e eee eee eee eee eens 250 Protecting against bogus timestamps 000 00eeeeeee 250 Exposure on multi user systeMS 00 2c eee eee eee 252 Traffic analysis 0 0 cee eee 252 CryptanalySis 00 cece eee 252 Appendix D Biometric Word Lists 20 0c cece 255 Biometric Word ListS 0c eee eee eee eee eee 255 GISSA 05 86 Cis one nde SEER ROSE eae hee RE eee 261 1 2 2 ae er ere er nee ae ac E eee ee reece er 273 User s Guide xi Table of Contents xii PGP Desktop Security Preface PGP is part of your organization s security toolkit for protecting one of your most important assets information Corporations have traditionally put locks on their doors and file cabinets and require employees to show identification to prove that they are permitted access into various parts of the business site PGP is a valuable tool to help you protect the security and integrity of your organization s data and messages For many companies loss of confidentiality means loss of business Entire books have been written on the
3. Carl lt carl company com gt Ge Dave lt dave company com gt amp Elle lt elle company com gt g company com El Gwen lt gwen company com gt 39 Photograph E Iris lt iris company com gt 2048 1024 DH DSS public key Iris lt iris company com gt User ID A Iris lt iris company com gt DSS exportable signature E Jack lt jack company com gt 2048 1024 DH DSS key pair z Jack lt jack company com gt User ID 2 Jack lt jack company com gt DSS exportable signature 2 Dave lt dave company com gt DSS signature Beth lt beth company com gt DSS signature OO ROES OO O E 1 key s selected If you have not already created a new key pair the PGP Key Generation Wizard leads you through the necessary steps However before going through the process of creating a new key pair you should see Chapter 3 Making and Exchanging Keys for complete details about the various options From the PGPkeys window you can create new key pairs and manage all of your other keys For instance this is where you examine the attributes associated with a particular key specify how confident you are that the key actually belongs to the alleged owner and indicate how well you trust the owner of the key to vouch for the authenticity of other users keys For a complete explanation of the key management functions you perform from the PGPkeys window see Chapter 6 30 PGP Desktop Security Using P
4. 2000 eee eee eeeeeee 138 Changing a passphrase 0 00 cece eee eee 140 Adding alternate passphrases 20000eee eee e eee eee 141 Removing a passphrase 20 0c eee eee eee eee eee 143 Removing all alternate passphrases 000e eee eeeeee 143 Add Remove Public KeyS 000eeee cece eee eee eens 143 Mounting a PGPdisk volume 0 0 20 e eee e reece eee 145 Using a mounted PGPdisk volume 0022e0eeeeeee 146 Unmounting a PGPdisk volume 000e eee e eee eee 147 Specifying Preferences 0 cece eee ee eee 148 Maintaining PGPdisk Volumes 00200 cece eee eee eee eee 149 Mounting PGPdisk files on a remote server 2 2505 149 Automatically mounting PGPdisk volumes 149 Backing up PGPdisk volumes 00 0s eee eee ences 150 Exchanging PGPdisk volumes 2000 eee e eee eeeee 150 Changing the size of a PGPdisk volume 0 00005 151 Technical Details and Security Considerations 151 About PGPdisk volumes 002 0c eee eee eee eee 152 The PGPdisk encryption algorithm 002 eee eee e ees 152 Passphrase quality 20 cece ee 153 Special security precautions taken by PGPdisk 153 Passphrase eraSure 2 00 02 e eee 154 Virtual memory protection 0 cece eee eee 154 viii PGP Desktop Security Table of Contents
5. Figure 7 5 PGP Key Selection Dialog 4 Drag the key or keys from the bottom pane in the window to the top pane 5 Click OK Mounting a PGPdisk volume When you create a new volume the PGPdisk program automatically mounts it so you can begin using it to store your files When you are ready to secure the contents of the volume you must unmount it for details see Unmounting a PGPdisk volume on page 147 Once a volume is unmounted its contents remain secured in an encrypted file where it is inaccessible until the volume is once again mounted There are several ways to mount a volume e Double click the volume s icon e Drag the volume s icon onto the PGPdisk icon in the PGP 6 5 folder e Drag the volume s icon onto the Mount button on the PGPdisk toolbar e Right click on the volume s icon Select PGPdisk gt Mount PGPdisk e Use the Mount button on the PGPdisk toolbar User s Guide 145 PGPdisk To mount a volume using the Mount button 1 Start PGPdisk The PGPdisk toolbar appears Click Mount or use the Mount PGPdisk option from the File menu The Mount PGPdisk dialog box appears Locate and select the encrypted volume you want to mount then click Open You are prompted to enter the passphrase for the selected volume Enter the passphrase and click OK If you do not want to modify the files in the volume click the Read only check box If you entered the correct passphrase the volume is m
6. Figure 8 8 Host Gateway dialog Viewing the General Panel To view the General panel select Options from the View menu on PGPnet s window Use the General panel to perform the following tasks e Turn Expert Mode on or off e Control the security level of communications with hosts 184 PGP Desktop Security PGPnet Virtual Private Networking e Control the caching of passphrases between logins e Require valid authentication keys from all hosts e Set expiration values for Setup Keys IKE and Primary Keys IPSec which create Security Associations with other configured hosts Expert Mode Bypassing the wizard to add hosts gateways and subnets When you become familiar with PGPnet you can use Expert Mode View gt Options gt General to add and edit hosts gateways and subnets quickly In contrast to the wizard which walks you through the add process step by step when PGPnet is in Expert Mode it presents a single form when you want to add a new entry NOTE If you use Expert Mode remember to select an authentication key or certificate if you have not already done so View gt Options gt Authentication To turn on and use Expert Mode 1 Select Options from the View menu to display the General panel 2 Click Expert Mode a checkmark appears 3 Click OK 4 Click the Hosts tab Click Add to display the Host Gateway dialog DNS Lookup Finding a host s IP address PGPnet s Ex
7. Jio Host 111 222 33 20 ESP CAST HMACSHA 3 26 01 1 08 34 AM PGPnet On oft status On user logged on Figure 8 3 PGPnet window Turning PGPnet on To turn PGPnet on click On on the PGPnet window see Figure 8 3 on page 168 Exiting PGPnet Select Exit from the File menu on the PGPnet window or click the X in the upper right corner of the PGPnet window or click the tray icon and click Exit Note that exiting PGPnet does not disable the PGPnet service or terminate SAs Using PGPnet When PGPnet is on it is running in the background To communicate with a machine use your software for example email or web browser as you normally would PGPnet evaluates each communication and encrypts and tunnels as required 168 PGP Desktop Security PGPnet Virtual Private Networking Viewing the Status Panel The Status panel in the PGPnet window lists active PGPnet SAs and if applicable tells you when they expire see Figure 8 4 on page 170 AnSA may be terminated when it reaches a certain byte limit for example 4 MB of data is transmitted over the SA or after a specific amount of time The length of an SA is negotiated when it is initiated When PGPnet negotiates the SA it sets an expiration value and automatically creates anew SA when the SA reaches that expiration value and expires The SA expiration value is user configurable for more information see Setting key expiration values on pa
8. Memory Static lon Migration Protection 2 154 Other security considerations 00ee cece eee eee 154 Chapter 8 PGPnet Virtual Private Networking 157 Whatis a VPN 2 2 66s chcctsiteu deere yea peel eee 157 How does a VPN work 200 eee eee eee 158 What do you need to protect 000 eee eee 158 PGPnet features 2 64 s cnda oe Hee tide Oh ee Sas ot 159 Wbat is PGPnet esc cceece eetse ase toes cere tae ees tneste arte esac A 159 What is a Security Association 00 0c cee eee 160 PGPnet s two modes tunnel and transport 002 000 eee eens 161 What is tunnel mode 0 0c eee eee eee 161 What is transport mode 000 eee eee 161 How does PGPnet communicate with secure and insecure hosts 161 How do you use PGPnet 2 0c eee eee eee 162 Changing Network Control Panel Settings 163 Starting the PGPnet program 00 cece eee 163 Selecting your authentication key or certificate 164 The PGPnet window at a glance 00s eee e eee eee eee 165 Using PGPnet from PGPtray 2002 e eee eee 167 PGPttay S iCO sc ccsccce cin d heieh eee hae cue Dearest 167 Turning PGPnet off 2 00 30 es feet tae ee ee eee hee eee ee 167 Turning PGPnet On 0 00 cee eee 168 Exiting PGPiet inia iaa a ae a ete dee Gain eee a 168 Using PGPiet 2 2 5 0 chee eee ee ees ee te ee ee
9. PGP Desktop Security for Windows 95 Windows 98 and Windows NT User s Guide Version 6 5 Int Copyright 1990 1999 Network Associates Inc and its Affiliated Companies All Rights Reserved PGP Version 6 5 1 Int 9 9 99 Printed in the EC PGP Pretty Good and Pretty Good Privacy are registered trademarks of Network Associates Inc and or its Affiliated Companies in the US and other countries All other registered and unregistered trademarks in this document are the sole property of their respective owners Portions of this software may use public key algorithms described in U S Patent numbers 4 200 770 4 218 582 4 405 829 and 4 424 414 licensed exclusively by Public Key Partners the IDEA tm cryptographic cipher described in U S patent number 5 214 703 licensed from Ascom Tech AG and the Northern Telecom Ltd CAST Encryption Algorithm licensed from Northern Telecom Ltd IDEA is a trademark of Ascom Tech AG Network Associates Inc may have patents and or pending patent applications covering subject matter in this software or its documentation the furnishing of this software or documentation does not give you any license to these patents The compression code in PGP is by Mark Adler and Jean Loup Gailly used with permission from the free Info ZIP implementation LDAP software provided courtesy University of Michigan at Ann Arbor Copyright 1992 1996 Regents of the University of Michigan All rights reserved Th
10. Non repudiation One way hash Passphrase Password PGP MIME PKCS Public Key Crypto Standards a compact distillate of your message or file checksum It represents your message such that if the message were altered in any way a different message digest would be computed from it a trusted introducer of trusted introducers originally defined in PEM for authentication using MD2 or MD5 Micalg message integrity calculation is used in secure MIME implementations a freely available set of specifications that offers a way to interchange text in languages with different character sets and multimedia email among many different computer systems that use Internet mail standards preventing the denial of previous commitments or actions a function of a variable string to create a fixed length value representing the original pre image also called message digest fingerprint message integrity check MIC an easy to remember phrase used for better security than a single password key crunching converts it into a random key a sequence of characters or a word that a subject submits to a system for purposes of authentication validation or verification an IETF standard RFC 2015 that provides privacy and authentication using the Multipurpose Internet Mail Extensions MIME security content types described in RFC1847 currently deployed in PGP 5 0 and later versions a set of de facto standards for public key c
11. gt Options displays the Allowed Remote Proposals and IKE and IPSec Proposals e The Allowed Remote Proposals section tells PGPnet to accept any proposal from other users that includes any item checked allowed in these boxes The exceptions to this are the None items for Cipher and Hashes Use the None items with extreme caution or not at all If you check None for Ciphers encryption PGPnet accepts proposals that do not include encryption If you check None for Hashes authentication PGPnet accepts proposals that do not include authentication The IKE and IPSec Proposals sections identify the proposals that you make to others Other users must accept exactly what is specified in at least one of your proposals for IKE and for IPSec Allowed Remote Proposals 194 The Allowed Remote Proposals portion of this panel identifies the types of ciphers hashes compression and Diffie Hellman keys that PGPnet allows Only experienced IPSec users should make any changes to the settings on this panel Ciphers are algorithms used to encrypt and decrypt To allow a specific type of cipher CAST or TripleDES place a check in the box to the left of the cipher Check None with extreme caution or not at all as it tells PGPnet to accept proposals that do not include encryption from other users A hash function takes a variable sized input string and converts it to a fixed sized output string To allow a specific type of hash SHA 1 or MD5
12. Sizes 1024 bits 1536 bits User s Guide 197 PGPnet Virtual Private Networking The following table identifies the types of AH ESP and IPPCP used in IPSec Proposals Term Description AH Authentication Header a sub protocol of IPSec that handles authentication only In addition authenticates various pieces of the IP header Useful when encryption is unnecessary for example when an ESP communication is tunneled through a gateway with AH Types SHA and MD5 ESP Encapsulating Security Payload a sub protocol of IPSec that handles both encryption and authentication Hash types None SHA and MD5 Cipher types None CAST and TripleDES IPPCP IP Payload Compression Protocol Types Deflate and LZS NOTE LZS and Deflate increase performance for low speed communications such as modems and ISDN LZS and Deflate decrease performance for fast speed communications for example cable modem DSL T 1 and T 3 This is due to the overhead of the compression routines Perfect Forward Secrecy All IPSec proposals use the same Diffie Hellman setting None 1024 or 1536 bits Adding an IKE or IPSec proposal To add an IKE or IPSec proposal 1 Display the Options window View gt Options 2 Click the Advanced tab 3 Click New and select IKE or IPSec 4 Make the appropriate selections in the IKE or IPSec Proposal popup window 198 PGP Desktop Security PGPnet Virtual Private Networking 5 Click
13. an important aspect to many cryptosystems and a necessary element in generating a unique key s that are unpredictable to an adversary True random numbers are usually derived from analog sources and usually involve the use of special hardware retraction of certification or authorization an IETF document either FYI For Your Information RFC sub series that are overviews and introductory or STD RFC sub series that identify specify Internet standards Each RFC has an RFC number by which it is indexed and by which it can be retrieved www ietf org Glossary RSA secret sharing secure channel self signed key session key sign signature S MIME Secure Multipurpose Mail Extension short for RSA Data Security Inc or referring to the principals Ron Rivest Adi Shamir and Len Adleman or referring to the algorithm they invented The RSA algorithm is used in public key cryptography and is based on the fact that it is easy to multiply two large prime numbers together but hard to factor them out of the product see Key Splitting a means of conveying information from one entity to another such that an adversary does not have the ability to reorder delete insert or read SSL IPSec whispering in someone s ear a public key that has been signed by the corresponding private key for proof of ownership the secret symmetric key used to encrypt each set of data ona transaction basis A different sess
14. e Microsoft Excel many different types of files e Quark XPress 224 PGP Desktop Security Transferring Files Between the Mac OS and Windows The following general filename extensions are also converted CVS dl msp plt SPC Qz mpg mod pit arj fli pac pm Sr vga dvi SVX txt ima ico pobm ppm sun hal tex wav mdi eps iff pcs rif Sup Izh aif tar pak Mac img PCx tle wmf Z Zip pct tif cgm bm pgm shp flc exe au pic eps User s Guide 225 Transferring Files Between the Mac OS and Windows 226 PGP Desktop Security Phil Zimmermann on PGP This chapter contains introductory and background information about cryptography and PGP as written by Phil Zimmermann Why I wrote PGP Whatever you do will be insignificant but it is very important that you do it Mahatma Gandhi It s personal It s private And it s no one s business but yours You may be planning a political campaign discussing your taxes or having a secret romance Or you may be communicating with a political dissident in a repressive country Whatever it is you don t want your private electronic mail email or confidential documents read by anyone else There s nothing wrong with asserting your privacy Privacy is as apple pie as the Constitution The right to privacy is spread implicitly throughout t
15. s public key No impostor can fool you into accepting his own bogus key as Alice s because no one else can forge signatures made by David A widely trusted person could even specialize in providing this service of introducing users to each other by providing signatures for their public key certificates This trusted person could be regarded as a Certificate Authority Any public key certificates bearing the Certificate Authority s signature could be trusted as truly belonging to the person to whom they appear to belong to All users who wanted to participate would need a known good copy of just the Certificate Authority s public key so that the Certificate Authority s signatures could be verified In some cases the Certificate Authority may also act as a key server allowing users on a network to look up public keys by asking the key server but there is no reason why a key server must also certify keys A trusted centralized Certificate Authority is especially appropriate for large impersonal centrally controlled corporate or government institutions Some institutional environments use hierarchies of Certificate Authorities For more decentralized environments allowing all users to act as trusted introducers for their friends would probably work better than a centralized key certification authority One of the attractive features of PGP is that it can operate equally well in a centralized environment with a Certificate A
16. Expires Cipher Join Key Enabled Change Passphrase Fingerprint Hexadecimal Trust Model A unique identifying number associated with each key This identification number is useful for distinguishing between two keys that share the same user name and email address The key type either RSA or Diffie Hellman DSS The size of the key The date when the key was created The date when the key expires Owners specify this date when they create their keys and the value is usually set to Never However some keys are set to expire on a particular date if the owner wants them to be used for a limited period of time CAST Triple DES or IDEA This is the preferred encryption algorithm by which the owner of the key requests that you encrypt to his public key If this algorithm is allowed in your Advanced Options it will be used whenever encrypting to this key Opens the Key Share Collection dialog box Available for split keys only See Signing and decrypting files with a split key on page 94 for information about rejoining split keys Indicates whether the key is currently enabled When a key is disabled it is dimmed in the PGPkeys window and is not available for performing any PGP functions except Decrypt and Verify However the key remains on your keyring and you can enable it again at any time To enable or disable a key select or clear the Enabled checkbox The checkbox is not visible for implicitly trusted ke
17. Fewer Choices I Search Pending Area Keys 0 alcty Size Description Cmn Figure 3 16 PGPkeys Search window More Choices view 3 Choose the server you wish to search from the Search for Keys On menu User s Guide 71 Making and Exchanging Keys 4 Specify your search criteria You can search for keys on a certificate server by specifying values for these key characteristics e User ID e KeyID e Key Status Revoked or Disabled e Key Type Diffie Hellman or RSA e Creation date e Expiration date e Revoked keys e Disabled keys e Key size e Keys signed by a particular key The inverse of most of these operations is also available For example you may search using User ID is not Bob as your criteria 5 Enter the value you want to search for 6 Click More Choices to add additional criteria to your search for example Key IDs with the name Fred created on or before October 6 1997 7 To begin the search click Search A progress bar appears displaying the status of the search NOTE To cancel a search in progress click Stop Search The results of the search appear in the window 8 To import the keys drag them to the PGPkeys main window 9 Click Clear Search to clear your search criteria Adding public keys from email messages A convenient way to get a copy of someone s public key is to have that person include it in an email message When a public key is sen
18. Figure 8 12 The Advanced Panel 196 PGP Desktop Security PGPnet Virtual Private Networking Proposals Use the Proposals portion of the Advanced panel to add edit remove or reorder your existing proposals Again only experienced IPSec users should make any edits to this panel The IKE and IPSec proposals tell PGPnet what proposals to make to other users proposals must be accepted exactly as specified Note that PGPnet allows a minimum of one and maximum of 16 proposals for both IKE and IPSec proposals NOTE LZS and Deflate increase performance for low speed communications such as modems and ISDN LZS and Deflate decrease performance for fast speed communications for example cable modem DSL T 1 and T 3 This is due to the overhead of the compression routines The following table identifies the types of Authentication Hash Ciphers and Diffie Hellman used in IKE proposals Term Authentication Hash Cipher DH Diffie Hellman Description Means of verifying information such as identity Types Shared Key a secret key is shared by two or more users DSS Signature a Digital Signature Standard signature RSA Signature A hash function takes a variable size input string and converts it to a fixed size output string Types SHA Secure Hash Algorithm MD5 Message Digest Algorithm An algorithm used to encrypt and decrypt Types CAST TripleDES A key agreement protocol
19. If you have a PGPnet administrator PGPnet may be configured when you install the software If you do not have a PGPnet administrator or if PGPnet is not pre configured you must install PGPnet select your authentication key or certificate or both and configure hosts gateways and subnets to PGPnet via the Add Host wizard box When PGPnet is configured the software runs in the background Any time you attempt to communicate with another machine for example via email or web browser PGPnet checks to see if there is an active SA for the machine e If there is an SA for the target machine PGPnet transmits your communication according to the terms of the existing SA e If there is no SA for the target machine and the machine is secure PGPnet initiates an IKE negotiation which establishes an SA and transmits your communication e If there is no SA for the target machine and the machine is not secure PGPnet handles the communication according to the Security settings on the General panel View gt Options gt General That is if both Require secure communications with all hosts and Allow communications with unconfigured hosts are checked PGPnet only allows the machine to communicate securely NOTE This is potentially dangerous as you will not be able to talk to DNS DHCP or WINS servers unless they are running PGPnet or are explicitly designated as insecure hosts Please note the following e All SAs
20. NonExportable Never Exportable C Date ec Meta Introducer Non Exportable 4 Trusted Introducer Exportable Domain restriction Fewer Choices Figure 6 8 PGP Sign Keys dialog box More Choices Choose a signature type to sign the public key with Your options are Non exportable Use this signature when you believe the key is valid but you don t want others to rely on your certification This signature type cannot be sent with the associated key to a key server or exported in any way Exportable Use exportable signatures in situations where your signature is sent with the key to the key server so that others can rely on your signature and trust your keys as a result This is equivalent to checking the Allow signature to be exported checkbox on the Sign Keys menu Meta Introducer Non Exportable Certifies that this key and any keys signed by this key with a Trusted Introducer Validity Assertion are fully trusted introducers to you This signature type is non exportable User s Guide 117 Managing Keys and Setting PGP Options e Trusted Introducer Exportable Use this signature in situations where you certify that this key is valid and that the owner of the key should be completely trusted to vouch for other keys This signature type is exportable You can restrict the validation capabilities of the trusted introducer to a particular email domain 5 If you want to limit the Trusted Introduce
21. adopted in 1976 as FIPS 46 a calculated brute force attack to reveal a password by trying obvious and logical combinations of words the first public key algorithm invented in 1976 using discrete logarithms in a finite field electronic money that is stored and transferred through a variety of complex protocols an establishment of peer to peer confidence see signature User s Guide 263 Glossary DSA Digital Signature a public key digital signature algorithm proposed by NIST for Algorithm use in DSS DSS Digital Signature a NIST proposed standard FIPS for digital signatures using Standard DSA ECC Elliptic Curve a unique method for creating public key algorithms based on Cryptosystem mathematical curves over finite fields or with large prime numbers EES Escrowed a proposed U S government standard for escrowing private Encryption Standard keys Elgamal scheme used for both digital signatures and encryption based on discrete logarithms in a finite field can be used with the DSA function Encryption a method of scrambling information to render it unreadable to anyone except the intended recipient who must decrypt it to read it Fingerprint a uniquely identifying string of numbers and characters used to authenticate public keys This is the primary means for checking the authenticity of a key See Key Fingerprint FIPS Federal Information Processing Standard a U S government standard publishe
22. and PGP This appendix is intended to document how this problem is finally solved by PGP version 5 5 x and to discuss how to communicate with previous versions of PGP The Mac OS stores files differently from other operating systems Even the text file format of the Mac OS is different Mac OS files are really two files consisting of a Data segment and a Resource segment In order to send a file from Mac OS to Windows without losing data the two segments must be merged into one The standard method by which a Mac OS file is converted into a single file so that it can be transferred to another Macintosh or PC without losing either of its halves is called MacBinary The problem is that without special software Windows and other platforms cannot inherently understand the MacBinary format If a situation occurs where the receiving software fails to convert a MacBinary format file into a Windows file the resulting file is unusable Third party utilities exist on Windows to convert it after the fact into a usable file but that can be rather inconvenient Previous versions of PGP and most utilities available on the market today generally try to ignore this problem as much as possible and leave all decisions up to the user as to whether or not to encode a file with MacBinary when sending from Mac OS This places the burden of deciding to send with MacBinary and not risk losing any data or send without MacBinary with hope that no important data wi
23. designate will be able to revoke your DH DSS key send it to the server and it will be just as if you had revoked it yourself To appoint a designated revoker 1 Open PGPkeys 2 Select the key pair for which you want to designate a revoker 3 Select Add Revoker from the Keys menu A dialog box opens and displays a list of keys 4 Select the key s in the User ID list that you want to appoint as a designated revoker 5 Click OK A confirmation dialog box appears 6 Click OK to continue The Passphrase dialog box appears 7 Enter your passphrase then click OK 8 The selected key s is now authorized to revoke your key For effective key management distribute a current copy of your key to the revoker s or upload your key to the server See Distributing your public key on page 66 for instructions Setting PGP options 122 PGP is configured to accommodate the needs of most users but you have the option of adjusting some of the settings to suit your particular computing environment You specify these settings through the Options dialog box which you can access by choosing Options from the PGPkeys Edit menu PGP Desktop Security Managing Keys and Setting PGP Options Setting general options Use the General panel to specify your encrypting signing and file wiping preferences To set general PGP options 1 Open PGPkeys 2 In the PGPkeys Edit menu select Options The Options menu opens with the General p
24. gateway or subnet User s Guide 159 PGPnet Virtual Private Networking e A secure host is a machine running PGPnet or another IPSec compatible peer to peer capable client software that is software that allows hosts to communicate directly with each other e A secure gateway is a firewall or other gateway machine that tunnels packets through it for authorized parties In this case authorized means the certificate or shared passphrase of the client software is configured as acceptable on the gateway When you use PGPnet you can elect to communicate with a host using your PGP key an X 509 certificate or a shared passphrase e A secure subnet is one that has up to 254 machines behind it that are generally running PGPnet or a compatible client software The secure subnet designation allows you or your administrator to identify a number of machines in the same IP address range that are known to be IPSec compatible Note that secure subnets do not have to be behind gateways amp TIP Ifa subnet has many secure hosts but a small number of insecure hosts setup the subnet as a secure subnet and then add insecure hosts for each exception You can communicate securely with PGPnet users on your own corporate intranet and with other PGPnet users throughout the world You can communicate with gateways subnets and hosts that you or your PGPnet administrator if applicable have identified as secure PGPnet gives you the abilit
25. information and then view the contents After you view the decrypted message you can decide whether to save the information or retain it in its encrypted form Within the Current Window You can perform the same cryptographic tasks using the Current Window menu item which copies the text in the current window to the Clipboard and then performs the selected task Exit Help Options Decrypt amp Verify Encrypt amp Sign Sign Encrypt rt PGPtools Curent Window gt Clipboard Figure 2 2 PGPtray s Current Window feature 34 PGP Desktop Security Using PGP Using PGP from Windows Explorer You can encrypt and sign or decrypt and verify files such as word processing documents spreadsheets and video clips directly from Windows Explorer If you are not using an email application such as Qualcomm Eudora which supports the PGP MIME standard or an application such as Exchange or Outlook that doesn t require PGP to encrypt or sign files you must use this method to attach files that you want to send along with your email messages You might also want to encrypt and decrypt files that you store on your own computer to prevent others from accessing them To access PGP functions from Windows Explorer choose the appropriate option from the PGP submenu of the File menu The options that appear depend on the current state of the file you have selected If the file has not yet been encrypted or s
26. s Guide 207 Creating a VPN with PGPnet 208 9 For example if your company were using the Net Tools PKI Server you would click the Download a CA Certificate link and then examine the Root CA certificate Copy the key block including the Designated Cert and certificate extensions for the Root CA certificate and paste it into your PGPkeys window The Import Key dialog box appears and imports the Root CA certificate into your keyring Sign the Root CA certificate with your key to make it valid You may also want to make the Root CA certificate a meta introducer so you automatically trust certificates signed by it View its Properties and set its trust to Trusted Select Options from PGPkeys Edit menu then click on the CA tab The CA tab displays Enter the URL for the Root CA in the Certificate Authority URL text box This is the same URL you used in Step 1 If there is a separate URL for the Revocation CA enter it in the corresponding text box If you do not know the URL for the Revocation CA leave this field blank or consult your company s PGP or PKI administrator In the Type box select the type of PKI Server your company is using Net Tools PKI Server VeriSign OnSite or Entrust Click the Select Certificate button then select the Root CA certificate 10 Click OK 11 On the PGPkeys screen select your key pair or private key pull down the Keys menu select Add then slide over
27. s icon Creating a new PGPdisk volume 138 To create a new PGPdisk volume 1 2 Start PGPdisk The PGPdisk toolbar appears Click New The PGPdisk Wizard appears on your screen Read the introductory information Click Next Specify the name and location of the new volume Click Save Enter the amount of space you want to reserve for the new volume PGPdisk Size field Use whole numbers no decimal places You can use the arrows to increase or decrease the number displayed in the field The amount of free disk space for the selected drive is shown above the Size field Click the appropriate radio button to select kilobytes megabytes or gigabytes Depending on the amount of available disk space you can create a volume of any size between 100 kilobytes and 2 gigabytes Select the letter of the drive where you want to mount your PGPdisk volume PGPdisk Drive Letter field You can use the arrow to display and select a different drive letter Click Next PGP Desktop Security PGPdisk 10 11 12 13 14 15 16 17 18 19 Enter the string of words or characters that will serve as your passphrase to access the new volume also called the volume s master passphrase To confirm your entry press TAB to advance to the next text box then enter the same passphrase again The minimum size for a passphrase is 8 characters Normally as an added level of security the characters you ente
28. using 185 DSA Digital Signature Algorithm definition 264 DSS Digital Signature Standard definition 264 DSS Diffie Hellman technology keys creating 42 276 PGP Desktop Security E ECC Elliptic Curve Cryptosystem definition 264 editing a host subnet or gateway 183 and IKE or IPSEC proposal 199 EES Escrowed Encryption Standard definition 264 Elgamal scheme definition 264 email combining recipient groups 85 copying public keys from 72 creating recipient groups 84 decrypting 29 85 to 87 deleting recipient groups 84 encrypting 28 77 to 82 to groups of people 83 with Eudora 77 including your public key in 69 receiving private 77 selecting recipients 37 sending private 77 signing 28 77 to 82 with Eudora 77 using PGP with 36 verifying 29 85 to 87 email plug ins using 77 Enabled property 110 enabling keys 119 encrypting email 28 77 to 82 86 to 87 to groups of people 83 from the Clipboard 34 using Eudora 77 encryption definition 264 Index encryption options email conventional 80 82 Secure Viewer 80 82 self decrypting archive 80 82 files conventional 91 to 92 Secure Viewer 90 92 self decrypting archive 91 to 92 text output 90 92 wipe original 90 92 setting 123 Enigma 244 establishing an SA 173 ethernet 173 Eudora 86 with PGP MIME 86 without PGP MIME 87 exchanging PGPdisk volumes 150 public keys 27 obtaining others 70 to 73 exiting PGPnet 167 to 168 expert mode using to add ho
29. 202 Security Association definition 159 how an SA is created 160 See also SA security breach description 250 selecting email recipients 37 self decrypting archive 80 82 91 to 92 self decrypting archive What s New in PGP 14 286 PGP Desktop Security self signed key definition 269 sending private email 77 servers mounting PGPdisk volumes on 149 options 130 set as root 131 synchronizing 131 See also Certificate server session key definition 269 set adapter function 201 setting key expiration values 190 options 122 passphrase for a key 43 setting up PGPnet 162 setup exe installing PGP Desktop Security 22 shared secret using to establish an SA 175 SHA 1 hash and PGPnet 194 shortcuts 37 shortcuts HotKeys 128 Show Events 170 sign definition 269 signature definition 269 signing deleting signatures 120 email 28 77 to 82 keys 116 public keys 75 116 236 using Eudora 77 with split keys 94 Index signing keys meta introducer 76 trusted introducer 75 sleep mode unmounting in 148 snake oil 241 specifying PGPdisk volume location 138 volume name 138 splitting keys 51 SSL Secure Socket Layer definition 270 starting Expert mode 185 PGPnet 163 168 PGPtray 33 stopping PGPnet 167 storing keys 53 Subkey 111 subkey creating new 49 definition 270 expiration 111 properties 111 remove 111 revoke 111 size 111 validity 111 subnets adding 179 gateways adding 176 modifying gateways modifying 18
30. Association between the VPN client PGPnet and the Gauntlet Firewall When the Security Association is created a green dot displays to the right of the gateway host in the SA column 12 Click the Status tab The Security Association is listed 13 If the Security Association is not listed click the Log tab to see what the problem was NOTE Refer to the PGPnet chapter for more information about establishing a Security Association log entry error descriptions and detailed PGPnet configuration information PGP Desktop Security Troubleshooting PGP This appendix presents information about problems you may encounter while using PGP and suggests solutions Error Administrative preferences file not found Authentication rejected by remote SKEP connection Cannot perform the requested operation because the output buffer is too small Could not encrypt to specified key because it is a sign only key Could not sign with specified key because it is an encrypt only key Error in domain name systemic Identical shares cannot be combined Cause The preference file containing the configuration set up by your PGP administrator usually IS IT personnel is missing The user on the remote side of the network share file connection rejected the key that you provided for authentication The output is larger than the internal buffers can handle The selected key can only be used for
31. Desktop Security Using PGP for Secure File Storage To rejoin key shares locally requires the shareholders presence at the rejoining computer Each shareholder is required to enter the passphrase for their key share To rejoin key shares remotely requires the remote shareholders to authenticate and decrypt their keys before sending them over the network PGP s Transport Layer Security TLS provides a secure link to transmit key shares which allows multiple individuals in distant locations to securely sign or decrypt with their key share IMPORTANT Before receiving key shares over the network you should verify each shareholder s fingerprint and sign their public key to ensure that their authenticating key is legitimate To learn how to verify a keypair see Verify with a digital fingerprint on page 74 To rejoin a split key 1 2 Contact each shareholder of the split key To rejoin a key shares locally the shareholders of the key must be present To collect key shares over the network ensure that the remote shareholders are prepared to send their key share file Remote shareholders must have their key share file and password apublic key for authentication to the computer that is collecting the key shares anetwork connection the IP address or Domain Name of the computer that is collecting the key shares At the rejoining computer use the Windows Explorer to select the file s t
32. Networking This chapter describes PGPnet its features and provides instructions on how to use it This chapter also introduces you to the concept of Virtual Private Networks The technology of today has brought many changes to the workplace The bulk of interoffice memos and reports traditionally placed in a mailbox and received in a few days is now sent electronically and received in a matter of seconds Employees who work at home or travel can now make a phone call to transfer data to and from their local or home office Two by products of these advances are an increased security threat to data transmitted over phone lines and a significant rise in the cost of phone services Companies saw the Internet as an answer to rising costs but security remained an issue Fortunately even newer technology provides a solution to both of these problems Virtual Private Networks VPNs allow corporations to transmit data securely over the Internet reducing the security threat to transmitted data and sharply reducing the cost of phone services What is a VPN A VPN allows a corporation to make their applications and data securely available to all corporate users and branches no matter where they are in the world as long as they have access to the Internet VPNs allow secure connections between two machines a machine and a subnet or between two subnets Let s look at an example Company A located in Boston has branch offices in Calif
33. Signing Key box select the keypair that you want to use for authentication to the remote system and enter the passphrase Click OK to prepare the computer to receive the key shares The status of the transaction is displayed in the Network Shares box When the status changes to Listening the PGP application is ready to receive the key shares At this time the shareholders must send their key shares To learn how to send key shares to the rejoining computer see To send your key share over the network on page 64 User s Guide 63 Making and Exchanging Keys 64 When a share is received the Remote Authentication dialog box appears as shown in Figure 3 14 Remote Authentication 21x The remote system has authenticated with the following key at the address shawn This server is authenticating itself to you for the first time Please Confirm the use of the above authentication key or press Cancel to abort the connection Remote Address http 71 11 222 33 44 Authenticating Key Name 111 222 33 40 lt ann company com gt Fingerprint 3533 ICCD 63ED D54AA C048 840B BCD4 834E Validity Invalid Valid Import Key Security Certificate 509 Signature RSA Exchange RSA Cipher TripleDES Hash SHA Cancel Figure 3 14 Remote Authentication dialog box If you have not signed the key that is being used to authenticate the remote system the key will be considered i
34. adapter If you want to communicate securely over an Ethernet connection select your LAN adapter for example 3COM Megahertz LAN PC Card When you have made your selection click OK NOTE On Windows 98 computers WAN is listed as Dialup Adapter instead of Remote WAN Wrapper The installation program binds the PGPnet driver to the adapter you selected and configures your computer to use the PGPnet application If you want to restart your computer automatically select Yes I want to restart my computer now Click Finish to complete the PGP installation and reboot your computer O NOTE You must reboot your computer if you install PGPdisk or PGPnet That s it PGP is installed on your computer User s Guide 25 Installing PGP 26 PGP Desktop Security PGP is based on a widely accepted encryption technology known as public key cryptography in which two complementary keys called a key pair are used to maintain secure communications One of the keys is designated as a private key to which only you have access and the other is a public key which you freely exchange with other PGP users Both your private and your public keys are stored in keyring files which are accessible from the PGPkeys window It is from this window that you perform all your key management functions This section takes a quick look at the procedures you normally follow in the course of using PGP For details co
35. adding or changing a passphrase You cannot remove a master passphrase To remove a passphrase 1 Make sure that the PGPdisk volume is not mounted You cannot remove a passphrase if the PGPdisk volume is mounted 2 Choose Remove Passphrase from the File menu A dialog box appears prompting you to enter the passphrase to be removed 3 Enter the passphrase and then click OK Removing all alternate passphrases You can also remove all alternate passphrases at once This could be useful if other users have alternate passphrases to a PGPdisk volume and you no longer want them to have access to the volume To remove all alternate passphrases 1 Make sure that the PGPdisk volume is not mounted You cannot remove a passphrase if the PGPdisk volume is mounted 2 Hold down the SHIFT key and select Remove Alternate Passphrases from the File menu A dialog box appears to confirm that you want to remove all alternate passphrases 3 Click Yes A dialog box appears telling you that you were successful in removing all alternate passphrases Add Remove Public Keys You can add and remove public keys for a PGPdisk file This feature allows you and others who know the passphrases for those keys to use the keys to mount the volume User s Guide 143 PGPdisk To add a public key to your PGPdisk volume 1 Make sure that the PGPdisk volume is not mounted You cannot add a public key if the volume is mounted Choose
36. an additional gray circle in the ADK column indicates that the key does not have an associated Additional Decryption Key A green circle and user indicates that you own the key and that it is implicitly trusted 32 PGP Desktop Security Using PGP Table 2 2 PGPkeys window icons A pencil or fountain pen indicates the signatures of the PGP users Pa LAN who have vouched for the authenticity of the key A signature with a red X through it indicates a revoked signature A signature with a dimmed pencil icon indicates a bad or invalid signature A signature with a blue arrow next to it indicates that it is exportable A certificate represents an X 509 certificate a recognized electronic document used to prove identity and public key ownership over a communication network A clock indicates an expired X 509 certificate A red X indicates a revoked X 509 certificate EEE An empty bar indicates an invalid key or an untrusted user OOO A half filled bar indicates a marginally valid key or marginally trusted user RNY A striped bar indicates a valid key that you own and is implicitly trusted regardless of the signatures on the key A full bar indicates a completely valid key or a completely trusted user Using PGPtray You can access many of the main PGP functions by clicking the lock icon which is normally located in the System tray and then choosing the appropriate menu item If you can t find t
37. and deletes it from your computer Number of Passes This setting controls how many times the wipe utilities pass over the disk 4 Click OK to save your changes and return to the PGPkeys main window or choose another tab to continue configuring your PGP options PGP Desktop Security Managing Keys and Setting PGP Options Setting file options Use the Files panel to specify the location of the keyrings used to store your private and public keys To set PGP file options 1 Open PGPkeys 2 Select Options from the PGPkeys Edit menu then click the Files tab The Options menu opens with the Files panel showing Figure 6 11 PGP Options 21x General Files Email Hotkeys Servers CA Advanced m Public Keyring File fram Files Network Associates PGPNT PGP Keyrings pubring pkr Browse m Private Keyring File EAProgram Files Network Associates PGPNT PGP Keyrings secr Browse r Random Seed File C Program Files Network Associates PGPNT randseed md Browse Cancel Help Figure 6 11 PGP Options dialog box Files panel 3 Use the buttons listed in the Files panel to set the appropriate location for your public and private keyrings and or random seed file e Public Keyring File Shows the current location and name of the file where the PGP program expects to find your public keyring file If you plan to store your public keys in a file with a different nam
38. and select Certificate The Certificate Attributes dialog box appears 12 Verify the certificate attributes use the Add Edit and Remove buttons to make any required changes 13 Click OK The PGP Enter Passphrase dialog box displays 14 Enter the passphrase for your keypair then click OK The certificate request is sent to the CA server The server authenticates itself to your computer and then accepts your request PGP Desktop Security Creating a VPN with PGPnet At this point your company s PGP or PKI administrator verifies your information in the request The identifying information and public key are assembled and then digitally signed with the CA s own certificate The whole signed package that results is your new certificate The administrator sends you an email message using the email address supplied on your keypair stating that your certificate is ready for retrieval 15 To retrieve your certificate and add it to your keypair open PGPkeys if it s not already open and select the PGP key for which you made the certificate request 16 Pull down the Server menu and select Retrieve Certificate PGP contacts the CA server and automatically retrieves your new X 509 certificate and adds it to your PGP key Configuring the Gauntlet Firewall The next step in establishing a VPN between a system with PGPnet and a Gauntlet Firewall is to appropriately configure the firewall NOTE This
39. and the duration of the task 6 Click OK A confirmation dialog box appears Your freespace wiping task is now scheduled 104 PGP Desktop Security Managing Keys and Setting G PGP Options This chapter explains how to examine and manage the keys stored on your keyrings It also describes how to set your options to suit your particular computing environment Managing your keys The keys you create as well as those you collect from others are stored on keyrings which are essentially files stored on your hard drive or on a floppy disk Normally your private keys are stored in a file named Secring skr and your public keys are stored in another file named Pubring pkr These files are usually located in the PGP Keyrings folder O NOTE Asa result of your private key being encrypted automatically and your passphrase being uncompromised there is no danger in leaving your keyrings on your computer However if you are not comfortable storing your keys in the default location you can choose a different filename or location For details see Setting PGP options later in this chapter Occasionally you may want to examine or change the attributes associated with your keys For instance when you obtain someone s public key you might want to identify its type either RSA or Diffie Hellman DSS check its fingerprint or determine its validity based on any digital signatures included with the key You may also want
40. and then click OK Paste the text into your email message then send the message PGP Desktop Security Sending and Receiving Secure Email Encrypting email to groups of recipients You can use PGP to create group distribution lists For example if you want to send encrypted mail to 10 people at engineering company com you could create a distribution list with that name The Groups menu in PGPkeys contains the Show Groups option that toggles the display of the Groups window in PGPkeys The Groups List window is displayed as in Figure 4 4 NOTE If you intend to encrypt information to all members of an existing email distribution list you must create a PGP group by the same name as and including the same members as the email distribution list For example if there is a staff company comlist set up in your email application you must create a staff company com group in PGP 49 PGPkeys of x File Edit View Keys Server Groups Help X AJE cH Keys Valcity Size Description Qe Abe lt abe company com gt 2048 1024 DH DSS key pair gt Accounting Dept 2048 1024 Split key pair Beth lt beth company com gt 2048 1024 DH DSS key pair Carl lt carl company com gt 2048 1024 DH DSS key pair Ge Dave lt dave company com gt 2048 1024 DH DSS key pair Elle lt elle company com gt H amp B a A 0608 666006 E 2048 RSA public key g Op Gwen lt qwen company com gt 2048
41. arbitrarily inserting a lot of funny non alphabetic characters which has the effect of making your passphrase too easy to forget and could lead to a disastrous loss of information because you can t decrypt your own files However unless the passphrase you choose is something that is easily committed to long term memory you are unlikely to remember it verbatim Picking a phrase on the spur of the moment is likely to result in forgetting it entirely Choose something that is already residing in your User s Guide 45 Making and Exchanging Keys long term memory Perhaps a silly saying you heard years ago that has somehow stuck in your mind all this time It should not be something that you have repeated to others recently nor a famous quotation because you want it to be hard for a sophisticated attacker to guess If it s already deeply embedded in your long term memory you probably won t forget it Of course if you are reckless enough to write your passphrase down and tape it to your monitor or to the inside of your desk drawer it won t matter what you choose Backing up your keys Once you have generated a key pair it is wise to put a copy of it ina safe place in case something happens to the original PGP prompts you to save a backup copy when you close the PGPkeys application after creating a new key pair Your private keys and your public keys are stored in separate keyring files which you can copy just like any other file
42. are terminated when you reboot your machine or put it in sleep mode As a result any machine that you have not communicated with since the last time you rebooted requires a new IKE negotiation e Ifyou Logoff PGPnet SAs may expire and it may be impossible for PGPnet to generate a new one until you log on to PGPnet e PGPnet is always listening for SA requests from other machines PGP Desktop Security PGPnet Virtual Private Networking Changing Network Control Panel Settings PGPnet is bound to and secures a specific network adapter As a result if you change the Network control panel settings PGPnet automatically performs a bindings review and tells you to reboot your system You must reboot the system for PGPnet to work properly Starting the PGPnet program To start PGPnet 1 Select Start gt Programs gt PGP gt PGPnet Or Start from the PGPtray in the Windows system tray PGPtray gt PGPnet gt Status Log or Hosts Either of these actions open the PGPnet window see Figure 8 1 2 PGPnet Of x File View Help Destination Protocol Enciyption Authentication Expres Max Data 111 222 3320 ESP CAST HMACSHA 3 26 01 1 08 34 AM gt PGPnet j On C Off status On user logged on 1 active S s Figure 8 1 The PGPnet window The default setting for PGPnet is on Use the radio buttons in the lower left corner of the window to turn PGPnet on and off If however P
43. by exchanging words with other guesses and like biological evolution the better guesses survived into the next generation After about 200 generations the list had mostly stabilized into a best guess with far greater phonetic distance between the words than what we started with in the initial guess lists The first major hurdle was the development of the metric Linguists have studied sound production and perception for decades and there is a standard feature set used to describe sounds in English For example say the words pun fun dun and gun go ahead try it and notice how your tongue keeps moving back in your mouth on each word Linguists call this the place of articulation and noises that are very different in this feature sound different to English speakers Combining the features of all the sounds in a word gives us a representation of the sound of the entire word and we can compute the phonetic distance between a pair of words Actually it wasn t that simple We didn t know how to weight the various features certain word level features like accents were hard to represent and the feature based analysis simply fails for certain sounds There were also a few other more subtle criteria for example we wanted the words to be common enough to be universally recognizable but not so common as to be boring and we didn t want confusing words like repeat or begin or error Some soun
44. characters long and should contain non alphabetic characters Passphrase MV Hide Typing Passphrase Quality Confirmation Options I Read only passphrase Bae Figure 7 3 New Passphrase dialog box 6 Enter the string of words or characters that will serve as your new passphrase to access the new volume also called the volume s master passphrase To confirm your entry press TAB to advance to the next text box then enter the same passphrase again The minimum size for a passphrase is 8 characters 7 Click OK The New Passphrase dialog box closes Adding alternate passphrases Once you have entered the master passphrase the one used to initially create the disk you can add up to seven other alternate passphrases which can be used to mount the volume You might want to do this if you use the same master passphrase on a regular basis and you want to make the volume available to someone else with their own unique passphrase Only a person who knows the master passphrase can add alternate passphrases Any user who knows a passphrase can change that passphrase but you will always be able to access the contents of the volume if it becomes necessary You also have the option of assigning a read only status to the volume which allows the individual to read the files but prevents them from altering the files in any way User s Guide 141 PGPdisk 142 To add alternate passphrases 1 Ens
45. checkbox User s Guide 43 Making and Exchanging Keys 44 NOTE Your passphrase should contain multiple words and may include spaces numbers and punctuation characters Choose something that you can remember easily but that others won t be able to guess The passphrase is case sensitive meaning that it distinguishes between uppercase and lowercase letters The longer your passphrase and the greater the variety of characters it contains the more secure it is Strong passphrases include upper and lowercase letters numbers punctuation and spaces but are more likely forgotten See Creating a passphrase that you will remember on page 45 for more information about choosing a passphrase z4 WARNING No one including Network Associates can recover a forgotten passphrase 12 Click Next to begin the key generation process The PGP Key Generation Wizard indicates that it is busy generating your key If you have entered an inadequate passphrase a warning message appears before the keys are generated and you have the choice of accepting the bad passphrase or entering a more secure one before continuing For more information about passphrases see Creating a passphrase that you will remember on page 45 If there is not enough random information upon which to build the key the PGP Random Data dialog box appears As instructed in the dialog box move your mouse around and enter a series of ra
46. dialog box opens as shown in Figure 3 3 Add Photo 12 x Drag or paste a picture into the area below To choose a picture from a file click the Select File button For best results crop your picture to 120x144 2 Select File Gk Figure 3 3 Add Photo dialog box 3 Drag or paste your photograph onto the Add Photo dialog box or browse to it by clicking Select File NOTE The photograph must be a JPG or BMP file For maximum picture quality crop the picture to 120x144 before adding it to the Add Photo dialog box If you do not do this PGP will scale the picture for you 4 Click OK The Passphrase dialog box opens as shown in Figure 3 4 PGP Enter Passphrase for Selected Key x Signing key Philip R Zimmermann lt prz pgp com gt DSS 1024 x Please enter your passphrase Hide Typing Figure 3 4 Passphrase dialog box 5 Enter your passphrase in the space provided then click OK Your photographic user ID is added to your public key and is listed in the PGPkeys window You can now send your key to the server See To send your public key to a certificate server on page 66 for additional instructions 48 PGP Desktop Security Making and Exchanging Keys To replace your photographic ID 1 Open PGPkeys 2 Select your key pair 3 Select the photograph that you want to replace 4 Choose Delete from the Edit menu 5 Add your new photographic ID
47. ethernet PGPnet must be bound to the ethernet adapter if the network connection is via modem then PGPnet must be bound to the modem adapter also known as the Remote Access WAN Wrapper or Dialup Adapter 3 After installing PGPnet reboot both systems 4 Verify that each system has an authentication certificate in the X 509 Authentication section of the Authentication panel View gt Options gt Authentication 5 Ensure that the root CA for the X 509 certificate exists and is signed and fully trusted on both systems Both systems must have the same Root CA PGP Desktop Security PGPnet Virtual Private Networking 6 Atleast one user must create an entry in PGPnet s host list for the other system You must know the other system s host name or IP address Verify that the entry identifies the host as a secure host If the host is secure the icon next to the host entry on the Hosts panel displays a computer with a lock 7 Click on the host s entry on the Hosts panel and click Connect If the connection is successful a green dot appears in the SA column Establish an SA using shared secret passphrase authentication Follow the steps below to establish an SA with another host using a shared secret passphrase for authentication To establish an SA with another host using shared secret for authentication z4 WARNING Unlike traditional PGP passphrases Shared Secret passphrases are stored on your computer unencry
48. file if possible Download the freeware version or buy the commercial version of the product Ask the sender to re send the message if it s a message that you re working with If it s your keyring try restoring from your backup keyring There is a file that is probably corrupt or missing It may or may not be the keyring file Try using a different file name or path if possible Double click on the detached signature file first You may have the CAPS LOCK on or you simply may have mis typed the passphrase Try again Close other running programs If that doesn t work you may need more memory in your machine Try adding a different user ID or delete the matching one first 218 PGP Desktop Security Troubleshooting PGP Error The specified key could not be found on your keyring The specified input file does not exist There is not enough random data currently available There was an error during the writing of the keyring or the exported file There was an error opening or writing the keyring or the output file This key is already signed by the specified signing key Unable to perform operation because this file is read only or otherwise protected If you store your keyring files on removable media the media may not be inserted Cause The key needed to decrypt the current message is not on your keyring The file name typed in does not exist The random number genera
49. if any of the files in that volume are open Auto unmount on computer sleep When checked this option causes PGPdisk to automatically unmount any mounted PGPdisk volumes when your computer goes into Sleep mode Not all computer models have a sleep mode The Prevent sleep if any PGPdisks could not be unmounted option ensures that your computer will not enter sleep mode in the event that a PGPdisk volume cannot be unmounted NOTE These two options Auto unmount on computer sleep and Prevent sleep if any PGPdisks could not be unmounted are disabled on NT systems Unmount HotKey tab Enable Unmount HotKey tab When you enter a key combination in the text box and check this check box you create and enable a key shortcut that allows you to unmount all PGPdisks in the system with a single touch 3 Click OK when you are through specifying your preferences 148 PGP Desktop Security PGPdisk The automatic unmount settings are useful if you need to leave your computer unattended for a period of time You should adjust the timing for these settings according to how secure your system is from unauthorized physical access You can set both of these preferences at the same time Maintaining PGPdisk Volumes This section describes how to automatically mount PGPdisk volumes when you start your system and how to back up and exchange the data in these volumes with others Mounting PGPdisk files on a remote serve
50. in a log file not all products produce log ales e Email application and version if the problem involves using PGP with an email product for example the Eudora plug in e Specific steps to reproduce the problem Year 2000 compliance Information regarding NAI products that are Year 2000 compliant and its Year 2000 standards and testing models may be obtained from NAI s Web site at http www nai com y2k For further information email y2k nai com Network Associates training For information about scheduling on site training for any Network Associates product call 31 20 5866100 16 PGP Desktop Security Preface Comments and feedback Network Associates appreciates your comments and feedback but incurs no obligation to you for information you submit Please address your comments about PGP product documentation to Network Associates International BV Gatwickstraat 25 1043 GL Amsterdam Netherland You can also e mail comments to tns_documentation nai com Recommended Readings Non Technical and beginning technical books e Whitfield Diffie and Susan Eva Landau Privacy on the Line MIT Press ISBN 0262041677 This book is a discussion of the history and policy surrounding cryptography and communications security It is an excellent read even for beginners and non technical people but with information that even a lot of experts don t know e David Kahn The Codebreakers Scribner ISBN 0684831309 Thi
51. is included with Internet Explorer versions 4 x e PGP User s Manual Adobe Acrobat format Select this option to install the PGP User s Guide e PGP CommandLine Select this option if you want to install the command line version of PGP for Windows NT systems This is for use as a client only Batch server processes require additional licensing Click Next A dialog box appears alerting you that the installer is ready to copy files Review the installation settings then click Next The PGP files are copied to the computer If you have keyrings on your computer from a previous version of PGP click Yes to use your existing keyrings A browse dialog box appears Browse to locate your public keyring Pubring pkr and your private keyring Secring skr If you do not have keyrings on your computer click No When you first open the PGPkeys application you are prompted to create a keypair If you chose to install the PGPnet application the PGPnet Network Adapter List appears listing the network adapters found on your system as shown in Figure 1 2 PGPnet Set Adapter Bg Please select the network adapter you want secured 4 Remote Access WAN Wrapper 8 1 3Com Megahertz LAN PC Card Ethernet Figure 1 2 PGPnet Network Adapter List 24 PGP Desktop Security Installing PGP 14 15 If you want to communicate securely over a modem select your WAN adapter for example Remote Access WAN Wrapper or dialup
52. key or certificate 1 If you have not already done so add the host subnet or gateway to PGPnet for instructions see Adding a host subnet or gateway on page 176 PGPnet adds an entry to the host list on the Hosts panel 2 Select the entry on the Hosts panel and click Edit PGPnet displays the Host Gateway dialog The Remote Authentication section is at the bottom of the dialog User s Guide 183 PGPnet Virtual Private Networking 3 You can require the host subnet or gateway to present a specific PGP key or X 509 certificate to authenticate itself e To require a specific PGP key click the radio button next to PGP Key PGPnet displays the Select Key dialog Click the appropriate key and click OK PGPnet displays the key in the Remote Authentication box Click OK to close the Host Gateway dialog e To require a specific X 509 certificate click the radio button next to X 509 Certificate PGPnet displays the Select X 509 Certificate dialog Click the appropriate certificate and click OK PGPnet displays the certificate in the Remote Authentication box Click OK to close the Host Gateway dialog Host Gateway x Name Secure Host IP Address 123 222 33 4 DNS Lookup fs Secure Host x r Shared Secret Configuration Set Shared Passphrase Identity Tippe P Adcte Z Identity 0 0 0 0 Authentication Any valid key C PGP Key C X509 Certificate Cone
53. key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 RSA public key 2048 1024 DH DSS key pair User ID Photograph Tee ew OO OHeoooe 1 keys selected Figure 6 1 PGPkeys window A key and user icon p represent the private and public key pairs you have created for yourself and single keys represent the public keys you have collected from others If you have more than one type of key you will notice that RSA type keys are silver keys and Diffie Hellman DSS keys are gold keys By clicking on the plus sign at the left side of the key icon you can expand the entries to reveal the user ID and email address for the owner of the key as represented by the envelope icons fej By clicking the plus sign next to an envelope icon you can see the signatures of any users who have certified the user ID If you don t want to expand each key individually simply select the keys of interest and then choose Expand Selection from the Edit menu PGP Desktop Security Managing Keys and Setting PGP Options PGPkeys attribute definitions Keys Validity Size Some of the attributes associated with keys can be displayed in the main PGPkeys window You can choose which attributes you want to make visible by selecting them in the View menu For each selected item in the View menu PGPkeys displays a column in the main window If you want to change
54. keyring files The Public and Private boxes initially display the public keyring of the individual who installed PGPnet typically the administrator To select different keyring files click Browse If you do not have PGPnet keyring files click Use My PGP Keyring Files to tell PGPnet to use your PGP keyring files Note that when you click this button PGPnet uses the PGP keyring files of the user currently logged in to the system When you click Use My PGP Keyring Files both the public and private keyring files are reset to your PGP keyrings Select a PGP key to authenticate your local machine PGP Authentication Select an X 509 certificate to authenticate your local machine X 509 Authentication When you click OK you are asked to enter the passphrase for the selected authentication key or certificate Enter the passphrase and click OK You are asked to enter this passphrase each time you login to PGPnet The exception to this is if Cache passphrase between logins on the General panel is active checked PGP Desktop Security PGPnet Virtual Private Networking Options 2 x General Authentication Advanced l r PGPnet Keyring Files PGP Authentication 509 Authentication Public C Program Files Network Associates PGPNT PGP Keyringsspubring pl Browse Private E Program Files Network Associates PGPNT PGP Keyrings secring skr Browse DeM Par RENA RIES Ea Ann lt ann compa
55. laws and policies can change overnight Once a communications infrastructure optimized for surveillance becomes entrenched a shift in political conditions may lead to abuse of this new found power Political conditions may shift with the election of anew government or perhaps more abruptly from the bombing of a federal building A year after the 1994 Digital Telephony bill passed the FBI disclosed plans to require the phone companies to build into their infrastructure the capacity to simultaneously wiretap 1 percent of all phone calls in all major U S cities This would represent more than a thousandfold increase over previous levels in the number of phones that could be wiretapped In previous years there were only about a thousand court ordered wiretaps in the United States per year at the federal state and local levels combined It s hard to see how the government could even employ enough judges to sign enough wiretap orders to wiretap 1 percent of all our phone calls much less hire enough federal agents to sit and listen to all that traffic in real time The only plausible way of processing that amount of traffic is a massive Orwellian application of automated voice recognition technology to sift through it all searching for interesting keywords or searching for a particular speaker s voice If the government doesn t find the target in the first 1 percent sample the wiretaps can be shifted over to a different 1 percent until the targ
56. lets you alone choose who you trust putting you at the top of your own private certification pyramid PGP is for people who prefer to pack their own parachutes Note that while this decentralized grass roots approach is emphasized here it does not mean that PGP does not perform equally well in the more hierarchical centralized public key management schemes Large corporate users for example will probably want a central figure or person who signs all the employees keys PGP handles that centralized scenario as a special degenerate case of PGP s more generalized trust model User s Guide 239 Phil Zimmermann on PGP How to protect private keys from disclosure 240 Protect your own private key and your passphrase very carefully If your private key is ever compromised you d better get the word out quickly to all interested parties before someone else uses it to make signatures in your name For example someone could use it to sign bogus public key certificates which could create problems for many people especially if your signature is widely trusted And of course a compromise of your own private key could expose all messages sent to you To protect your private key you can start by always keeping physical control of it Keeping it on your personal computer at home is OK or keep it in your notebook computer that you can carry with you If you must use an office computer that you don t always have physical control of t
57. longer be decrypted TIP Use the Revoke option described above if you want to disable the subkey and update the key server Once a subkey has been sent to the server it cannot be removed Designated revoker window To access the Revokers panel for a particular key select the desired key and then choose Properties from the Keys menu The Key Properties dialog box appears as shown in Figure 6 2 on page 109 Click the Revokers tab The Revokers panel appears as shown in Figure 6 3 112 PGP Desktop Security Managing Keys and Setting PGP Options Abe lt abe company com gt General Subkeys Fi r Designated Revoker Keys Qe Beth lt beth company com gt Qe Carl lt carl company com gt Ge Dave lt dave company com gt Ge Gwen lt gwen company com gt re Figure 6 4 Key Property dialog box Revokers panel The Revokers panel lists any keys that have the ability to revoke your PGP key For instructions on adding a revoker to your key Adding a designated revoker on page 52 Specifying a default key pair When encrypting messages or files PGP gives you the option to additionally encrypt to a key pair that you specify as your default key pair When you sign a message or someone s public key PGP will use this key pair by default Your default key pair is displayed in bold type to distinguish them from your other keys If you have only one key pair on your keyring it is automatically desig
58. of civilian cryptologic academia For the most part these algorithms have been individually subject to extensive peer review I know many of the world s leading cryptographers and have discussed with some of them many of the cryptographic algorithms and protocols used in PGP It s well researched and has been years in the making And I don t work for the NSA But you don t have to trust my word on the cryptographic integrity of PGP because source code is available to facilitate peer review One more point about my commitment to cryptographic quality in PGP Since I first developed and released PGP for free in 1991 I spent three years under criminal investigation by U S Customs for PGP s spread overseas with risk of criminal prosecution and years of imprisonment By the way you didn t see the government getting upset about other cryptographic software it s PGP that really set them off What does that tell you about the strength of PGP I have earned my reputation on the cryptographic integrity of my products I will not betray my commitment to our right to privacy for which I have risked my freedom I m not about to allow a product with my name on it to have any secret back doors User s Guide 245 Phil Zimmermann on PGP Vulnerabilities Tf all the personal computers in the world 260 million were put to work on a single PGP encrypted message it would still take an estimated 12 million times the age of the u
59. of the computer that is collecting the key shares 2 At the rejoining computer use the Windows Explorer to select the file s that you want to sign or decrypt with the split key 3 Right click on the file s and select Sign or Decrypt from the PGP menu The PGP Enter Passphrase for Selected Key dialog box appears with the split key selected 4 Click OK to reconstitute the selected key The Key Share Collection dialog box appears as shown in Figure 3 13 62 PGP Desktop Security Making and Exchanging Keys Key Share Collection Accounting Dept 1 1x Key Accounting Dept Key User Name 4 Abe lt ahe company com 1 Beth beth company com 1 P Carl lt carl company com 1 Total Shares Collected P Total Shares Needed p Network Shares To receive shares securely over your Start Network network connection click the Start Network button Local Shares To add a Share File stored on this computer click the Select Share File button OK Cancel Figure 3 13 Key Share Collection dialog box 5 Do one of the following If you are collecting the key shares locally click Select Share File and then locate the share files associated with the split key The share files can be collected from the hard drive a floppy disk or a mounted drive Continue with Step 6 If you are collecting key shares over the network click Start Network The Passphrase dialog box opens In the
60. other side uses a Diffie Hellman key PGP Desktop Security PGPnet Virtual Private Networking Options 21 x General Authentication Advanced gt PGPnet Keyring Files Public C Program Files Network Associates PGPNT PGP Keyrings pubring pk Browse Private ENPrearem Files Network Associates PGPNT PGP Keyrings secting skr Browse Use Mp REF Kevrira ries rM PGP Authentication EJ Ann lt ann company com gt Select Key Clear Key m X 509 Authentication Unknown certificate keyid is 0x519828E9 Select Certificate Clear Certificate Cancel Help Figure 8 2 The Authentication Panel The PGPnet window at a glance There are three Menus on the PGPnet window e File Exit e View Status Log Hosts and Options e Help Contents and About There are three panels on the PGPnet window e Status Panel Use to review the status of existing SAs see Viewing the Status Panel on page 169 e Log Panel Use to review log entries for diagnostic purposes see Viewing the Log Panel on page 170 e Hosts Panel Use to add edit or remove entries to PGPnet s host list and to establish and terminate SAs see Using the Hosts Panel on page 172 The default setting for PGPnet is on Use the radio buttons in the lower left corner of the window to turn PGPnet on and off User s Guide 165 PGPnet Virtual Private Networki
61. procedure assumes a working Gauntlet Firewall Please refer to the documentation that came with the firewall for complete information lt IMPORTANT Fora VPN between a system with PGPnet and a Gauntlet Firewall version 5 0 to work the firewall must be the default gateway for hosts on the secured subnet When the default gateway and the secure gateway are different when the default gateway is a router for example there are problems routing the return traffic ona local Ethernet LAN This procedure applies to both the Gauntlet Firewall for Windows NT and the Gauntlet Firewall for UNIX Significant differences between the two are called out in the text To configure a Gauntlet Firewall for a VPN 1 Using the Gauntlet Firewall Manager click on the VPN tab The VPN screen displays On the Gauntlet Firewall for UNIX select the VPNs folder and then click on Links User s Guide 209 Creating a VPN with PGPnet 2 Click the Add button The General VPN Parameters screen displays On the Gauntlet Firewall for UNIX this screen is called the Add GVPN Link Configuration screen General YPN Parameters lt gt Link Name YPN Link Mode TERE C Private Trusted C Pass Through l Local Network Remote Network IP Address 10 0 1 0 I T Use IP Range Net Mask 255 255 255 0 Fr E Link Status I Replay Check Enabled C Disabled Cancel Help 3 Add a VPN link with the following settings Link
62. see on the internet and the services that the host can access In addition to the advantages of increased security and reduced costs VPNs also prevent Internet Service Providers ISPs from reading any cleartext messages that is unencrypted messages and give you an additional level of security against internal attacks How does a VPN work A VPN extends a company s intranet that is its internal network across the Internet creating a secure private tunnel How does this work A VPN uses a tunneling protocol for example Internet Protocol Security IPSec and encryption to protect data from the time it leaves the sender to the time it reaches the designated recipient What do you need to protect 158 It is critical that you protect a wide variety of information stored on your machines or transmitted to other entities for example banks clients business partners and state and federal tax agencies e Employee records e Payroll records e User passwords and accounts e Customer sales records e Product research and development files e Source code files Other security concerns include attackers gaining access to your intranet and performing a variety of attacks e Deleting or downloading important files e Reading email e Crashing machines PGP Desktop Security PGPnet Virtual Private Networking e Prevent authorized users from accessing machines denial of service attack e Sniffing packets off the wi
63. signature on a forged confession you might be well advised to migrate to the new PGP DSS keys as your preferred method for making digital signatures because DSS uses SHA as its secure hash algorithm How to protect public keys from tampering In a public key cryptosystem you don t have to protect public keys from exposure In fact it s better if they are widely disseminated But it s important to protect public keys from tampering to make sure that a public key really belongs to the person to whom it appears to belong This may be the most important vulnerability of a public key cryptosystem Let s first look at a potential disaster then describe how to safely avoid it with PGP Suppose you want to send a private message to Alice You download Alice s public key certificate from an electronic bulletin board system BBS You encrypt your letter to Alice with this public key and send it to her through the BBS s email facility Unfortunately unbeknownst to you or Alice another user named Charlie has infiltrated the BBS and generated a public key of his own with Alice s user ID attached to it He covertly substitutes his bogus key in place of Alice s real public key You unwittingly use this bogus key belonging to Charlie instead of Alice s public key All looks normal because this bogus key has Alice s user ID Now Charlie can decipher the message intended for Alice because he has the matching private key He may even ree
64. sure the key s were given to you in a secure manner by the owner or you have verified the fingerprint with the owner Key User Name E Gwen lt gwen company com gt E846 8E1F 9C75 B523 3775 E339 67B0 12FA61A9 0CF5 F Allow signature to be exported Others may rely upon your signature More Choices OK Cancel Help Figure 6 7 PGP Sign Keys dialog box Fewer Choices 4 Click the Allow signature to be Exported checkbox to allow your signature to be exported with this key 116 PGP Desktop Security Managing Keys and Setting PGP Options An exportable signature is one that is allowed to be sent to servers and travels with the key whenever it is exported such as by dragging it to an email message The checkbox provides a shorthand means of indicating that you wish to export your signature Or Click the More Choices button to configure options such as signature type and signature expiration Figure 6 8 PGP Sign Key 1271 xi By signing the selected user ID s you are certifying based on your own direct first hand knowledge that the key s and attached user ID s actually belong to the identified user s Before signing make sure the key s were given to you in a secure manner by the owner or you have verified the fingerprint with the owner Key User Name _Fingerprint Ea Gwen company com 32ED 8503 7174 8971 3547 F85B CE24 0268 0165 2444 I Signature Type p Expiration _
65. t rely on a single centralized list of which keys have been compromised This makes it a bit harder to contain the damage of a private key compromise You just have to spread the word and hope that everyone hears about it If the worst case happens your private key and passphrase are both compromised hopefully you will find this out somehow you will have to issue a key revocation certificate This kind of certificate is used to warn other people to stop using your public key You can use PGP to create such a certificate by using the Revoke command from the PGPkeys menu or by having your Designated Revoker do it for you Then you must send this to a PGP Desktop Security Phil Zimmermann on PGP certificate server so others can find it Their own PGP software installs this key revocation certificate on their public keyrings and automatically prevents them from accidentally using your public key ever again You can then generate a new private public key pair and publish the new public key You could send out one package containing both your new public key and the key revocation certificate for your old key What if you lose your private key Normally if you want to revoke your own private key you can use the Revoke command from the PGPkeys menu to issue a revocation certificate signed with your own private key But what can you do if you lose your private key or if your private key is destroyed You can t revoke it yoursel
66. that you want to verify 3 Choose Properties from the Keys menu or click gt to open the Properties dialog box PGP Desktop Security Managing Keys and Setting PGP Options The Properties dialog box opens as shown in Figure 6 5 Philip R Zimmermann lt prz pgp com gt xi General Subkeys Revokers p OxFAEBDSFC Type DH DSS Size 204871028 Created 4 7 97 Expires Never Cipher CAST V Enabled m Eingerprint banjo pharmacy shadow pharmacy blackjack amulet drifter enchanting cowbell aggregate locale headwaters flatfoot revival gazelle breakaway wallet underfoot sterling Wilmington I Hexadecimal m Trust Model invalid me Valid Untrusted Trusted Figure 6 5 PGP Properties dialog box 4 Use the series words or characters displayed in the Fingerprint text box to compare with the original fingerprint By default a word list is displayed in the Fingerprint text box example shown in Figure 6 6 However you can select the Hexadecimal checkbox to view the fingerprint in 20 hexadecimal characters example shown in Figure 6 6 Fingerprint Fingerprint banjo pharmacy shadow pharmacy blackjack amulet drifter enchanting cowbell aggregate locale headwaters 17AF BAAF 2106 4E51 3F03 7E6E 63CB 691D FAEB D5FC flatfoot revival gazelle breakaway wallet underfoot sterling Wilmington I Hexadecimal Word list view Hexadecimal view Figure 6 6 Fingerprint t
67. the data for a volume stored in this manner makes it easy to manipulate and exchange PGPdisk volumes with others but it also makes it easier to lose data if the file is somehow deleted It is wise to keep a back up copy of these encrypted files so that the data can be recovered in case something happens to the original It is also important to note that you cannot compress an encrypted file in an attempt to reduce its size but you can compress the individual files contained in the mounted volume and thereby store more encrypted data in the volume You can also store one secure PGPdisk volume within another and thus nest several volumes for an added level of security The PGPdisk encryption algorithm Encryption employs a mathematical formula to scramble your data so that no one else can use it When you apply the correct mathematical key you unscramble your data The PGPdisk encryption formula uses random data for part of the encryption process Some of this random data comes from the movement of your mouse during encryption and some random data also comes directly from your passphrase The PGPdisk program uses a sophisticated encryption algorithm referred to as CAST which is considered an excellent block cipher because it is fast and very difficult to break Its name is derived from the initials of its designers Carlisle Adams and Stafford Tavares of Northern Telecom Nortel Nortel has applied for a patent for CAST but they have made a commi
68. the task is completed click Cancel NOTE Clicking Cancel during file wipe can leave remnants of the file behind To permanently delete a file using PGPtools 1 In the Windows Explorer select the file or files that you want to wipe 2 Drag the file onto the Wipe button L in PGPtools A confirmation dialog box appears E 3 Click OK to permanently erase the file To stop wiping the file before the task is completed click Cancel NOTE Clicking Cancel during file wipe can leave remnants of the file behind User s Guide 99 Using PGP for Secure File Storage Even on systems with virtual memory PGP correctly writes over all the contents of the file It is worth noting that some application programs save the file prior to encrypting it and may have leave fragments of the file on your disk in locations which are no longer considered part of the file For more information see Swap files or virtual memory on page 249 You can use PGP Free Space Wiper to wipe all free space on your disk to solve this problem See the next section for information about Free Space Wiper Also be aware that many programs automatically save files in progress so there may be back up copies of the file that you want to delete Using the PGP Free Space Wiper to clean free space on your disks 100 As you create and delete files on your computer the data contained in those files remains on the drive PGPt
69. this certificate as your X 509 authentication key in PGPnet View gt Options gt Authentication Changing your passphrase It s a good practice to change your passphrase at regular intervals perhaps every three months More importantly you should change your passphrase the moment you think it has been compromised for example by someone looking over your shoulder as you typed it in To change your passphrase 1 Open PGPkeys 2 Select the key for which you want to change the passphrase 56 PGP Desktop Security Making and Exchanging Keys 3 Choose Properties from the Keys menu or click gt to open the Properties dialog box The Properties dialog box appears as shown in Figure 3 10 Dave lt davye company com gt 127 xi General Subkeys Revokers D 0x81 76994AB Type DH DSS Size 20481024 Created 4726 99 Expires Never Cipher CAST M Enabled Change Passphrase 485A 96CC 8004 5BE4 AC61 D182 8C18 410C 8176 9948 Fingerprint IV Hexadecimal Trust Model invalid me Valid Untrusted Trusted IV Implicit Trust Figure 3 10 Properties dialog box General panel 4 Click Change Passphrase The Passphrase dialog box appears NOTE If you want to change the passphrase for a split key you must first rejoin the key shares Click Join to collect the key shares See Signing and decrypting files with a split key on page 94 for in
70. to be accepted This Trojan horse version of PGP is not hard for an attacker to create because PGP source code is widely available so anyone could modify the source code and produce a lobotomized zombie imitation PGP that looks real but does the bidding of its diabolical master This Trojan horse version of PGP could then be widely circulated claiming to be from a legitimate source How insidious You should make an effort to get your copy of PGP directly from Network Associates Inc There are other ways to check PGP for tampering using digital signatures You could use another trusted version of PGP to check the signature on a suspect version of PGP But this won t help at all if your operating system is infected nor will it detect if your original copy of pgp exe has been maliciously altered in such a way as to compromise its own ability to check signatures This test also assumes that you have a good trusted copy of the public key that you use to check the signature on the PGP executable PGP Desktop Security Phil Zimmermann on PGP Swap files or virtual memory PGP was originally developed for MS DOS a primitive operating system by today s standards But as it was ported to other more complex operating systems such as Microsoft Windows and the Macintosh OS a new vulnerability emerged This vulnerability stems from the fact that these fancier operating systems use a technique called virtual memory Virtual memory allows y
71. up certificate based authentication 207 Configuring the Gauntlet Firewall 000e ee eens 209 Configuring PGPnet 20 0 e eee eee ees 213 Establishing the VPN using PGPnet 0 000 eee eee ee ees 215 Appendix A Troubleshooting PGP 22000e eee eens 217 Appendix B Transferring Files Between the Mac OS and Windows 221 Sending from the Mac OS to Windows 200 c eee eee eee 222 Receiving Windows files on the Mac OS 000 eee e ee eee 223 Supported Applications snanu annann unanenn 224 Appendix C Phil Zimmermann on PGP 20 000000es 227 Why I wrote PGP 2 o42ci 4 ee ee eee hee ee ee ee ee ee 227 The PGP symmetric algorithms 000 c cee eee eee 231 About PGP data compression routines 2 002e0eeees 233 About the random numbers used as session keys 233 About the message digest 000e cece eee eee eee eee 234 How to protect public keys from tampering 2 235 How does PGP keep track of which keys are valid 238 How to protect private keys from disclosure 2 240 What if you lose your private key 200e essen eee 241 x PGP Desktop Security Table of Contents Beware of snake Oil 2 022 c cece eee eee eee eens 241 VUINGFADINNCS io oe gece ciara ete EENAA RASERNA eee ae ee eee we EA 246 Compromised passphrase and private key
72. using the instructions outlined in To add your photograph to your key on page 47 Creating new subkeys Every Diffie Hellman DSS key is actually two keys a DSS signing key and a Diffie Hellman encryption subkey PGP Version 6 5 provides the ability to create and revoke new encryption keys without sacrificing your master signing key and the signatures collected on it One of the most common uses for this feature is to create multiple subkeys that are set to be used during different periods of the key s lifetime For example if you create a key that will expire in three years you might also create 3 subkeys and use each of them for one of the years in the lifetime of the key This can be a useful security measure and provides an automatic way to periodically switch to a new encryption key without having to recreate and distribute a new public key To create new subkeys 1 Open PGPkeys 2 Select your key pair and then click Properties on the Keys menu or click gt The Properties dialog box opens 3 Click the Subkeys tab The Subkeys dialog box opens as shown in Figure 3 5 User s Guide 49 Making and Exchanging Keys Philip R Zimmermann lt prz pgp com gt 21x General Subkeys Revokers Valid from Expires Size Never 2048 re Figure 3 5 PGP key property page Subkeys dialog box 4 To create a new subkey click New The New Subkey dialog box opens 5 Enter a key size from 1024 to 3072
73. values setting 190 key fingerprint definition 266 key ID definition 266 Key ID property 110 to 111 key length definition 266 key management definition 266 key pair definition 266 key pairs creating 27 40 to 45 creating with PGP Key Wizard 30 description of 40 examining 30 generating 40 making 40 setting expiration of 43 specifying default 113 splitting 51 key server adding a key server 132 deleting keys 66 getting someone s public key from 70 searching 70 134 sending your public key to 45 66 to 67 setting options 130 using to circulate revoke keys 121 See also Certificate server key shortcuts specifying 148 key size Diffie Hellman portion 42 to 43 DSS portion 42 to 43 setting 42 50 trade offs 42 50 key splitting or secret sharing definition 266 Key Type property 110 keyboard shortcuts 37 keyring definition 266 User s Guide 279 Index keyrings changing attributes of 106 to 110 description of 105 location of 105 overview of 27 searching 134 storing elsewhere 105 viewing attributes of 106 to 110 keys adding a photo ID 47 backing up 53 checking fingerprints 114 deleting 120 deleting from server 66 disabling 119 distributing 66 enabling 119 examining 30 exporting to files 121 finding 134 generating 40 granting trust for validations 118 locating 134 managing 105 overview of 39 protecting 53 240 reappearing on server 69 rejoining a split key 61 94 revoked 52 122 re
74. 1024 DH DSS key pair 9 Philip R Zimmermann lt prz pgp com gt 2048 1024 DH DSS public key Ge Philip R Zimmermann lt prz pgp com gt User ID ty Philip R Zimmermann lt prz pgp com gt DSS exportable signature 2 tinko Sian Kav 1D i OTIIA DSS exportable signature 2 tinkiri Sian Kay 1D N S0SGERES DSS exportable signature P dinknown Signer Mav ID R UIE BIE DSS signature 2 Abe lt abe company com gt DSS signature HE Philip A Zimmermann lt prz acm org gt User ID 2 Philip R Zimmermann lt prz pgp com gt DSS exportable signature TA tinkas Simie Kav iD amp IIS RSA exportable signature fa tinki Simi Kav iD amp OFIISI DSS exportable signature w 3e Photograph Photograph Groups SVa Description bd Accounting company com Everyone Qe Beth lt beth company com gt Groups Qe Carl lt call company com gt window Ge Dave lt dave company com gt dinknown Key Key iD amp CEIFA O Gwen lt qwen company com gt Figure 4 4 PGPkeys with Groups window User s Guide 83 Sending and Receiving Secure Email Working with distribution lists Use the Groups feature to create distribution lists and to edit the list of people to whom you want to send encrypted email To create a group distribution list 1 Choose New Group from the Groups menu 2 Enter a name for the group distribution list Optionally enter a group description For example you can name the group everyone company com with a
75. 3 PGP menu decrypting files 93 PGP Microsoft Exchange Outlook 24 PGP MIME definition 267 282 PGP Desktop Security PGP MIME standard overview 37 using to decrypt email 86 to 87 using to encrypt email 77 to 82 PGPdisk 135 to 155 backing up volumes 150 CAST encryption algorithm 152 distributing volumes 150 features 135 mounting volumes 146 nesting volumes 152 security precautions used 153 setting preferences 148 unmounting volumes 146 PGPdisk preferences automatic unmounting 148 unmount hotkey 148 PGPdisk volumes mounting 145 unmounting 147 unmounting automatically 148 PGPkeys window creating key pairs with 40 to 45 Creation label 108 examining keys properties 109 Change Passphrase 110 Enabled 110 Expire 110 112 Fingerprint 110 hexidecimal 110 Key ID 110 to 111 Key Type 110 Trust Model 110 icons in 31 Size label 107 Trust label 108 uses 105 Validity label 107 PGPmenu using 91 93 Index PGPnet 157 adding a host subnet or gateway 176 Allowed Remote Proposals 194 description 159 exiting 168 features of 159 how to set up 162 installing 23 logging off of 167 logging on to 167 modes 161 setting an adapter for 201 setting proposals 197 starting 163 168 stopping 167 turning off 167 turning on 168 using 168 using PGP keys with 173 using shared secret with 175 using to protect data 158 using X 509 certificates with 174 viewing the Hosts Panel 172 viewing the Log Panel 170 v
76. 3 removing 183 symmetric algorithm definition 270 system requirements for Desktop Security 19 System tray using PGP from 34 T tampering protecting your keys against 53 235 tasks scheduled freespace wiping 102 TCP IP configurations 173 technical support email address 15 information needed from user 16 online 15 TEMPEST attacks 250 see also Secure Viewer terminating an SA 162 text definition 270 text output 90 92 timestamping definition 270 TLS Transport Layer Security definition 270 TLSP Transport Layer Security Protocol definition 270 traffic analysis as an attack 252 training for Network Associates products 16 scheduling 16 transport mode description 161 Triple DES definition 270 Triple DES algorithm 133 231 to 232 key size 231 User s Guide 287 Index trojan horses 248 troubleshooting PGP 217 trust 235 granting for key validations 118 Trust Model property 110 trusted definition 270 trusted introducer 75 definition 270 trusted introducers description 236 239 tunnel mode description 161 turning on Expert mode 185 U unmount hotkey specifying an 148 unmounting volumes 147 automatically 148 upgrading from ViaCrypt 20 user ID checking a public key s 236 definition 271 using PGP from the Clipboard 34 from the Finder 33 from the System tray 34 PGPnet 168 using Free Space Wipe 100 V validating keys granting trust for 118 public keys 28 75 288 PGP Desk
77. 3 GL Amsterdam http www nai com info nai com is sometimes used instead of the for registered trademarks to protect marks registered outside of the U S LIMITED WARRANTY Limited Warranty Network Associates Inc warrants that the Software Product will perform substantially in accordance with the accompanying written materials for a period of sixty 60 days from the date of original purchase To the extent allowed by applicable law implied warranties on the Software Product if any are limited to such sixty 60 day period Some jurisdictions do not allow limitations on duration of an implied warranty so the above limitation may not apply to you Customer Remedies Network Associates Inc s and its suppliers entire liability and your exclusive remedy shall be at Network Associates Inc s option either a return of the purchase price paid for the license if any or b repair or replacement of the Software Product that does not meet Network Associates Inc s limited warranty and which is returned at your expense to Network Associates Inc with a copy of your receipt This limited warranty is void if failure of the Software Product has resulted from accident abuse or misapplication Any repaired or replacement Software Product will be warranted for the remainder of the original warranty period or thirty 30 days whichever is longer Outside the United States neither these remedies nor any product support services offered b
78. 4 bits 1536 bits Compression Takes a fixed sized input and creates a smaller fixed sized output Types LZS Deflate NOTE LZS and Deflate increase performance for low speed communications such as modems and ISDN LZS and Deflate decrease performance for fast speed communications for example cable modem DSL T 1 and T 3 This is due to the overhead of the compression routines User s Guide 195 PGPnet Virtual Private Networking To add an item to the Allowed Remote Proposals 1 Display the Options window View gt Options 2 Click the Advanced tab 3 Click the box to the left of the item a checkmark appears 4 Click OK To remove an item from the Allowed Remote Proposals 1 Display the Options window View gt Options 2 Click the Advanced tab 3 Click the box to the left of the item the checkmark is removed 4 Click OK Options i 1x General Authentication Advanced Allowed Remote Proposals Ciphers M CAST M TripleDES M None Hashes V SHA 1 M MD5 F None Diffie Hellman V 1024bits IV 1536 bits Compression M LZS MV Deflate m Proposals IKE Authentication Hash _Cipher DH New Shared Key SHA CAST 1536 bits Shared Key MD5 TripleDES 1024 bits DSS Signature SHA CAST 1536 bits xl NCO Cianshura CUA Tla DEC 1NA hika IPSEC H SESE __IPPC None SHA CAST None None MD5 TripleDES None Perfect Forward Secrecy None x Default Settings
79. 6 14 PGP Options BE General Files Email HotKeys Servers c Advanced a http papkeys mit edurl 1371 Remove Edit Set as Root Move Up Move Down Synchronize with server upon T Encrypting to unknown keys T Revocation T Signing keys T Verification I Adding names photos revokers Figure 6 14 PGP Options dialog box Server panel 130 PGP Desktop Security Managing Keys and Setting PGP Options The Domain column lists the Internet domain such as company com of the available key server s When sending keys to a server PGP attempts to find the key s domain in this list and thus find the appropriate server entry If the domain is not found a server for the first world domain server which serves all keys will be used and other world domain servers down the list may be searched if the first search is unsuccessful To set your server options use these buttons New Adds a new server to your list Remove Removes the currently selected server from your list Edit Allows you to edit server information for the currently selected server Set as root Identifies the root server that is used for specific corporate operations such as updating group lists sending group lists updating introducers etc In corporate settings your security officer will have already configured this Move Up and Move Down Use these buttons to arrange the servers in order of preference 5 Inthe S
80. Add Remove Public Keys from the File menu Select the PGPdisk from the Select PGPdisk toolbar You are prompted to enter the master passphrase The Recipient Selection window appears Drag the key or keys from the top pane in the window to the bottom pane Click OK To remove a public key from your PGPdisk volume 1 Make sure that the PGPdisk volume is not mounted You cannot remove a public key if the volume is mounted Choose Add Remove Public Keys from the File menu Select the PGPdisk from the Select PGPdisk toolbar You are prompted to enter the master passphrase The PGP Key Selection window appears as shown in Figure 7 5 144 PGP Desktop Security PGPdisk wz Recipient Selection 2 x Drag users from this list to the Recipients list Validity Size l lE Abe lt abe company com gt 4096 1024 Beth lt beth company com gt 2048 1024 f Carl lt carl company com gt 2048 1024 Dave lt dave company com gt 3072 1024 3072 1024 2048 1024 2048 1024 2048 1024 Elle lt elle company com gt Frank lt frank company com gt E Gwen lt gwen company com gt f Howard lt howard company com gt Some recipient keys are not valid Please verify that these recipients are correct Recipients 0 vaii e f Iris lt iris company com gt 2048 1024 fe Jack lt jack company com gt 2049 1024 M Conventional Encryption T Self Decrypting Archive
81. And then there was the Watergate mess Congress now seems intent on passing laws curtailing our civil liberties on the Internet At no time in the past century has public distrust of the government been so broadly distributed across the political spectrum as it is today If we want to resist this unsettling trend in the government to outlaw cryptography one measure we can apply is to use cryptography as much as we can now while it s still legal When use of strong cryptography becomes popular it s harder for the government to criminalize it Therefore using PGP is good for preserving democracy If privacy is outlawed only outlaws will have privacy Intelligence agencies have access to good cryptographic technology So do the big arms and drug traffickers But ordinary people and grassroots political organizations mostly have not had access to affordable military grade public key cryptographic technology Until now PGP empowers people to take their privacy into their own hands There s a growing social need for it That s why I created it The PGP symmetric algorithms PGP offers a selection of different secret key algorithms to encrypt the actual message By secret key algorithm we mean a conventional or symmetric block cipher that uses the same key to both encrypt and decrypt The three symmetric block ciphers offered by PGP are CAST Triple DES and IDEA They are not home grown algorithms They were all developed
82. DVISED OF THE POSSIBILITY OF SUCH DAMAGES IN ANY CASE NETWORK ASSOCIATES INC S CUMULATIVE AND ENTIRE LIABILITY TO YOU OR ANY OTHER PARTY FOR ANY LOSS OR DAMAGES RESULTING FROM ANY CLAIMS DEMANDS OR ACTIONS ARISING OUT OF OR RELATING TO THIS AGREEMENT SHALL NOT EXCEED THE PURCHASE PRICE PAID FOR THIS LICENSE BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU Table of Contents gio ee ee ee es eee er 13 What s new in PGP version 6 5 1 0 00 cee eee eee eee 14 How to contact Network Associates 000 e eee e eee eee eee 15 Customer Service 2 0c 15 Technical support 20 ceeeeeeeeeeeeeeeee 15 Year 2000 compliance 00 cece eee eee 16 Network Associates training 00sec eee eee eee 16 Comments and feedback 000 eee e cece eee eee 17 Recommended ReadingS 00eeeeeeeeeee eee eee ee en eeeee 17 Chapter 1 Installing PGP 0 22 cece eee 19 System requirements 00000 e cece 19 Compatibility with other versions 0 00 cece eee eee 20 Upgrading from a previous version 220002eeeeeee 20 Installing PGP 3 0 lt c 0v ctw ceeded cies ewe here tae eee ee a aa 22 Chapter 2 USING PGP cic cewes ces tedeecdcdwee esas aed eee ea dan 27 Basic steps for using PGP 000 e eee eee eee 27 Using PGPkeys iis seek Cees a ee ee eee eee ee 30 PGPkeys icon definitio
83. Each have their own IP addresses The interface that connects to the Internet is called the outside or external interface the interface that goes to the internal network is called the inside or internal interface In most cases the firewall protects the internal network from what s coming in on the external interface IKE Client and IPSec with IKE modes Gauntlet Firewalls support two connection modes IKE Client which works with certificate based authentication only but supports VPN clients who acquire their IP addresses using DHCP that is they don t have fixed IP addresses but receive a different IP address each time they log on and IPSec with IKE which supports certificate based or pre shared secret authentication but requires that all hosts or subnets have fixed IP addresses that is it doesn t support DHCP IKE Client mode is generally better suited for VPN client to VPN gateway configurations PGPnet to firewall for example while IPSec with IKE mode is generally better suited for VPN gateway to VPN gateway configurations firewall to firewall PGP Desktop Security Creating a VPN with PGPnet Establishing the VPN To establish a VPN using IKE Client mode and certificate based authentication between the system with PGPnet and the Gauntlet Firewall you must e Set up certificate based authentication e Configure the Gauntlet Firewall e Configure PGPnet e Establish the VPN using PGPnet All of these items ar
84. For example you might want to use this feature if you routinely browse the web This setting is enabled by default To allow communications with unconfigured hosts check this box e To disallow communications with unconfigured hosts leave this box blank Require secure communications with all hosts Use this feature View gt Options gt General to require secure communications with all hosts For example if all of your company s systems are configured with PGPnet use this feature to eliminate the need to identify each host When this box is checked PGPnet negotiates an SA with each target machine before it allows communication The default for this setting is off unchecked e To require PGPnet to negotiate secure communications with all hosts check this box e To allow insecure communications with all hosts uncheck this box NOTE If this feature is on two machines configured as insecure hosts can still communicate with each other PGP Desktop Security PGPnet Virtual Private Networking amp WARNING This security feature is designed for environments where all machines are configured with PGPnet When this feature is active checked it blocks communication from any machine that is not configured with PGPnet As a result if you are not in a PGPnet configured environment and you activate this feature you may lose the bulk of your network traffic Require valid authentication k
85. GP PGPkeys icon definitions PGPkeys menu bar icons The following table shows all of the icons used in the PGPkeys menu bar along with a description of their functions Icon Table 2 1 PGPkeys menu bar icons Function AaB k B e bs o w Launches the Key Generation Wizard Click this button to create a new key pair Revokes the currently selected key or signature Click this button to disable a key or revoke a signature Revoking a key will prevent anyone from encrypting data to it Allows you to sign the currently selected key By signing the key you are certifying that the key and user ID belong to the identified user Deletes the currently selected item Click this button to remove a key signature or photographic ID Opens the Key Search window which allows you to search for keys on local keyrings and remote servers Sends the currently selected key to the server Click this button to upload your key to the Certificate or domain server Updates the currently selected key from a Certificate or domain server Click this button to import keys from a Certificate or domain server to your keyring Displays the Properties dialog box for the currently selected key Click this button to view the General and Subkey properties for a key Allows you to import keys from file on to your keyring Allows you to export the selected key to a file User s Guide 31 Using PGP PGPkeys window icons T
86. GPkeys 2 Select Options from the PGPkeys Edit menu then click the Email tab 126 PGP Desktop Security Managing Keys and Setting PGP Options The Options menu opens with the Email panel showing Figure 6 12 PGP Options 1 x General Files Email Hotkeys Servers CA Advanced m Email Options ru T Encrypt new messages by default T Sign new messages by default I Automatically decrypt verify when opening messages I Always use Secure Viewer when decrypting I Word wrap clear signed messages at column 70 Note some of these options may not be available with all plugins Figure 6 12 PGP Options dialog box Email panel 3 Select your email encryption options from the Email panel Your options are Use PGP MIME when sending mail If you are using Eudora and you enable this setting all of your email messages and file attachments are automatically encrypted to the intended recipient This setting has no effect on other encryptions you perform from the clipboard or with Windows Explorer and should not be used if you plan to send email to recipients who use email applications that are not supported by the PGP MIME standard Using Eudora attachments will always be encrypted regardless of this setting but if the recipient does not have PGP MIME the decryption process will be more manual Encrypt new messages by default If you enable this setting all of your email messages and file atta
87. GPnet Virtual Private Networking Modifying a host subnet or gateway entry There may be times when you need to modify the configuration of a host subnet or gateway For example when a IP address subnet mask or host domain name changes To modify a configuration follow these instructions 1 Click the Hosts tab 2 Select the host subnet or gateway that you want to modify 3 Click Edit Shortcut Instead of selecting the host and clicking Edit double click the host in the host list 4 Make the required edits 5 Click OK The PGPnet database is updated immediately However if the PGPnet service or driver are not operating normally the PGPnet database is not updated until they are working properly This may require a computer reboot Removing a host subnet or gateway entry There may be times when you want to remove a configured host subnet or gateway For example when you feel that any entity is no longer secure To remove a host subnet or gateway follow these instructions 1 Click the Hosts tab 2 Select the host subnet or gateway that you want to remove 3 Click Remove Requiring a host to present a specific key or certificate You may want to require a host to present a specific key or certificate when the host attempts to establish an SA If the host does not present the appropriate key or certificate your system will refuse to communicate with the host To require a host to present a specific
88. GPnet is turned off and the machine is rebooted PGPnet will be off at reboot For more information see Turning PGPnet off on page 167 and Turning PGPnet on on page 168 User s Guide 163 PGPnet Virtual Private Networking Selecting your authentication key or certificate The first step that you must take before you use PGPnet is to select the key and or X 509 certificate that you will use for authentication purposes If you do not have an existing key or X 509 certificate see Making and Exchanging Keys on page 39 164 To select your authenticating key and or certificate 1 Click the View menu on the PGPnet window and select Options or select PGPnet from PGPtray and select Options Click the Authentication tab see Figure 8 2 on page 165 Select the key and or the certificate that you will use to authenticate click Select Key or Select Certificate Note that the key or certificate must be part of a key pair you must have the private key PGPnet displays the selected key or certificate in the PGP Authentication or X 509 Authentication box Click OK A dialog box prompts you for the passphrase for the selected key Enter the passphrase for the key and click OK IMPORTANT If you are creating a VPN connection with another PGPnet host and using PGPkeys for authentication you must both use the same type of PGP key You cannot negotiate an SA if one side of the connection uses an RSA key and the
89. IKE W IPSEC M PGP I System essag Service 161 69 47 185 Authenticated Key ID 0x900ED7E9 6 13 99 4 08 30 PM 6 13 99 4 08 31 PM 6 13 99 4 08 37 PM 6 13 99 4 08 38 PM 6 13 99 4 08 39 PM 6 13 99 4 08 43 PM 6 13 99 4 08 44 PM 6 13 99 4 08 44 PM 6 13 99 4 08 46 PM 6 13 99 4 08 46 PM 6 13 99 4 08 46 PM 6 13 99 4 08 47 PM 6 4290 A NA AQ Phd IKE IKE IKE 161 69 47 185 IKE SA Created 161 69 47 147 IPSEC SA Created 161 69 47 59 Response Timeout Service 161 69 47 59 Unable to establish Security Association with peer IKE IKE IKE 161 69 47 43 IPSEC SA Died 161 69 47 185 IPSEC SA Created 161 69 47 43 IPSEC SA Created IPSEC 161 69 47 118 no SA found for packet Service 192 168 1922 Authenticated Key ID Ox900ED7E9 IKE IKF 192 168 192 2 IKE SA Created IPSEC 161 69 47 118 noSA found for packet 161 BOAT 147 IKE CA Nisd status On user logged on Figure 8 5 The Log Panel The following table describes the information that PGPnet displays for each log entry Column Time Event Address Message Description Date and time error occurred in format mm dd yy hh mm ss AM or PM Type of event Service IKE IPSec PGP or System error IP address of the remote host Text that describes the type of error for example Unable to establish Security Association with peer User s Guide 171 PGPnet Virtual Private Networking Using the Hosts Panel The Hosts panel displays secure gatewa
90. NOTE Commercial data recovery companies have been known to recover data that has been over written up to 9 times PGP uses highly sophisticated patterns during each wipe to ensure that your sensitive data cannot be recovered 5 Click Next to continue The Perform Wipe dialog box opens as shown in Figure 5 6 and displays statistical information about the drive or volume you selected Wipe Free Space Perform Wipe x m Disk Statistics for Drive E 5 File System FAT 16 Number of Clusters 65505 Sectors per Cluster 64 Bytes per Sector 512 Total Capacity 2096160 K Pass 1 3 r Press Begin Wipe button to start wiping Begin Wipe Schedule Cancel Figure 5 6 Free Space Wiper Perform Wipe dialog box 6 Click the Begin Wipe button to start freespace wiping your disk or volume The PGP Free Space Wiper scans and then wipes leftover fragments from your disk or volume 7 When the wipe session ends click Finish z4 WARNING Clicking Cancel during file wipe can leave remains of the file on your computer User s Guide 101 Using PGP for Secure File Storage Scheduling Free Space Wiper You can use the Windows Task Scheduler to schedule periodic secure wiping of freespace on your disks IMPORTANT To use this scheduling feature you must have the Windows Task Scheduler installed on your system If you do not have the Task Scheduler installed on your system you can d
91. Name Enter a descriptive name Mode IKE Client Link Type Trusted IP Address Enter the IP address of the host or subnet behind the firewall that will be participating in the VPN generally you would be configuring a subnet here so that you aren t restricted to accessing just one computer Use IP Range Unchecked Net Mask Enter the subnet mask of the subnet entered in the IP Address field or 255 255 255 255 if the IP address in the IP Address field is a host and not a subnet NOTE The IP address and netmask information you enter here for the host or subnet you are configuring must also be entered in PGPnet Replay Check Unchecked Link Status Enabled 210 PGP Desktop Security Creating a VPN with PGPnet 4 Click Next to move to next screen On the Gauntlet Firewall for UNIX click Link Details The IKE screen displays This screen is called Edit IKE Configuration on the Gauntlet Firewall for UNIX IKE Phase SA _ Phase Il SA lt gt Hash hs Encapsulation Tunnel 7 Encryption TripleDES 7 Encryption TripleDES x Authentication Certificate Based zl Authentication HMAC MD5 x Common Name PFS Off wi Phase Lifetime 480 min Phase II Lifetime 1480 min DH Group 1024 Bit 7 Transfer Limit Mbytes e E Use the following settings Phase I SA Hash MD5 Encryption TripleDES Authentication Certificate Based Common Name On the Gauntlet Fi
92. OK 6 If you are adding an IPSec proposal select the appropriate Diffie Hellman setting None 1024 and 1536 in the Perfect Forward Secrecy setting All IPSec proposals use the same Diffie Hellman setting 7 Click OK Editing an IKE or IPSec proposal To edit an IKE or IPSec proposal 1 Display the Options window View gt Options 2 Click the Advanced tab 3 Select the Proposal 4 Click Edit 5 Make the appropriate changes in the IKE or IPSec Proposal popup window 6 Click OK on the popup window 7 Review the setting displayed in the Perfect Forward Secrecy box Note that all IPSec proposals use the same Diffie Hellman setting Change the setting if required 8 Click OK on the Advanced panel IKE Proposal 127 xi Authentication Hash SHA 7 Cipher cast x Diffie Hellman i024 bits z Figure 8 13 IKE Proposal Dialog User s Guide 199 PGPnet Virtual Private Networking IPSEC Proposal 1 x MEP Hash SHA z Cipher cast 7 T IPPCP Compression LZS 7 Conce Figure 8 14 IPSec Dialog Removing an IKE or IPSec proposal To remove an IKE or IPSec proposal 1 Display the Options window View gt Options 2 Click the Advanced tab 3 Click the proposal 4 Click Remove 5 Click OK Reordering IKE or IPSec proposals To reorder IKE or IPSec proposals 1 Display the Options window View gt Options 2 Click the Advanced ta
93. Open PGP Options then click the Servers tab 2 Click the New button The Add New Server dialog box appears as shown in Figure 6 15 Add New Server HEI Server Infcemation Protocol LOAP Server Name server co Pot 339 Server Key poo Serves Keys for Domain C Ary Boman Figure 6 15 Add New Server dialog box 3 Inthe Protocol box select a protocol to use to access the server Your options are LDAP LDAPS and HTTP 4 Inthe Server Name box enter the domain name or IP address of the server For example server company com or 123 445 67 5 Type the port number of the server in the Port box For example 11371 is used for old style HTTP certificate server 389 is commonly used for LDAP certificate servers 6 The Server Key box is for LDAPS servers The server key is used by the server to authenticate the connection Key information is not displayed until you connect to the server 7 Select the Any Domain option to allow PGP to send keys from any domain to this key server This option is enabled by default 132 PGP Desktop Security Managing Keys and Setting PGP Options If you want PGP to send only keys from a specific domain to this key server select the option below Any Domain Then enter the domain name in the space provided For example if you specify the domain company com only those keys whose email address ends in company com will be sent to this server 8 Select the List in Search Window ch
94. P Microsoft Exchange Outlook Plugin 135K Description This component includes the core program cere files for PG Pret Virtual Private Networking Desktop Security Space Required 13851 K Space Available 1285312 K Figure 1 1 PGP Select Components dialog box 9 Clear the components that you do not want to install By default each option is selected Your installation options are e PGP Key Management required This item installs the PGP program You must install the Key Management utilities PGPnet Select this option to install the PGPnet program PGPnet a Virtual Private Network VPN is an easy to use encryption application that allows you to communicate securely and economically with other PGPnet users on your own corporate intranet and with users throughout the world e PGP Eudora Plug in Select this option if you want to integrate PGP functionality with your Qualcomm Eudora email program PGP version 6 5 1 supports Eudora versions 3 05 and later User s Guide 23 Installing PGP 10 11 12 13 e PGP Microsoft Exchange Outlook Plug in Select this option if you want to integrate PGP functionality with your Microsoft Exchange Outlook email program PGP version 6 5 1 supports Outlook 97 and 98 e PGP Microsoft Outlook Express Plug in Select this option if you want to integrate PGP functionality with your Microsoft Outlook Express email program PGP version 6 5 1 supports the version that
95. P doesn t leave it in memory for very long But we don t make any guarantees This swap file can be accessed by anyone who can get physical access to your computer If you are concerned about this problem you may be able to solve it by obtaining special software that overwrites your swap file Another possible cure is to turn off your operating system s virtual memory feature Microsoft Windows allows this and so does the Mac OS Turning off virtual memory may mean that you need to have more physical RAM chips installed in order to fit everything in RAM User s Guide 249 Phil Zimmermann on PGP Physical security breach A physical security breach may allow someone to physically acquire your plaintext files or printed messages A determined opponent might accomplish this through burglary trash picking unreasonable search and seizure or bribery blackmail or infiltration of your staff Some of these attacks may be especially feasible against grass roots political organizations that depend ona largely volunteer staff Don t be lulled into a false sense of security just because you have a cryptographic tool Cryptographic techniques protect data only while it s encrypted direct physical security violations can still compromise plaintext data or written or spoken information This kind of attack is cheaper than cryptanalytic attacks on PGP Tempest attacks Another kind of attack that has been used by well equipped oppo
96. Remove Organization Unit Name Accounting Department Country SA State Any State Street Address Any Street Zip Code 95054 Cancel Figure 3 8 Certificate Attributes Dialog Box 2 Verify the certificate attributes use the Add Edit and Remove buttons to make any required changes and click OK The PGP Enter Passphrase dialog box appears 3 Enter the passphrase for your keypair then click OK User s Guide Making and Exchanging Keys The PGP Server Progress bar appears as shown in Figure 3 9 PGP Server Progress Looking for server https 111 222 39 44 12444 Figure 3 9 PGP Server Progress Bar The certificate request is sent to the CA server The server authenticates itself to your computer and accepts your request Your company s PGP or PKI administrator verifies your information in the request The identifying information and public key are assembled and then digitally signed with the CA s own certificate to create your new certificate The administrator sends you an email message stating that your certificate is ready for retrieval 4 Retrieve your certificate and add it to your keypair To do this follow these steps 1 In PGPkeys select the PGPkey for which you made the certificate request 2 On the Server menu select Retrieve Certificate PGP contacts the CA server and automatically retrieves your new X 509 certificate and adds it to your PGPkey 3 If you are running PGPnet set
97. Unmount PGPdisk from the PGPdisk File menu Other ways to unmount a PGPdisk volume include e click Unmount on the PGPdisk toolbar e right click on the drive letter in Windows Explorer and e right click on the volume file Once a volume is unmounted its contents are locked in the encrypted file associated with the volume The contents of the volume are stored in the encrypted file and its contents remain inaccessible until the volume is once again mounted It may help to view PGPdisk volumes as a window that provides a view to the data in the encrypted file The contents of a PGPdisk volume file only become available when the file is mounted as a volume by someone who knows a valid passphrase User s Guide 147 PGPdisk Specifying Preferences The Preferences button on the PGPdisk toolbar allows you to specify how you prefer to unmount and create your volumes To specify Preferences 1 Click Preferences on the PGPdisk toolbar or select Preferences from the File menu The Preferences dialog box appears 2 Select the desired options by clicking the appropriate tabs and checkboxes Auto Unmount tab Auto unmount after 15 minutes of inactivity When checked this option causes PGPdisk to automatically unmount any mounted PGPdisk volumes when your computer is inactive for the number of minutes in the box You can set this value from 1 to 999 minutes NOTE PGPdisk cannot automatically unmount a PGPdisk volume
98. VPN looks like this Internal network System with Gauntlet Firewall Host PGPnet with GVPN Host VPN client Gateway host Host User s Guide 205 Creating a VPN with PGPnet Some Firewall Terms The following firewall terms are important to know when establishing a VPN with a Gauntlet Firewall 206 Pre shared secret and certificate based authentication Gauntlet Firewalls support two methods of authentication pre shared secret where the person or persons configuring the link use an agreed upon passphrase to authenticate and certificate based authentication where both devices in the link exchange certificates to authenticate Trusted and private links With a trusted link data coming from the VPN client bypasses proxies on the firewall and goes directly to the intended destination You are bypassing the security features of the firewall so only do this if the VPN client is completely trusted that is a member of your organization A private link does not bypass the proxies which means that the VPN client must authenticate to the firewall in order to gain access to the intended destination Internal and external interfaces Firewalls have two physical interfaces one goes to the Internet the outside world the other goes to the internal network
99. Your data reaches its final destination intact PGPnet includes features that allow you to communicate with unconfigured hosts that is hosts that have not been added to the PGPnet host list and also to require secure communications with all hosts User s Guide 187 PGPnet Virtual Private Networking 188 Allow communications with unconfigured hosts and Require secure communications with all hosts Use these two settings to control who you communicate with and to minimize the number of systems that you are required to add to the hosts list If most of the systems that you communicate with are not running PGPnet use the wizard to add the few secure hosts to the hosts list and check the Allow communications with unconfigured hosts setting This will allow you to communicate with both the secure hosts that you have identified in the hosts list and all other hosts If most of the systems that you communicate with are running PGPnet use the wizard to add the few insecure hosts to the hosts list as insecure hosts and check the Require secure communications with all hosts setting This will allow you to communicate with both the insecure hosts that you have identified in the hosts list and all other IPSec compliant hosts Allow communications with unconfigured hosts Use this feature View gt Options gt General to send and receive data that is not confidential or sensitive to and from hosts that are not configured in PGPnet
100. ach shareholder s fingerprint and sign their public key to ensure that the authenticating key is legitimate Click Confirm to accept the share file Continue collecting key shares until the value for Total Shares Collected matches the value for Total Shares Needed in the Key Shares Collection dialog box Click OK The file is signed or decrypted with the split key To send your key share over the network 1 When you are contacted by the person who is rejoining the split key make sure that you have these items your key share file and password your keypair for authentication to the computer that is collecting the key shares a network connection User s Guide 97 Using PGP for Secure File Storage the IP address or Domain Name of the rejoining computer collecting the key shares 2 Select Send Key Shares on the PGPkeys File menu The Select Share File dialog box appears 3 Locate your key share and then click Open The PGP Enter Passphrase dialog box appears 4 Enter your passphrase and then click OK The Send Key Shares dialog box appears as shown in Figure 5 5 Send Key Shares BEI Share File Beth Shares fi r Remote Address fiza 123f 23 12 Network Status Not Connected Authenticated Send Shares Cancel Figure 5 5 Send Key Shares dialog box 5 Enter the IP address or the Domain Name of the rejoining computer in the Remote Address text box then click Send Shares The status of
101. aking and Exchanging Keys Making a key pair Unless you have already done so while using another version of PGP the first thing you need to do before sending or receiving encrypted and signed email is create a new key pair A key pair consists of two keys a private key that only you possess and a public key that you freely distribute to those with whom you correspond You generate a new key pair from PGPkeys using the PGP Key Generation Wizard which guides you through the process NOTE If you are upgrading from an earlier version of PGP you have probably already generated a private key and have distributed its matching public key to those with whom you correspond In this case you don t have to make a new key pair as described in the next section Instead you specify the location of your keys when you run the PGPkeys application You can go to the Files panel of the Options dialog box and locate your keyring files at any time To create a new key pair 1 Open PGPkeys You can open PGPkeys by e clicking Start gt Programs gt PGP gt PGPkeys e clicking the PGPtray icon in the System tray then clicking PGPkeys Or e clicking a in your email application s toolbar 40 PGP Desktop Security Making and Exchanging Keys PGPkeys appears as shown in Figure 3 2 49 PGPkeys lolx File Edit View Keys Server Groups Help S Ay2ARerk SH m Ge Abe lt abe company com gt Ge Beth lt beth c
102. all of the procedures you are likely to perform Many of the dialog boxes also have context sensitive help which you access by clicking the question mark in the right corner of the window and then pointing to the area of interest on the screen A short explanation appears 38 PGP Desktop Security Making and Exchanging Keys This chapter describes how to generate the public and private key pairs that you need to correspond with other PGP users It also explains how to distribute your public key and obtain the public keys of others so that you can begin exchanging private and authenticated email Key concepts PGP is based on a widely accepted and highly trusted public key encryption system as shown in Figure 3 1 by which you and other PGP users generate a key pair consisting of a private key and a public key As its name implies only you have access to your private key but in order to correspond with other PGP users you need a copy of their public key and they need a copy of yours You use your private key to sign the email messages and file attachments you send to others and to decrypt the messages and files they send to you Conversely you use the public keys of others to send them encrypted email and to verify their digital signatures public lt private key Memo Memo Confidential Confidential encryption decryption plaintext ciphertext plaintext Figure 3 1 Public Key Cryptography diagram User s Guide 39 M
103. ame represented by one of four icons a aa 6 encrypted with encrypted with self decrypting self extracting standard output text output archive output archive output If you are encrypting or signing a folder the output may be in a new folder depending on the options you selected Using PGPtray to decrypt and verify If the email you receive has file attachments and you are not using a PGP MIME compliant email application you must decrypt them from the Windows clipboard To decrypt and verify files using PGPtray 1 Inthe Windows Explorer select the file or files that you want to decrypt and verify 2 Choose Decrypt Verify from PGPtray The passphrase dialog box appears as shown in Figure 5 2 PGP Enter Passphrase for a Listed Key 21 x Message was encrypted to the following public key s Jack lt jack company com gt DSS 1024 Enter passphrase for your private key M Hide Typing Figure 5 2 Passphrase dialog box 3 Enter your passphrase and then click OK The file is decrypted If it has been signed a message appears indicating whether the signature is valid User s Guide 93 Using PGP for Secure File Storage If the text file is encrypted with Secure Viewer enabled an advisory message appears Click OK to continue The decrypted text appears ona secure PGP screen in a special TEMPEST attack prevention font 4 You can save the message in its decrypted state or you can save the original enc
104. an now set hotkey combinations for the Encrypt Decrypt Sign functions e Fingerprint word list When verifying a PGP public key fingerprint you can now choose to view the fingerprint as a word list instead of hexadecimal characters The word list in the fingerprint text box is made up of special authentication words that PGP uses and are carefully selected to be phonetically distinct and easy to understand without phonetic ambiguity 14 PGP Desktop Security Preface e HTTP Proxy Support If your computer is behind a corporate firewall with an HTTP proxy server PGP now supports accessing HTTP certificate servers through the proxy e Smart Word Wrapping The word wrapping in PGP now automatically rewraps paragraphs and even quoted paragraphs resulting in much cleaner signed messages PGP Command Line PGP Command Line is now included with Desktop Security The command line version of PGP allows for two broad types of applications transferring information securely between batch servers and integration into automated processes How to contact Network Associates Customer service To order products or obtain product information contact the Network Associates Customer Care department at 31 20 5866100 or write to the following address Network Associates International BV Gatwickstraat 25 1043 GL Amsterdam Netherland Technical support Network Associates is famous for its dedication to customer satisfaction We have con
105. anel showing Figure 6 10 PGP Options BE General Fies Email Hotkeys Servers CA Advanced m Encrypti IV Faster key generation MV Cache decryption passphrases for foo 02 00 I Cache signing passphrases for 0 02 00 a Comment eee block optional File Wiping IV Warn before wiping Number of passes 8 4 Cancel Help Figure 6 10 PGP Options dialog box General panel 3 Select general encryption settings from the General panel Your options are e Always Encrypt to Default Key When this setting is selected all the email messages and file attachments you encrypt with a recipient s public key are also encrypted to you using your default public key It is useful to leave this setting turned on so that you have the option of decrypting the contents of any email or files you have previously encrypted User s Guide 123 Managing Keys and Setting PGP Options 124 Faster Key Generation When this setting is selected less time is required to generate a new Diffie Hellman DSS key pair This process is speeded up by using a previously calculated set of prime numbers rather than going through the time consuming process of creating them from scratch each time a new key is generated However remember that fast key generation is only implemented for the fixed key sizes above 1024 and below 4096 provided as options when you create a key and is not used if you enter so
106. anging your 201 new PGPdisk volumes 138 new features in PGP 14 NIC 201 non repudiation definition 267 NSA 230 O obtaining others public keys 70 to 73 one way hash definition 267 options 133 advanced 133 CA 133 encryption 123 HotKey 128 key generation 124 key server 130 setting 122 overviews key concepts 39 keyrings 27 private keys 27 P passphrase definition 267 passphrases caching between logins 190 Change Passphrase 110 changing 56 compromised 246 creating master 139 141 creating strong 139 forgotten 52 122 remembering 139 setting 43 suggestions for 44 77 password definition 267 peer to peer communication transport mode 161 User s Guide 281 Index PGP symmetric algorithms 231 troubleshooting 217 using from PGPtools window 35 using from the Clipboard 34 using from the Finder 33 using from the System tray 34 using with supported email applications vulnerabilities 246 PGP algorithms CAST 231 IDEA 231 Triple DES 231 PGP CommandLine 24 PGP compression 233 PGP Desktop Security compatibility 20 Macintosh 22 platforms supported 19 system requirements 19 upgrading from a previous version 20 upgrading from Network Associates 20 upgrading from ViaCrypt 20 versions of Desktop Security compatible 20 PGP Eudora 23 PGP Free Space Wiper using 100 PGP Key Wizard creating key pairs 30 using to create key pairs 40 PGP keys using to authenticate a connection 192 using to establish an SA 17
107. application that is not supported by the PGP plug ins you will decrypt and verify your email messages via PGPtray In addition if your email includes encrypted file attachments you must decrypt them separately via PGPtools or PGPtray To decrypt and verify from supported email applications 1 Open your email message just as you normally do You will see a block of unintelligible ciphertext in the body of your email message 2 Copy the cipher text to the Clipboard 3 To decrypt and verify the message click the locked envelope icon p To decrypt and verify attached files decrypt them separately using PGPtools or PGPtray The PGP Enter Passphrase dialog box appears as shown in Figure 4 5 asking you to enter your passphrase PGP Enter Passphrase for Selected Key 21x Signing key Philip R Zimmermann lt prz pap com gt DSS 1024 x Please enter your passphrase M Hide Typing a Cocer Figure 4 5 Signing Key Passphrase dialog box 4 Enter your passphrase then click OK The message is decrypted If it has been signed and you have the senders public key a message appears indicating whether the signature is valid If the message is encrypted with the Secure Viewer option enabled an advisory message appears Click OK to continue The decrypted message appears on a secure PGP screen in a special TEMPEST attack prevention font 5 You can save the message in its decrypted state or you can save the original en
108. ards Why not submit to drug testing on demand Why require a warrant for police searches of your house Are you trying to hide something If you hide your mail inside envelopes does that mean you must be a subversive or a drug dealer or maybe a paranoid nut Do law abiding citizens have any need to encrypt their email What if everyone believed that law abiding citizens should use postcards for their mail If a nonconformist tried to assert his privacy by using an envelope for his mail it would draw suspicion Perhaps the authorities would open his mail to see what he s hiding Fortunately we don t live in that kind of world because everyone protects most of their mail with envelopes So no one draws suspicion by asserting their privacy with an envelope There s safety in numbers Analogously it would be nice if everyone routinely used encryption for all their email innocent or not so that no one drew suspicion by asserting their email privacy with encryption Think of it as a form of solidarity Until now if the government wanted to violate the privacy of ordinary citizens they had to expend a certain amount of expense and labor to intercept and steam open and read paper mail Or they had to listen to and possibly transcribe spoken telephone conversation at least before automatic voice recognition technology became available This kind of labor intensive monitoring was not practical on a large scale It was only done in important ca
109. associated with this gateway To do so click the radio button next to Yes If you do not want to create a new host or subnet click the radio button next to No Click Next To create a new host go to Step 2 on page 177 To create anew subnet go to Step 2 on page 179 Ifyou elected not to create a host or subnet at this time click Finish Adding a host behind a configured gateway Use PGPnet s Add Host wizard to add a secure host behind a configured gateway to the host list 1 In the PGPnet main window click the Hosts tab 2 Select the configured gateway and click Add PGPnet displays the Add Host wizard Read the first screen and click Next 3 The wizard asks if you want to create a new host entry for a computer or subnet accessed through the selected gateway To do so select Yes and then click Next 4 The wizard asks you to select the type of communication you want to configure Select Host and then click Next To add a secure host see Adding a host on page 177 To add an insecure host go to Step 5 User s Guide 181 PGPnet Virtual Private Networking 5 The wizard asks if you want to add a secure or insecure host Select Allow insecure communications and click Next Enter a descriptive name for the computer with which you want to communicate Click Next Enter either the host domain name or the IP address for the host Click Next The wizard searches for your entry If the wizard is unable
110. b 3 Select the proposal 4 To move the proposal up click Move Up To move the proposal down click Move Down 5 Click OK 200 PGP Desktop Security PGPnet Virtual Private Networking Default Settings button Use this button to restore the default settings for all fields on this screen In most cases the default settings will be sufficient to establish SAs and use PGPnet Set Adapter Changing your secure network interface When you install PGPnet you select the network interface on your computer that you want to secure Your network interface is usually an Ethernet card or a Dialup or Remote Access WAN adapter representing your modem Use PGPnet s Set Adapter function Start gt Programs gt PGP gt Set Adapter in the following circumstances e When you want to secure a different network interface e When your machine reviews your network protocol and adapter bindings When this occurs PGPnet advises you to reboot your system and run PGPnet s Set Adapter function to resecure a network interface To secure a different network interface Windows 95 98 1 Select Set Adapter from the Start menu Start gt Programs gt PGP gt Set Adapter The PGPnet Set Adapter dialog is displayed on your screen listing all other adapters 2 Select the appropriate network interface and click OK PGP prompts you to reboot your machine PGPnet Set Adapter Baj Please select the network adapter you want secure
111. bits or enter a custom key size from 1024 to 4096 bits 6 Indicate the start date on which you want your subkey to activate 7 Indicate when you want your subkey to expire You can either use the default selection which is Never or you can enter a specific date after which the subkey will expire 8 Click OK The Passphrase dialog box appears 9 Enter your passphrase and then click OK Your new subkey is listed in the Subkey window 50 PGP Desktop Security Making and Exchanging Keys Adding a new user name or address to your key pair You may have more than one user name or email address for which you want to use the same key pair After creating a new key pair you can add alternate names and addresses to the keys You can only add a new user name or email address if you have both the private and public keys To add a new user name or address to your key 1 2 Open PGPkeys Select the key pair for which you want to add another user name or address Choose Add Name from the Keys menu The PGP New User Name dialog box appears Figure 3 6 PGP New User Name 17 xi New name to add to key Elizabeth New email address to add to key elizabeth company com OK Cancel Figure 3 6 PGP New User Name dialog box Enter the new name and email address in the appropriate fields and then click OK The PGP Enter Passphrase dialog box appears Enter your passphrase then click OK The new name is adde
112. by teams of cryptographers with distinguished reputations For the cryptographically curious all three ciphers operate on 64 bit blocks of plaintext and ciphertext CAST and IDEA have key sizes of 128 bits while Triple DES uses a 168 bit key Like Data Encryption Standard DES any of these ciphers can be used in cipher feedback CFB and cipher block chaining CBC modes PGP uses them in 64 bit CFB mode lincluded the CAST encryption algorithm in PGP because it shows promise as a good block cipher with a 128 bit key size it s very fast and it s free Its name is derived from the initials of its designers Carlisle Adams and Stafford Tavares of Northern Telecom Nortel Nortel has applied for a patent for CAST but they have made a commitment in writing to make CAST available to anyone on a royalty free basis CAST appears to be exceptionally well designed by people with good reputations in the field The design is based on User s Guide 231 Phil Zimmermann on PGP 232 a very formal approach with a number of formally provable assertions that give good reasons to believe that it probably requires key exhaustion to break its 128 bit key CAST has no weak or semiweak keys There are strong arguments that CAST is completely immune to both linear and differential cryptanalysis the two most powerful forms of cryptanalysis in the published literature both of which have been effective in cracking DES CAST is too new to have develo
113. by using your correct email address you and others can take advantage of the plug in feature that automatically looks up the appropriate key on your current keyring when you address mail to a particular recipient Some Corporate Signing Keys and Additional Decryption Keys have no use for an email address because they do not represent individuals User s Guide 41 Making and Exchanging Keys 42 5 Click Next to advance to the next dialog box The Key Generation Wizard asks you to select a key type Select a key type either Diffie Hellman DSS or RSA and then click Next NOTE If your version of PGP does not support RSA this step may not be available to you For more information about RSA support see the WhatsNew file that accompanies the product Earlier versions of PGP use an older technology referred to as RSA to generate keys With PGP Version 5 0 and above you have the option of creating a new type of key based on the improved Elgamal variant of Diffie Hellman technology e Ifyou plan to correspond with people who are still using RSA keys you might want to generate an RSA key pair that is compatible with older versions of the program e Ifyou plan to correspond with people who have PGP Version 5 0 or later you can take advantage of the new technology and generate a pair of Diffie Hellman DSS keys e Ifyou want to exchange email with all PGP users make an RSA key pair and a Diffie Hellman DSS key pair
114. ccess WAN Wrapper or Dialup Adapter User s Guide 173 PGPnet Virtual Private Networking 174 3 After installing PGPnet reboot both systems 4 Verify that each system has an authentication key set in the PGP Authentication section of the Authentication panel View gt Options gt Authentication 5 Exchange sign and validate the public keys that each system is using for authentication For more information see Chapter 2 Using PGP amp TIP For scalability use a trusted third party or CA for this 6 Atleast one user must create an entry in PGPnet s host list for the other system You must know the other system s host name or IP address Verify that the entry identifies the host as a secure host if the host is secure the icon next to the host entry on the Hosts panel displays a computer with a lock 7 Select the host s entry on the Hosts panel and click Connect If the connection is successful a green dot appears in the SA column Establish an SA using X 509 certificates authentication Follow the steps below to establish an SA with another host using an X 509 certificate for authentication To establish an SA with another host using an X 509 certificate for authentication 1 Verify that each system has a network connection 2 Install PGPnet on both systems During installation you must select the appropriate network adapter for PGPnet For example if the network connection is via
115. chments are automatically encrypted Some email applications cannot support this feature Sign new messages by default If you enable this setting all of your email messages and file attachments are automatically signed Some email applications cannot support this feature This setting has no effect on other signatures you add from the clipboard or with Windows Explorer User s Guide 127 Managing Keys and Setting PGP Options e Automatically decrypt verify when opening messages If you enable this setting all of your email messages and file attachments that are encrypted and or signed are automatically decrypted and verified Some email applications cannot support this feature e Always use Secure Viewer when decrypting If you enable this setting all of your decrypted email messages are displayed in the Secure Viewer window with a special TEMPEST attack prevention font For more information about TEMPEST attacks see Vulnerabilities on page 246 e Word wrap clear signed messages at column This setting specifies the column number where a hard carriage return is used to wrap the text in your digital signature to the next line This feature is necessary because not all applications handle word wrapping in the same way which could cause the lines in your digitally signed messages to be broken up in a way that cannot be easily read The default setting is 70 which prevents problems with most applications z4 WARNING If
116. convenient to add your public key to their public keyring Making your public key available through a certificate server The best method for making your public key available is to place it on a public certificate server where anyone can access it That way people can send you email without having to explicitly request a copy of your key It also relieves you and others from having to maintain a large number of public keys that you rarely use There are a number of certificate servers worldwide including those offered by Network Associates Inc where you can make your key available for anyone to access Your Security Officer will usually pre configure your keyserver settings so that everything works correctly for your site To send your public key to a certificate server 1 Connect to the Internet 2 Open PGPkeys 3 Select the icon that represents the public key you want to post on the certificate server 4 Open the Server menu then select the certificate server you want to post on from the Send To submenu PGP lets you know that the keys are successfully uploaded to the server 66 PGP Desktop Security Making and Exchanging Keys Once you place a copy of your public key on a certificate server you can tell people who want to send you encrypted data or to verify your digital signature to get a copy of your key from the server Even if you don t explicitly point them to your public key they can get a copy by searching the c
117. crypted version so that it remains secure PGP Desktop Security Sending and Receiving Secure Email NOTE Messages encrypted with the Secure Viewer option enabled cannot be saved in their decrypted state To decrypt and verify from non supported email applications 1 Open your email message just as you normally do You will see a block of unintelligible ciphertext in the body of your email message 2 In PGPtray select Decrypt Verify If the email message includes encrypted file attachments decrypt them separately with PGPtools or PGPtray The PGP Enter Passphrase dialog box appears as shown in Figure 4 5 asking you to enter your passphrase 3 Enter your passphrase then click OK The message is decrypted If it has been signed a message appears indicating whether the signature is valid If the message is encrypted with Secure Viewer enabled an advisory message appears Click OK to continue The decrypted message appears on a secure PGP screen in a special TEMPEST attack prevention font 4 Youcan save the message in its decrypted state or you can save the original encrypted version so that it remains secure NOTE Messages encrypted with the Secure Viewer option enabled cannot be saved in their decrypted state User s Guide 87 Sending and Receiving Secure Email 88 PGP Desktop Security Using PGP for Secure File Storage This chapter describes how to use PGP
118. cure gateway NOTE Communication with a secure host behind a secure gateway requires Version 5 0 or greater of the Gauntlet Firewall for UNIX or Version 5 5 or greater of the Gauntlet Firewall for Windows NT To configure PGPnet for the VPN using the Add Host Wizard 1 2 Open PGPnet and select the Hosts tab On the Hosts tab click the Add button The Add Host Wizard displays Read the text on the screen and then click Next Select Gateway for the type of host then click Next Because you want to communicate with a host behind a firewall you must configure the gateway host the firewall first then the host behind the firewall Enter a descriptive name for the gateway host then click Next Enter the IP address of the gateway host this is the IP address of the firewall s external interface then click Next Check Use public key cryptographic security only then click Next You will be asked if you want to add a host or subnet entry now Check Yes then click Next Make the appropriate selection Host or Subnet then click Next This is the host or subnet behind the firewall that you want to communicate with User s Guide 213 Creating a VPN with PGPnet 214 IMPORTANT You must configure the same thing Host or Subnet here in PGPnet as you did when configuring the Gauntlet Firewall For example if you entered the IP address and subnet mask of a subnet in Step 3 of the procedur
119. d Dial Up Adapter Cancel Help Figure 8 15 Set Adapter Selection Dialog 3 Reboot your machine this is mandatory for any network functionality to occur User s Guide 201 PGPnet Virtual Private Networking To secure a different network interface Windows NT 1 Select Set Adapter from the Start menu Start gt Programs gt PGP gt Set Adapter The PGPnet Set Adapter dialog is displayed on your screen Read the text in the dialog 2 To secure a different network interface click OK PGP reviews your machine s bindings and unbinds itself from the adapter it is currently bound to PGPnet Set Adapter x i PGPnet is already securing a network card on your system If you wish to change the network card that is being secured press OK This will cause PGPnet to remove its association with the currently secured card however before you will be able to secure a new network card you will have to reboot Note After rebooting Set Adapter will run automatically so you can secure another network card Then a final reboot will be needed to set the new secured network card Figure 8 16 Set Adapter Dialog 3 Reboot your machine when prompted 4 On reboot Set Adapter will automatically start up again and ask you to select an adapter for PGPnet to bind to 5 Select the appropriate network interface PGP review s your machine s bindings and prompts you to reboot your machine PGP
120. d e Drag the icon representing your key pair from PGPkeys to the folder that you want the key to be saved Or User s Guide 69 Making and Exchanging Keys e Select the icon representing your key pair in PGPkeys click on the Edit menu then choose Paste to insert the key information into a text document NOTE If you are sending your key to colleagues who are using PCs enter a name of up to eight initial characters and three additional characters for the file type extension for example MyKey txt Obtaining the public keys of others Just as you need to distribute your public key to those who want to send you encrypted mail or to verify your digital signature you need to obtain the public keys of others so you can send them encrypted mail or verify their digital signatures To obtain someone s public key There are three ways you can obtain someone s public key e Get the key from a public certificate server e Add the public key to your keyring directly from an email message Or e Import the public key from an exported file Public keys are just blocks of text so they are easy to add to your keyring by importing them from a file or by copying them from an email message and then pasting them into your public keyring Getting public keys from a certificate server 70 If the person to whom you want to send encrypted mail is an experienced PGP user chances are that they have placed a copy of the
121. d by NIST Firewall a combination of hardware and software that protects the perimeter of the public private network against certain attacks to ensure some degree of security Hash function a one way hash function a function that produces a message digest that cannot be reversed to produced the original Hierarchical trust a graded series of entities that distribute trust in an organized fashion commonly used in ANSI X 509 issuing certifying authorities HTTP HyperText a common protocol used to transfer documents between Transfer Protocol servers or from a server to a client 264 PGP Desktop Security Glossary Hexadecimal IDEA International Data Encryption Standard IKE Internet Key Exchange Implicit trust Integrity Introducer IPSec ISO International Organization for Standardization Key Key escrow recovery hexadecimal describes a base 16 number system That is it describes a numbering system containing 16 sequential numbers as base units including 0 before adding a new position for the next number Note that we re using 16 here as a decimal number to explain a number that would be 10 in hexadecimal The hexadecimal numbers are 0 9 and then use the letters A F a 64 bit block symmetric cipher using 128 bit keys based on mixing operations from different algebraic groups Considered one of the strongest algorithms provides a secure means of key exchange over the Internet IKE is al
122. d by PKWare s PKZIP 2 x This ZIP compression software was selected for PGP mainly because it has a really good compression ratio and because it s fast About the random numbers used as session keys PGP uses a cryptographically strong pseudo random number generator for creating temporary session keys If this random seed file does not exist it is automatically created and seeded with truly random numbers derived from your random events gathered by the PGP program from the timing of your keystroke and mouse movements This generator reseeds the seed file each time it is used by mixing in new material partially derived from the time of day and other truly random sources It uses the conventional encryption algorithm as an engine for the random number generator The seed file contains both random seed material and random key material used to key the conventional encryption engine for the random generator User s Guide 233 Phil Zimmermann on PGP This random seed file should be protected from disclosure to reduce the risk of an attacker deriving your next or previous session keys The attacker would have a very hard time getting anything useful from capturing this random seed file because the file is cryptographically laundered before and after each use Nonetheless it seems prudent to try to keep it from falling into the wrong hands If possible make the file readable only by you If this is not possible don t let other peop
123. d enter the passphrase Click OK to prepare the computer to receive the key shares The status of the transaction is displayed in the Network Shares box When the status changes to Listening the PGP application is ready to receive the key shares At this time the shareholders must send their key shares To learn how to send key shares to the rejoining computer see To send your key share over the network on page 97 Using PGP for Secure File Storage When a key is received the Remote Authentication dialog box appears as shown in Figure 5 4 Remote Authentication BEI The remote system has authenticated with the following key at the address shawn This server is authenticating itself to you for the first time Please Confirm the use of the above authentication key or press Cancel to abort the connection r Remote Address http 4111 222 33 44 Authenticating Key 111 222 33 40 lt ann company com gt Name Fingerprint 533 ICCD 63ED D544 C048 8408 BCD4 834E Validity Invalid Valid Import Key Security Certificate 509 Signature RSA Exchange RSA Cipher TripleDES Hash SHA Cancel Figure 5 4 Remote Authentication dialog box If you have not signed the key that is being used to authenticate the remote system the key will be considered invalid Although you can rejoin the split key with an invalid authenticating key it is not recommended You should verify e
124. d features are less perceptible to non native English speakers for example some Japanese speakers might hear and pronounce r and 1 the same way It would be nice if the words were short enough that you could fit enough of them on a small LCD display Large consonant clusters corkscrew has five pronounced consonants in a row are sometimes hard to say especially to non English speakers One way or another we tried to incorporate all these criteria into a filter on the initial dictionary list or into the distance metric itself After the computer evolved the winning list we looked at it Yes the words were phonetically distinct But many of them looked like a computer picked them not a human A lot of them were just ugly and dumb Some were repugnant and some were bland and wimpy So we applied some wetware augmentation to the list Some words were deleted and replaced by some human chosen words We had the computer check the new words against the list to see if they were phonetically distant from the rest of the list We also tried to make the words not come too close to colliding phonetically with the other words in the larger dictionary just so that they would not be mistaken for other words not on the list There were a variety of selection criteria that Juola used in his algorithms He published a paper on it that goes into more detail This document is just a brief overview of how we built the list User s Gu
125. d to the end of the user name list associated with the key If you want to set the new user name and address as the primary identifier for your key select the name and address and then choose Set as Primary Name from the Keys menu User s Guide 51 Making and Exchanging Keys Adding a designated revoker 52 It is possible that you might forget your passphrase someday or lose your private key In this case you would never be able to use your key again and you would have no way of revoking your old key when you create a new one To safeguard against this possibility you can appoint a third party key revoker on your public keyring to revoke your key The third party you designate will be able to revoke your DH DSS key send it to the server and it will be just as if you had revoked it yourself To add a designated revoker to your key 1 2 3 Open PGPkeys Select the key pair for which you want to designate a revoker Select Add Revoker from the Keys menu A dialog box opens and displays a list of keys Select the key s in the User ID list that you want to appoint as a designated revoker Click OK A confirmation dialog box appears Click OK to continue The Passphrase dialog box appears Enter your passphrase then click OK The selected key s is now authorized to revoke your key For effective key management distribute a current copy of your key to the revoker s or upload your key to the server See Distrib
126. d with your public key you must first remove your key from the server make the required change then post your key back on the server If your PGP Server settings are configured to synchronize keys with the server upon adding names photos revokers to your key your key is automatically updated on the server If however your keys do not automatically synchronized with the server follow the instructions outlined below to manually update your key on the certificate server NOTE When you delete a key signature or user ID from a key it is removed and not recoverable Signatures and user IDs can be re added to a key and an imported public key can be re imported to your keyring However a private key that exists only on that keyring cannot be recreated and all messages encrypted to its public key copies can no longer be decrypted User s Guide 67 Making and Exchanging Keys 68 To remove signatures or user names associated with your key on a certificate server IMPORTANT This procedure is for removing signatures or user names associated with your key on LDAP certificate servers only Additionally the certificate server must be configured to allow this action If you do not know the type server or its configuration settings consult the certificate server administrator for your company before updating your key Open PGPkeys Choose Search from the Server menu or click El in the PGPkeys menu The PGPkey
127. data is displayed in a special TEMPEST attack prevention font that is unreadable to radiation capturing equipment For more information about TEMPEST attacks see Vulnerabilities on page 246 NOTE The Secure Viewer option may not be compatible with previous versions of PGP Files encrypted with this option enabled can be decrypted by previous versions of PGP however this feature may be ignored e Conventional Encrypt Select this option to use a common passphrase instead of public key encryption If you select this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you will be asked to choose e Self Decrypting Archive Select this option to create a self decrypting executable file If you select this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you are asked to choose The resulting executable file can be decrypted by simply double clicking on it and entering the appropriate passphrase This option is especially convenient for users who are sending encrypted files to people who do not have PGP software installed Note that sender and recipient must be on the same platform Click OK to encrypt and sign your mail If you have elected to sign the encrypted data the Signing Key Passphrase dialog box appears as shown in Figure 4 2 requesting your passphrase before the mail is sent Enter your passphrase
128. des the General panel Subkey panel and Revokers panel each of which gives you necessary information about a person s public key or the ability to create configure edit or delete attributes in your own public key The following sections describe each element in more detail To access the properties for a particular key select the desired key and then choose Properties from the Keys menu The Key Property dialog box appears as shown in Figure 6 2 Philip R Zimmermann lt prz pgp com gt 1 xi General Subkeys Revokers l ID 0xFAEBD5FC Type DH DSS Size 2048 1024 Created asp Expires Never Cipher CAST M Enabled r Eingerprint banjo pharmacy shadow pharmacy blackjack amulet drifter enchanting cowbell aggregate locale headwaters flatfoot revival gazelle breakaway wallet underfoot sterling Wilmington I7 Hexadecimal M Trust Model invalid me Valid Untrusted Trusted Figure 6 2 Key Property dialog box General panel General Key Properties panel To access the General Key Properties panel for a particular key select the desired key and then choose Properties from the Keys menu Refer to Table 6 2 General Key Properties panel attributes for a description of each attribute available in the General Key Properties panel User s Guide 109 Managing Keys and Setting PGP Options Table 6 2 General Key Properties panel attributes Key ID Key Type Key Size Created
129. description of All employees 3 Click OK to create the distribution list The group distribution list is added to your keyring and can be viewed in the Groups window To add members to a distribution list 1 In the PGPkeys window select the users or lists you want to add to your distribution list 2 Drag the users from the PGPkeys window to the desired distribution list in the Groups window NOTE Members in a distribution list can be added to other distribution lists To delete members from a distribution list 1 Within the distribution list select the member to be deleted 2 Press the DELETE key PGP asks you to confirm your choice To delete a distribution list 1 Select the distribution list to be deleted from the Groups window 2 Press the DELETE key 84 PGP Desktop Security Sending and Receiving Secure Email To add a distribution list to another distribution list 1 Select the distribution list that you want to add to another list 2 Drag the selected list into the list to which it will be added Sending encrypted and signed email to distribution lists You can send encrypted email to groups of recipients once your PGP distribution lists are created See Working with distribution lists on page 84 for more information about creating and editing distribution lists To send encrypted and signed email to a distribution list 1 4 Address the mail to your mail di
130. dress or the Domain Name of the rejoining computer in the Remote Address text box then click Send Shares The status of the transaction is displayed in the Network Status box When the status changes to Connected you are asked to authenticate yourself to the rejoining computer The Remote Authentication dialog box appears asking you to confirm that the remote computer is the one to whom you want to send your key share 6 Click Confirm to complete the transaction After the remote computer receives your key shares and confirms the transaction a message box appears stating that the shares were successfully sent 7 Click OK 8 Click Done in the Key Shares window when you have completed sending your key share User s Guide 65 Making and Exchanging Keys Distributing your public key After you create your keys you need to make them available to others so that they can send you encrypted information and verify your digital signature There are three ways in which you can distribute your public key e Make your public key available through a public certificate server e Include your public key in an email message Or e Export your public key or copy it to a text file Your public key is basically composed of a block of text so it is quite easy to make it available through a public certificate server include it in an email message or export or copy it to a file The recipient can then use whatever method is most
131. e 181 Add a subnet behind a configured gateway page 182 Adding a host NOTE To add a host behind an existing configured gateway see Adding a host behind a configured gateway on page 181 Use PGPnet s Add Host wizard to add a host entry to the host list 1 In the PGPnet main window click the Hosts tab 2 Click Add or Alt A PGPnet displays the Add Host wizard Read the first screen and click Next User s Guide 177 PGPnet Virtual Private Networking 178 3 The wizard asks if you want to add a host subnet or gateway Click Host and click Next You can elect to enforce secure communications or allow insecure communications Click the radio button next to your selection and click Next Enter a descriptive name for the computer with which you want to communicate Click Next Enter either the host domain name or the IP address for the host Click Next The wizard searches for your entry If the wizard is unable to locate your entry you must click Back return to the previous screen and re enter the name or IP address The following steps apply if you elected to enforce secure communications 7 Select the communication method that you want to use when you communicate with this machine public key cryptographic security or shared secret passphrase based security Click Next If you selected shared secret security enter the passphrase Note that both hosts must configure the same shared secret pa
132. e PGPtools to encrypt and sign your email text and attachments before sending them see To encrypt and sign text using PGPtools on page 81 User s Guide 77 Sending and Receiving Secure Email Encrypting and signing with supported email applications 78 When you encrypt and sign with an email application that is supported by the PGP plug ins you have two choices depending on what type of email application the recipient is using If you are communicating with other PGP users who have an email application that supports the PGP MIME standard you can take advantage of a PGP MIME feature to encrypt and sign your email messages and any file attachments automatically when you send them If you are communicating with someone who does not have a PGP MIME compliant email application you should encrypt your email with PGP MIME turned off to avoid any compatibility problems Refer to Table 4 1 PGP Plug in Features for a list of plug ins and their features Table 4 1 PGP Plug in Features Eudora Eudora Exchange Lotus Outlook 3 0 x 4 0 x Outlook Notes Express PGP MIME Yes Yes No No No Auto decrypt Yes No Yes Yes Yes N A Yes converts to plain Yes No Encrypt HTML text before encrypting View decrypted No Yes No Yes No HTML as an HTML document Encrypt Yes Yes Yes Yes No attachments Encrypt Sign Yes Yes Yes Yes Yes defaults To encrypt and sign with supported email applications 1 Use your email application to compose y
133. e action could not be completed due to an invalid file operation The evaluation time for PGP encrypting and signing has passed Operation aborted The keyring contains a bad corrupted PGP packet The keyring file is corrupt The message data contains a detached signature The passphrase you entered does not match the passphrase on the key The PGP library has run out of memory The specified user ID was not added because it already exists on the selected key Cause There are no private keys on your keyring The network connection to the PGP cert server or to the network share file connection has been broken The program failed to read or write data ina certain file The product evaluation time has expired The PGP message that you are working with has been corrupted or your keyring has been corrupted The program failed to read or write data ina certain file The signature for the message file is located in a separate file The passphrase you entered is incorrect The operating system has run out of memory You can t add a User ID to a key if there is one just like it already on the key Solution Generate your own pair of keys in PGPkeys Try re establishing the connection by repeating the procedure you used to start the connection If that fails check your connection to the network The file is probably corrupt Try altering your PGP Preferences to use a different
134. e described in the following sections Setting up certificate based authentication The first step in establishing the VPN is to configure both devices to use certificate based authentication Valid certificates are needed to establish trust between the two devices in the VPN To obtain valid X 509 certificates for the Gauntlet Firewall refer to the Gauntlet Firewall Global Virtual Private Network User s Guide for Windows NT or UNIX depending on which version of the Gauntlet Firewall you are using for instructions The documents came in hardcopy format with the firewall they are also on the installation CD as PDF files To obtain a valid X 509 certificate for PGPnet the VPN client you will need to retrieve the Root CA certificate from the Certification Authority CA that both devices in the VPN trust in this case your company s CA and add it to your keyring request a certificate for PGPnet from the CA and then retrieve the certificate for PGPnet once it has been issued All of these functions are done using PGPkeys To obtain a valid X 509 certificate for PGPnet the VPN client 1 Open your Web browser and connect to the CA enrollment site For example if your company uses the Net Tools PKI Server as the Certificate Authority the URL will be similar to this format https 10 0 1 54 If you don t know the URL for this site contact your PGP or PKI Administrator 2 Locate and examine the Root CA certificate User
135. e legitimate copies of each others keys The best way to be completely sure that a public key actually belongs to a particular person is to have the owner copy it to a floppy disk and then physically hand it to you However you are seldom close enough to personally hand a disk to someone you generally exchange public keys via email or get them from a public certificate server Verify with a digital fingerprint 74 You can determine if a key really belongs to a particular person by checking its digital fingerprint a unique series of numbers or words generated when the key is created By comparing the fingerprint on your copy of someone s public key to the fingerprint on their original key you can be absolutely sure that you do in fact have a valid copy of their key To learn how to verify with a digital fingerprint see Verifying someone s public key on page 114 PGP Desktop Security Making and Exchanging Keys Validating the public key Once you are absolutely convinced that you have a legitimate copy of someone s public key you can then sign that person s key By signing someone s public key with your private key you are certifying that you are sure the key belongs to the alleged user For instance when you create a new key it is automatically certified with your own digital signature By default signatures you make on other keys are not exportable which means they apply only to the key when it is on your loca
136. e or in some other location you specify this information here The location you specify will also be used to store all automatic backups of the public keyring User s Guide 125 Managing Keys and Setting PGP Options e Private Keyring File Shows the current location and name of the file where the PGP program expects to find your private keyring file If you plan to store your private keys in a file with a different name or in some other location you specify this information here Some users like to keep their private keyring ona floppy disk which they insert like a key whenever they need to sign or decrypt mail The location you specify will also be used to store all automatic backups of the public keyring e Set Random Seed Location Shows the location of the Random Seed file Some users may wish to keep their Random Seed file in a secure location to prevent tampering Given that this method of attack is very difficult and has been anticipated by PGP moving the Random Seed file from its default location is of marginal benefit 4 Click OK to save your changes and return to the PGPkeys main window or choose another tab to continue configuring your PGP options Setting email options Use the Email panel to specify the options that affect the way PGP functions are implemented for your particular email application Remember that not all of the selections may apply to your particular email application To set email options 1 Open P
137. e to configure the Gauntlet Firewall you must enter the IP address and subnet mask of the same subnet here in PGPnet 10 Check Allow insecure communications then click Next 11 Give the host or subnet you are adding a descriptive name then click Next 12 Enter the host or subnet s IP address and subnet mask if applicable then click Next This IP address information must be the same as the IP address information you entered in Step 3 of the procedure to configure the Gauntlet Firewall 13 Continue adding hosts and or subnets as necessary for your configuration When you have added all the hosts or subnets you wish select No and click Next 14 If no key has been set for authentication a screen prompting you to select your authentication key displays Click Select Certificate and select the X 509 certificate you added then click Next 15 Click Finish 16 If you specified an authentication key you will be prompted to enter your passphrase Enter your passphrase and click OK The Hosts tab displays 17 Use the default PGPnet settings unless you want to set SA expiration values found on the General tab of the Options screen PGP Desktop Security Creating a VPN with PGPnet IMPORTANT If you are establishing a VPN with a host or subnet behind a Gauntlet Firewall for Windows NT version 5 0 you must deselect CAST from the list of Allowed Remote Proposals To do this on the PGPnet menu bar pull down t
138. eS ee 168 Viewing the Status Panel 000 cee eee eee 169 Viewing the Log Panel 00 cece cece e eee eee eee eee 170 Using the Hosts Panel 200 e eee eee eee eee eee 172 The Connect and Disconnect buttons 0 00005 173 Establishing an SA 00 e eee 173 Adding a host subnet or gateway 2520000eees 176 Modifying a host subnet or gateway entry 183 Removing a host subnet or gateway entry 183 Requiring a host to present a specific key or certificate 183 Viewing the General Panel 0 000 e cece e eee eee 184 User s Guide ix Table of Contents ExpertMode Bypassingthewizardtoaddhosts gateways andsubnets 185 Cache passphrases between logins 2 055 190 Setting key expiration values 000 2c cece eee 190 Authenticating a connection 02 000 e eee eee 192 AGVanced Panne scana ia ele ete Spee ea ace a le ean See tin es 194 Allowed Remote Proposals 000eeee cence eeeeeeee 194 Proposals oo aces saies oda shane dS a ea ee wee Se 197 Set Adapter Changing your secure network interface 201 Chapter 9 Creating a VPN with PGPnet 000 ee eeeee 205 TOPOlOGY s alec cess ce i etevece eee alae eee ee aed Sw ee a eae ne eee ee ae we 205 Some Firewall Terms 002 c cece eee eee eee 206 Establishing the VPN 0 20 eee eee eee eee 207 Setting
139. eckbox if you want this key server listed in the PGPkeys Search window Setting CA options Use the CA panel to add your X 509 certificate to your PGP key Before you can add your X 509 certificate however you must first obtain the Root CA certificate from your company s certificate server For instructions on obtaining the Root CA Server certificate see Obtain and add the Root CA certificate to your PGP keyring on page 53 For detailed instructions about setting CA options and adding your X 509 certificate to your key see Adding an X 509 certificate to your PGP key on page 53 Setting advanced options Use the Advanced panel to select key encryption algorithms and key trust options PGP gives you the option to select and or change key encryption algorithms You can select the encryption algorithm for your PGP keys CAST the default IDEA or Triple DES If you want to use IDEA or Triple DES you must make the selection before you generate your keys CAST is a new algorithm in which PGP and other cryptographers have very high confidence and Triple DES is a U S Government algorithm that has withstood the test of time IDEA is the algorithm used for all RSA keys generated by PGP For more information about these algorithms see The PGP symmetric algorithms on page 231 The Preferred Algorithm choice affects the following e When using conventional encryption the preferred cipher is used to encrypt e When creati
140. ect this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you will be asked to choose Self Decrypting Archive Select this option to create a self decrypting executable file If you select this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you are asked to choose The resulting executable file can be decrypted by simply double clicking on it and entering the appropriate passphrase This option is especially convenient for users who are sending encrypted files to people who do not have PGP software installed Note that sender and recipient must be on the same platform 6 Click OK to encrypt and sign your mail If you have elected to sign the encrypted data the Signing Key Passphrase dialog box appears as shown in Figure 4 2 requesting your passphrase before the mail is sent PGP Desktop Security Sending and Receiving Secure Email PGP Enter Passphrase for Selected Key BEI Signing key Philip R Zimmermann lt prz pgp com gt DSS 1024 x Please enter your passphrase M Hide Typing a cence _ Figure 4 2 Signing Key Passphrase dialog box 7 Enter your passphrase and then click OK 4 WARNING If you do not send your email immediately but instead store it in your outbox you should be aware that when using some email applications the information is not encrypted until the email is actually transmit
141. ed by one of four icons Da D encrypted with encrypted with self decrypting self extracting standard output text output archive output archive output If you are encrypting or signing a folder the output may be in a new folder depending on the options you selected Using PGPtools to encrypt and sign To encrypt and sign using PGPtools 1 2 Open PGPtools In Windows Explorer select the file or files that you want to encrypt You can select multiple files but you must encrypt and sign each of them individually Drag the file s onto the Encrypt Sign or Encrypt and Sign button PGPtools The PGP Recipients dialog box appears as shown in Figure 5 1 Select the public keys by dragging them to the Recipients list User s Guide 91 Using PGP for Secure File Storage 5 Youcan choose from the following encryption options depending on the type of data you are encrypting Text Output When sending files as attachments with some email applications you may need to select the Text Output checkbox to save the file as ASCII text This is sometimes necessary in order to send a binary file using older email applications Selecting this option increases the size of the encrypted file by about 30 percent Wipe Original Select this checkbox to overwrite the original document that you are encrypting so that your sensitive information is not readable by anyone who can access your hard disk Secure Viewer Select th
142. ed information oddly enough Hmmm There are several modes of operation that DES can use some of them better than others The government specifically recommends not using the weakest simplest mode for messages the Electronic Codebook ECB mode But they do recommend the stronger and more complex Cipher Feedback CFB and Cipher Block Chaining CBC modes Unfortunately most of the commercial encryption packages I ve looked at use ECB mode When I ve talked to the authors of a number of these implementations they say they ve never heard of CBC or CFB modes and don t know anything about the weaknesses of ECB mode The very fact that they haven t even learned enough cryptography to know these elementary concepts is not reassuring And they sometimes manage their DES keys in inappropriate or insecure ways Also these same software packages often include a second faster encryption algorithm that can be used instead of the slower DES The author of the package often thinks his proprietary faster algorithm is as secure as DES but after questioning him I usually discover that it s just a variation of my own brilliant scheme from college days Or maybe he won t even reveal how his proprietary encryption scheme works but assures me it s a brilliant scheme and I should trust it I m sure he believes that his algorithm is brilliant but how can I know that without seeing it In fairness I must point out that in most cases these terr
143. ed to Decrypt or Sign E a Cancel Help Figure 3 12 Share Split dialog box Example By default each shareholder is responsible for one share To increase the number of shares a shareholder possesses click the name in the shareholder s list to display it in the text field below Type the new number of key shares or use the arrows to select a new amount Click Split Key A dialog box opens and prompts you to select a directory in which to store the shares Select a location to store the key shares The Passphrase dialog box appears 8 Enter the passphrase for the key you want to split and then click OK PGP Desktop Security Making and Exchanging Keys A confirmation dialog box opens 9 Click Yes to split the key The key is split and the shares are saved in the location you specified Each key share is saved with the shareholder s name as the file name and a shf extension as shown in the example below Abe 1 Beth 1 Carl 1 Daniel 1 Share shf Share shf Share shf Share shf 10 Distribute the key shares to the owners then delete the local copies Once a key is split among multiple shareholders attempting to sign or decrypt with it will cause PGP to automatically attempt to rejoin the key To learn how to rejoin a split key to sign or decrypt files Signing and decrypting files with a split key on page 94 Rejoining split keys Once a key is split among multiple shareholders atte
144. efinition 263 CRYPTOKI definition 263 Cryptosystem definition 263 Customer Care contacting 15 D data compression routines 233 Data integrity definition 263 decrypting email 29 85 files 93 from the Clipboard 34 using PGP menu 93 using PGPmenu 91 93 using PGPtray 91 93 with split keys 94 decryption definition 263 default key pair specifying 113 default settings for PGPnet 201 definition 265 Deflate compression and PGPnet 194 deleting digital signatures 120 files 99 keys 120 keys from the server 66 recipient groups 84 SAs 170 signatures from server 66 user IDs 120 using Secure Wipe 99 DES Data Encryption Standard definition 263 DES algorithm 231 Dictionary attack definition 263 Diffie Hellman definition 263 Digital cash definition 263 digital signature definition 263 User s Guide 275 Index digital signatures and authenticity 75 deleting 120 Direct trust definition 263 disabling keys 119 disclosure protecting private keys against 240 disks deleting free space 100 scheduled wiping 102 wiping 100 wiping files from 99 displaying the PGPnet Hosts panel 167 the PGPnet Log panel 167 the PGPnet Options window 167 the PGPnet Status panel 167 distributing PGPdisk volumes 150 public keys 27 your public keys 66 distribution lists adding mermbers to a group list 84 combining groups 85 creating a group 84 deleting a group 84 deleting a member 84 DNS Lookup finding a host s IP Address 185
145. eir software seems to work OK User s Guide 243 Phil Zimmermann on PGP 244 Anyone who thinks they have devised an unbreakable encryption scheme either is an incredibly rare genius or is naive and inexperienced Unfortunately I sometimes have to deal with would be cryptographers who want to make improvements to PGP by adding encryption algorithms of their own design I remember a conversation with Brian Snow a highly placed senior cryptographer with the NSA He said he would never trust an encryption algorithm designed by someone who had not earned their bones by first spending a lot of time cracking codes That made a lot of sense I observed that practically no one in the commercial world of cryptography qualifies under this criterion Yes he said with a self assured smile And that makes our job at NSA so much easier A chilling thought I didn t qualify either The government has peddled snake oil too After World War II the United States sold German Enigma ciphering machines to third world governments But they didn t tell them that the Allies cracked the Enigma code during the war a fact that remained classified for many years Even today many UNIX systems worldwide use the Enigma cipher for file encryption in part because the government has created legal obstacles against using better algorithms They even tried to prevent the initial publication of the RSA algorithm in 1977 And they have for ma
146. ence that the key actually belongs to the alleged owner the act of comparing a signature created with a private key to its public key Verification proves that the information was actually sent by the signer and that the message has not been subsequently altered by anyone else allows private networks to span from the end user across a public network Internet directly to the Home Gateway of choice such as your company s Intranet a distributed trust model used by PGP to validate the ownership of a public key where the level of trust is cumulative based on the individuals knowledge of the introducers an ITU T digital certificate that is an internationally recognized electronic document used to prove identity and public key ownership over a communication network It contains the issuer s name the user s identifying information and the issuer s digital signature as well as other possible extensions User s Guide 271 Glossary 272 PGP Desktop Security A adapter bindings setting 201 adding a host 176 to 177 185 a photo ID to a key 47 a secure gateway 176 180 185 a secure host behind a configured gateway 181 a secure subnet behind a configured gateway 182 a subnet 176 179 185 an IKE or IPSEC proposal 198 an X 509 cert an X 509 certificate to a keypair X 509 certificates adding to a key 56 combining groups 85 adding a Root CA cert 53 AES Advanced Encryption Standard definition 261 algorit
147. end to a colleague and still prevent that colleague from accessing any of your other PGPdisk files Special security precautions taken by PGPdisk PGPdisk takes special care to avoid security problems that other programs may not These include the following User s Guide 153 PGPdisk Passphrase erasure When you enter a passphrase PGPdisk uses it only for a brief time then erases it from memory PGPdisk also avoids making copies of the passphrase The result is that your passphrase typically remains in memory for only a fraction of a second This feature is crucially important if the passphrase remained in memory someone could search for it in your computer memory while you were away from the machine You would not know it but they would then have full access to any PGPdisk volumes protected by this passphrase Virtual memory protection Your passphrase or other keys could be written to disk as part of the virtual memory system swapping memory to disk PGPdisk takes care that the passphrases and keys are never written to disk This feature is important because someone could scan the virtual memory file looking for passphrases Memory Static lon Migration Protection When you mount a PGPdisk your passphrase is turned into a key This key is used to encrypt and decrypt the data on your PGPdisk volume While the passphrase is erased from memory immediately the key from which your passphrase cannot be derived remains in mem
148. ers drag their keys to this window or click Add to add a user without a key Key User Name Remove Add Total Shares p i Total Shares Required to Decrypt or Sign 2 Cancel Help Figure 3 11 Share Split dialog box 4 Add shareholders to the key pair by dragging their keys from PGPkeys to the Shareholder list in the Share Split dialog box User s Guide 59 Making and Exchanging Keys 60 To add a shareholder that does not have a public key click Add in the Share Split dialog box enter the persons name and then allow the person to type in their passphrase When all of the shareholders are listed you can specify the number of key shares that are necessary to decrypt or sign with this key In Figure 3 12 for example the total number of shares that make up the Accounting Dept key is four and the total number of shares required to decrypt or sign is three This provides a buffer in the event that one of the shareholders is unable to provide their key share or forgets the passphrase Split Key Accounting Dept BE Split Key Accounting Dept r Shareholders To add shareholders drag their keys to this window or click Add to add a user without a key Key User Name Shares E Abe lt abe company com gt E Beth lt beth company com gt E Cal lt carl company com gt bod Daniel sala eh ee Daniel fi 4 Remove Add Total Shares j Total Shares Requir
149. ertificate server for your name or email address Many people include the Web address for their public key at the end of their email messages in most cases the recipient can just double click the address to access a copy of your key on the server Some people even put their PGP fingerprint on their business cards for easier verification Updating your key on a certificate server If you ever need to change your email address or if you acquire new signatures all you have to do to replace your old key is send a new copy to the server the information is automatically updated However you should keep in mind that public certificate servers are only capable of updating new information and will not allow removal of user names or signatures from your key To remove signatures or user names from your key see Removing signatures or user names associated with your key for instructions If your key is ever compromised you can revoke it which tells the world to no longer trust that version of your key See Chapter 6 Managing Keys and Setting PGP Options for more details on how to revoke a key Removing signatures or user names associated with your key At some point you may want to remove a key a signature or a user ID associated with a particular key Public certificate servers are only capable of updating new information and will not allow removal of user names or signatures from your key To remove signatures or user names associate
150. ery limited cases where this option can be useful when communicating with users who are not using later versions of PGP This option makes a decision as to whether to encode with MacBinary based on an analysis of the actual data in the file If the file is one of the following types it will not be encoded with MacBinary thereby making it readable on a PC with any version of PGP PKzip compressed file Lempel Ziv compressed file MIDI music format file PackIt compressed file 222 PGP Desktop Security Transferring Files Between the Mac OS and Windows GIF graphics file StuffIt compressed file Compactor compressed file Arc compressed file JPEG graphics file As shown only a limited selection of files will result in a readable file by old versions of PGP on other platforms using the Smart option Any other file received on a PC with an older version of PGP will be unreadable without stripping the MacBinary encoding with a third party utility Also the file will not have the correct filename extension on the PC unless that extension was manually added by the user on the sending side Using Smart mode the resulting file may not be the same as the original when sent to a Macintosh because it may lose its creator and type codes This mode remains in the product mostly due to the fact that it was in PGP Version 5 0 and some users may only have a need to send the above file types This option is not recommended in
151. es Feature Pack Linux FreeS WAN 1 0 and many others PGPnet is also the first IPSec product to fully support the use of OpenPGP keys for authentication in addition to X 509 certificates Refer to Chapter 8 PGPnet Virtual Private Networking for more information and instructions on using PGPnet e Self Decrypting Archives PGP can now encrypt files or folders into Self Decrypting Archives SDA which can be sent to users who do not even have PGP The archives are completely independent of any application and are compressed and protected by PGP s strong cryptography e X 509 Certificate and CA Support PGP is now able to interoperate with the X 509 certificate format This is the format used by most web browsers for securing the transfer of web pages PGP supports the request of certificates from Network Associates Net Tools PKI VeriSign s OnSite and Entrust certificate authorities X 509 certificates are analogous to a PGP signature so you can even request X 509 certificates on your existing PGP key Using PGPnet this feature can be used to interoperate with existing VPN solutions based on X 509 e Automated Freespace Wiping PGP s Freespace Wipe feature now allows you to use the Windows Task Scheduler to schedule periodic secure wiping of the freespace on your disk This ensures that previously deleted files are securely wiped e Hotkeys The Use Current Window feature is significantly enhanced by the addition of Hotkeys You c
152. esignated revoker WindOW 0 200 ee eee reece ene 112 Specifying a default key pair 0 2 00 e eee eee ee 113 Verifying someone s public key 200ce cece eee eee eee 114 Signing someone s public key 2 200 cece eee eeeee 116 Granting trust for key validations 0 00 cee eee eee eee 118 Disabling and enabling keyS 000 2 cece eee eee ee eee 119 Importing and Exporting KeyS 00 e cece e eee eee eee 120 Revoking a key 220 c cece eee ences 121 Appointing a designated revoker 2 0000 e eee eens 122 Setting PGP options 0 00 cee eee 122 Setting general options 2 0 e eee eee 123 Setting file options 006 c eee 125 User s Guide vii Table of Contents Setting email options 0 c ee ee 126 Setting HotKey preferences 0 200 cece eee eee eee 128 Setting server options 00 0 eee eee eee 130 Setting CA options 0 0c ee 133 Setting advanced options 00 2c e eee eee ees 133 Chapter 7 PGPdISK S06 dcccesdeas cian etinesesaucieiadicdecsaus 135 What is PGPdisk 2 000 eee 135 PGPdisk features 6656 do wieinsae ened we tab eden dh ates 135 Why use PGPdisk 0 00 cece ee eee eee eens 136 Starting the PGPdisk program 20 00 cece eee eee eee 137 Working with PGPdisk Volumes 0000 cece eee eee eee eee 138 Creating anew PGPdisk volume
153. et Cryptography Addison Wesley Pub Co ISBN 020192480 This book describes how many Internet security protocols Most importantly it describes how systems that are designed well nonetheless end up with flaws through careless operation This book is light on math and heavy on practical information William R Cheswick and Steven M Bellovin Firewalls and Internet Security Repelling the Wily Hacker Addison Wesley Pub Co ISBN 0201633574 This book is written by two senior researcher at AT amp T Bell Labs about their experiences maintaining and redesigning AT amp T s Internet connection Very readable Advanced books Neal Koblitz A Course in Number Theory and Cryptography Springer Verlag ISBN 0 387 94293 9 An excellent graduate level mathematics textbook on number theory and cryptography Eli Biham and Adi Shamir Differential Cryptanalysis of the Data Encryption Standard Springer Verlag ISBN 0 387 97930 1 This book describes the technique of differential cryptanalysis as applied to DES It is an excellent book for learning about this technique 18 PGP Desktop Security Installing PGP This chapter describes how to install and run PGP Desktop Security for Windows software This chapter also provides a quick overview of the procedures you will normally follow in using the product Before you begin installing PGP be sure to review the system requirements outlined below System requirements To i
154. et is found or until everyone s phone line has been checked for subversive traffic The FBI says they need this capacity to plan for the future This plan sparked such outrage that it was defeated in Congress at least this time around in 1995 But the mere fact that the FBI even asked for these broad powers is revealing of their agenda And the defeat of this plan isn t so reassuring when you consider that the 1994 Digital Telephony bill was also defeated the first time it was introduced in 1993 Advances in technology will not permit the maintenance of the status quo as far as privacy is concerned The status quo is unstable If we do nothing new technologies will give the government new automatic surveillance capabilities that Stalin could never have dreamed of The only way to hold the line on privacy in the information age is strong cryptography You don t have to distrust the government to want to use cryptography Your business can be wiretapped by business rivals organized crime or foreign governments Several foreign governments for example admit to using their signals intelligence against companies from other countries to give their own corporations a competitive edge Ironically the United States government s restrictions on cryptography have weakened U S corporate defenses against foreign intelligence and organized crime User s Guide 229 Phil Zimmermann on PGP 230 The government knows what a pivotal role cr
155. exported key is saved to the named file in the specified folder location You can also obtain your Pkcs 12 X 509 private keys by exporting them from your browser and dropping them into PGPkeys or by choosing Import from the Keys menu Revoking a key If the situation ever arises that you no longer trust your personal key pair you can issue a revocation to the world telling everyone to stop using your public key The best way to circulate a revoked key is to place it on a public key server To revoke a key 1 2 3 Open PGPkeys Select the key pair you want to revoke Choose Revoke from the Keys menu The Revocation Confirmation dialog box appears Click OK to confirm your intent to revoke the selected key The PGP Enter Passphrase dialog box appears Enter your passphrase then click OK When you revoke a key it is crossed out with a red line to indicate that it is no longer valid Send the revoked key to the server so everyone will know not to use your old key User s Guide 121 Managing Keys and Setting PGP Options Appointing a designated revoker It is possible that you might forget your passphrase someday or lose your private key In which case you would never be able to use your key again and you would have no way of revoking your old key when you create a new one To safeguard against this possibility you can appoint a third party key revoker on your public keyring to revoke your key The third party you
156. ext box The word list in the fingerprint text box is made up of special authentication words that PGP uses and are carefully selected to be phonetically distinct and easy to understand without phonetic ambiguity User s Guide 115 Managing Keys and Setting PGP Options The word list serves a similar purpose as the military alphabet which allows pilots to convey information distinctly over a noisy radio channel If you d like to know more about the word hash technique and view the word list see Appendix D Biometric Word Lists Signing someone s public key When you create a set of keys the keys are automatically signed using your public key Similarly once you are sure that a key belongs to the proper individual you can sign that person s public key indicating that you are sure it is a valid key When you sign someone s public key an icon associated with your user name is shown for that key To sign someone s public key 1 Open the PGPkeys window 2 Highlight the public key that you want to sign 3 Choose Sign from the Keys menu or click Al to open the Sign Keys dialog box The Sign Keys dialog box appears Figure 6 5 with the public key and fingerprint displayed in the text box PGP Sign Key 1 1 x By signing the selected user ID s you are certifying based on your own direct first hand knowledge that the key s and attached user ID s actually belong to the identified user s Before signing make
157. ey Use this feature View gt Options gt General to control whether PGPnet verifies that the keys presented by remote hosts are valid on the local keyring e To require PGPnet to verify that the keys presented by remote hosts are valid on the local keyring make this setting active checked Use this setting if you only communicate with hosts who will use keys and certificates that are valid on your keyring e To instruct PGPnet to accept any key regardless of validity make this setting inactive unchecked Use this setting when you are running PGPnet on servers for example mail or web servers that allow connectivity with any client host The server uses the appropriate key to authenticate itself to the client host but the server accepts any key the client host presents In this case this setting is inactive unchecked for the server and active checked for the client host The client host must have the server s trusted authentication key for this scenario to work IMPORTANT When this box is inactive unchecked it overrides the Any valid key setting in the Authentication section of the Host Gateway dialog When this occurs the server accepts any key rather than any valid key However you can still use the Host Gateway dialog to require a specific key or certificate for each host For more information see Requiring a host to present a specific key or certificate on page 183 NOTE All key authe
158. ey then shows up as an icon in PGPkeys You can also obtain PKCS 12 X 509 private keys by exporting them from your browser and dropping them into PGPkeys or by choosing Import from the Keys menu User s Guide 73 Making and Exchanging Keys Verifying the authenticity of a key When you exchange keys with someone it is sometimes hard to tell if the key really belongs to that person PGP software provides a number of safeguards that allow you to check a key s authenticity and to certify that the key belongs to a particular owner that is to validate it The PGP program also warns you if you attempt to use a key that is not valid and also defaults to warn you when you are about to use a marginally valid key Why verify the authenticity of a key One of the major vulnerabilities of public key encryption systems is the ability of sophisticated eavesdroppers to mount a man in the middle attack by replacing someone s public key with one of their own In this way they can intercept any encrypted email intended for that person decrypt it using their own key then encrypt it again with the person s real key and send it on to them as if nothing had ever happened In fact this could all be done automatically through a sophisticated computer program that stands in the middle and deciphers all of your correspondence Based on this scenario you and those with whom you exchange email need a way to determine whether you do indeed hav
159. f because you must use your own private key to revoke it and you don t have it anymore If you do not have a designated revoker for your key someone specified in PGP who can revoke the key on your behalf you must ask each person who signed your key to retire his or her certification Then anyone attempting to use your key based on the trust of one of your introducers will know not to trust your public key For more information on designated revokers see the section To appoint a designated revoker in Chapter 6 Beware of snake oil When examining a cryptographic software package the question always remains why should you trust this product Even if you examined the source code yourself not everyone has the cryptographic experience to judge the security Even if you are an experienced cryptographer subtle weaknesses in the algorithms could still elude you When I was in college in the early seventies I devised what I believed was a brilliant encryption scheme A simple pseudorandom number stream was added to the plaintext stream to create ciphertext This would seemingly thwart any frequency analysis of the ciphertext and would be uncrackable even to the most resourceful government intelligence agencies I felt so smug about my achievement Years later I discovered this same scheme in several introductory cryptography texts and tutorial papers How nice Other cryptographers had thought of the same scheme Unfortunately the sc
160. f PGP for Mac OS do not have this feature The user will have to manually determine that a file named report doc is a Microsoft Word file After determining the creator application in the case of Microsoft Word one can simply use the Open dialog to open the file by selecting Show All Files from the popup menu Many other applications also have this feature but some don t If the document cannot be opened from within the application the user must find out what the appropriate Macintosh creator and type codes are for the file and manually set them with a third party utility There are many free utilities to do this Upgrading to version 6 x is probably the easiest option in this case as it eliminates this problem Supported Applications The following list of major applications produce documents which are automatically translated by PGP when sent from Windows to Mac OS and vice versa You can add items to this list by editing the PGPMacBinaryMappings txt file in the WINDOWS directory On the Mac side remove the txt suffix on the filename PGPMacBinaryMappings is located in System Folder Preferences Pretty Good Preferences e PhotoShop GIF native Photoshop documents TGA JPEG e PageMaker Versions 3 X 4 X 5 X 6 X e Microsoft Project project and template files e FileMaker Pro e Adobe Acrobat e Lotus 123 e Microsoft Word text RTF templates e PGP e Microsoft PowerPoint e Stuffit e QuickTime e Corel WordPerfect
161. for a secure subnet entry all users within that subnet must use the same key to authenticate themselves To identify a specific PGP key that the remote host must present for authentication 1 Click PGP Key 2 Select the key from the keys displayed in the pop up dialog and click OK The key is displayed in the Remote Authentication section of the Host Gateway dialog 3 Click OK 186 PGP Desktop Security PGPnet Virtual Private Networking To identify a specific X 509 certificate that the remote host must present for authentication 1 Click X 509 Certificate 2 Select the certificate from the certificates displayed in the pop up dialog and click OK The key is displayed in the Remote Authentication section of the Host Gateway dialog 3 Click OK Turning Expert Mode off To turn Expert Mode off 1 Select Options from the View menu to display the General panel 2 Click Expert Mode the checkmark disappears 3 Click OK on ToNng the security level of communications with osts Communicating securely with other hosts is one of the primary reasons to use PGPnet PGPnet s security features encryption authentication and tunneling allow you to transmit your data over the Internet or other public or private networks securely Your data is protected as it travels over networks and machines that are not under corporate control Any attempts by attackers to intercept decipher or alter the data are eliminated
162. formation about collecting key shares 5 Enter your current passphrase in the space provided then click OK The Change Passphrase dialog box appears 6 Enter your new passphrase in the first text box Press the TAB key to advance to the next text box and confirm your entry by entering your new passphrase again 7 Click OK User s Guide 57 Making and Exchanging Keys z4 WARNING If you are changing your passphrase because you feel that your passphrase has been compromised you should wipe all backup keyrings and wipe your freespace Deleting a key or signature on your PGP keyring At some point you may want to remove a key or a signature from your PGP keyring When you delete a key or signature from a key it is removed and not recoverable Signatures and user IDs can be re added to a key and an imported public key can be re imported to your keyring However a private key that exists only on that keyring cannot be recreated and all messages encrypted to its public key copies can no longer be decrypted NOTE If you want to delete a signature or user ID associated with your public key ona certificate server see Updating your key on a certificate server on page 67 for instructions To delete a key or signature from your PGP keyring 1 Open PGPkeys 2 Select the key or signature you want to delete 3 Choose Delete from the Edit menu or click in the PGPkeys toolbar The Confirmation dialog bo
163. g IP Address of 185 modifying 183 removing 183 requiring secure communication with 188 terminating an SA 173 HotKey setting options 128 278 PGP Desktop Security HotKeys What s New in PGP 14 hotkeys for unmounting volumes 148 HTTP HyperText Transfer Protocol definition 264 l icons description of 31 IDEA International Data Encryption Standard definition 265 IDEA algorithm 133 231 to 232 key size 231 IETF IKE Internet Key Exchange protocol 159 IETF IPsec protocol 159 IKE 265 IKE negotiation description 160 IKE proposal adding 198 editing 199 removing 200 reordering 200 implicit trust definition 265 importing Pkcs 12 X 509 73 121 public keys from files 73 importing private keys 73 121 initiating an SA 160 insecure hosts communicating with 161 installing PGPnet 23 Integrity definition 265 Index Internet Key Exchange definition 265 Internet Service Providers ISPs and VPNs 158 intranet using VPNs to expand 158 introducer definition 265 introducers 236 and digital signatures 237 251 description 237 trusted 236 239 IP Address finding with DNS lookup 185 IPSEC 158 IPSec definition 265 IPSEC proposal adding 198 editing 199 removing 200 reordering 200 ISO International Organization for Standardization definition 265 K key definition 265 key compromise certificate issuing 240 key escrow recovery definition 265 key exchange definition 266 key expiration
164. ge 190 e If your machine initiated an SA and the SA is about to expire PGPnet automatically initiates the negotiation of a new SA to replace the expiring SA Asa result there may be times when the Status panel displays two SAs for the same machine e When you establish an SA with another host PGPnet uses the most restrictive expiration values set by either of the two hosts As a result you may see an SA expire before your maximum expiration value is met The following table describes the information that PGPnet s Status panel displays for each SA Column Description Destination IP address of target host or gateway Protocol Type of protocol negotiated for example AH ESP or IPCOMP Encryption Type of encryption algorithm negotiated If it is an authentication only SA this column can be empty Types of encryption include TripleDES or CAST Authentication Type of authentication algorithm negotiated This column can be empty or contain one of the following HMAC MD5 or HMAC SHA If both ESP and AH protocols are used this column can contain two entries Expires Date and time that the SA expires mm dd yy hh mm ss AM or PM or displays Never if the SA s expiration is based only on MB rather than time Max Data Maximum number of MB that the SA will transport before expiring User s Guide 169 PGPnet Virtual Private Networking S amp F PGPnet Of x File View Help Log Hosts Destinati
165. hat you want to sign or decrypt with the split key Right click on the file s and select Sign or Decrypt from the PGP menu The PGP Enter Passphrase for Selected Key dialog box appears with the split key selected Click OK to reconstitute the selected key The Key Share Collection dialog box appears as shown in Figure 5 3 User s Guide 95 Using PGP for Secure File Storage 96 Key Share Collection Accounting Dept 1 1x Key Accounting Dept Key User Name Shares Abe lt abe company com 1 Beth beth company com 1 7 Carl lt carl company com 1 Total Shares Collected E Total Shares Needed p r Network Shares To receive shares securely over your Start Network network connection click the Start Network button m Local Shares To add a Share File stored on this computer click the Select Share File button OK Cancel Figure 5 3 Key Share Collection dialog box 5 Do one of the following PGP Desktop Security If you are collecting the key shares locally click Select Share File and then locate the share files associated with the split key The share files can be collected from the hard drive a floppy disk or a mounted drive Continue with Step 6 If you are collecting key shares over the network click Start Network The Passphrase dialog box opens In the Signing Key box select the keypair that you want to use for authentication to the remote system an
166. he Bill of Rights But when the United States Constitution was framed the Founding Fathers saw no need to explicitly spell out the right to a private conversation That would have been silly Two hundred years ago all conversations were private If someone else was within earshot you could just go out behind the barn and have your conversation there No one could listen in without your knowledge The right to a private conversation was a natural right not just ina philosophical sense but in a law of physics sense given the technology of the time But with the coming of the information age starting with the invention of the telephone all that has changed Now most of our conversations are conducted electronically This allows our most intimate conversations to be exposed without our knowledge Cellular phone calls may be monitored by anyone with a radio Electronic mail sent across the Internet is no more secure than cellular phone calls Email is rapidly replacing postal mail becoming the norm for everyone not the novelty it was in the past And email can be routinely and automatically scanned for interesting keywords on a large scale without detection This is like driftnet fishing User s Guide 227 Phil Zimmermann on PGP 228 Perhaps you think your email is legitimate enough that encryption is unwarranted If you really are a law abiding citizen with nothing to hide then why don t you always send your paper mail on postc
167. he View menu and select Options Click the Advanced tab and then uncheck the CAST option If you are establishing a VPN with a host or subnet behind a Gauntlet Firewall for UNIX version 5 0 you must move the IPSec proposal being used in this example MD5 Triple DES to the top of the list of IPSec proposals To do this in PGPnet pull down the View menu and select Options click the Advanced tab and find the IPSec Proposals in the ESP column click on the MD5 Triple DES listing then click the Move Up button until MD5 Triple DES is at the top of the list click OK Options General Authentication Advanced m Allowed Remote Proposals Ciphers M M TripleDES M None Hashes M SHA 1 M MD5 Diffie Hellman V 1024bits IV 1536 bits Compression M LZS V Deflate m Proposals IKE Authentication Hash Cipher DH IPSEC MDS TripleDES SHA CAST None Perfect Forward Secrecy None he Shared Key SHA CAST 1536 bits Shared Key MD5 TripleDES 1024 bits DSS Signature SHA CAST 1536 bits DSS Cimahi CUA Trinlane TODA hika Default Settings Establishing the VPN using PGPnet The final step in establishing a VPN between a system with PGPnet and a Gauntlet Firewall is to actually establish the VPN called a Security Association in PGPnet terminology using PGPnet To establish the VPN using PGPnet 1 Open PGPnet and click the Hosts tab For a VPN w
168. he first application we had envisioned was to read PGP public key fingerprints over the phone to authenticate the public key In that case the fingerprint is 20 bytes long requiring 20 words to be read aloud Experience has shown it to be fairly tedious and error prone to read that many bytes in hexadecimal so it seems worth using a word list to represent each byte by a word Some applications may require transmitting even lengthier byte sequences over the phone for example entire keys or signatures This may entail reading more than a hundred bytes Using words instead of hex bytes seems even more justified in that case When reading long sequences of bytes aloud errors may creep in The kinds of error syndromes you get on human spoken data are different than they are for transmitting data through a modem Modem errors usually involve flipped bits from line noise Error detection methods for modems usually involve CRCs to be added which are optimized for detecting line noise bursts However random sequences of spoken human words usually involves one of three kinds of errors 1 transposition of two consecutive words 2 duplicate words or 3 omitted words If we are to design an error detection scheme for this kind of data transmission channel we should make one that is optimized for these three kinds of errors Zhahai Stewart suggested a good scheme in personal conversation with me in 1991 for error detection of these errors User s Gu
169. he following table shows all of the mini icons used in the PGPkeys window along with a description of what they represent Table 2 2 PGPkeys window icons Icon Description Op A gold key and user represents your Diffie Hellman DSS key pair which consists of your private key and your public key A single gold key represents a Diffie Hellman DSS public key a A gray key and user represents your RSA key pair which consists of ki your private key and your public key Oe A single gray key represents an RSA public key When a key or key pair is dimmed the keys are temporarily unavailable for encrypting and signing You can disable a key from the PGPkeys window which prevents seldom used keys from cluttering up the Key Selection dialog box This icon indicates that a photographic user ID accompanies the public key a A key with a red X indicates that the key has been revoked Users revoke their keys when they are no longer valid or have been compromised in some way s A key with a clock indicates that the key has expired A key s expiration date is established when the key is created An envelope represents the owner of the key and lists the user names and email addresses associated with the key Eo 8 A gray circle indicates that the key is invalid Q A green circle indicates that they key is valid An additional red circle in the ADK column indicates that the key has an associated Additional Decryption Key
170. heme was presented as a simple homework assignment on how to use elementary cryptanalytic techniques to trivially crack it So much for my brilliant scheme User s Guide 241 Phil Zimmermann on PGP 242 From this humbling experience I learned how easy it is to fall into a false sense of security when devising an encryption algorithm Most people don t realize how fiendishly difficult it is to devise an encryption algorithm that can withstand a prolonged and determined attack by a resourceful opponent Many mainstream software engineers have developed equally naive encryption schemes often even the very same encryption scheme and some of them have been incorporated into commercial encryption software packages and sold for good money to thousands of unsuspecting users This is like selling automotive seat belts that look good and feel good but snap open in the slowest crash test Depending on them may be worse than not wearing seat belts at all No one suspects they are bad until a real crash Depending on weak cryptographic software may cause you to unknowingly place sensitive information at risk when you might not otherwise have done so if you had no cryptographic software at all Perhaps you may never even discover that your data has been compromised Sometimes commercial packages use the Federal Data Encryption Standard DES a fairly good conventional algorithm recommended by the government for commercial use but not for classifi
171. hen keep your public and private keyrings on a write protected removable floppy disk and don t leave it behind when you leave the office It wouldn t be a good idea to allow your private key to reside on a remote timesharing computer such as a remote dial in UNIX system Someone could eavesdrop on your modem line and capture your passphrase and then obtain your actual private key from the remote system You should only use your private key on a machine that is under your physical control Don t store your passphrase anywhere on the computer that has your private key file Storing both the private key and the passphrase on the same computer is as dangerous as keeping your PIN in the same wallet as your Automatic Teller Machine bank card You don t want somebody to get their hands on your disk containing both the passphrase and the private key file It would be most secure if you just memorize your passphrase and don t store it anywhere but your brain If you feel you must write down your passphrase keep it well protected perhaps even better protected than the private key file And keep backup copies of your private key remember you have the only copy of your private key and losing it will render useless all the copies of your public key that you have spread throughout the world The decentralized noninstitutional approach that PGP supports for management of public keys has its benefits but unfortunately it also means that you can
172. his icon in your System tray run PGPtray from the Start menu This feature provides immediate access to the PGP functions regardless of which application you are using and is especially useful if you are using an email application that is not supported by the PGP plug ins NOTE If you installed PGPnet this 4 icon will appear in your System tray instead of the lock icon The look of the PGPtray icon tells you if PGPnet is off or not installed gray lock installed yellow lock on a network or installed but not working yellow lock on a network with a red X User s Guide 33 Using PGP Performing PGP functions from the Clipboard or Current Window If you are using an email application that is not supported by the PGP plug ins or if you are working with text generated by some other application you can perform your encryption decryption and signature verification functions via the Windows Clipboard or within the current application window Via the Windows Clipboard For instance to encrypt or sign text you copy it from your application to the Clipboard CTRL C encrypt and sign it using the appropriate PGP functions then paste CTRL V it back into your application before sending it to the intended recipients When you receive an encrypted or signed email message you simply reverse the process and copy the encrypted text known as ciphertext from your application to the Clipboard decrypt and verify the
173. hm CAST 133 IDEA 133 Triple DES 133 Algorithm encryption definition 261 Algorithm hash definition 261 Allow communications with unconfigured hosts 188 Allowed Algorithm 133 Anonymity definition 261 Any valid key 186 ASCII armored text definition 261 Asymmetric keys definition 261 attackers protecting against 53 235 attacks cryptanalysis 252 man in the middle 74 on swap files 249 on virtual memory 249 physical security breach 250 TEMPEST 250 traffic analysis 252 trojan horses 248 viruses 248 attributes changing your keyrings 106 to 110 viewing your keyrings 106 to 110 authenticating a connection 192 using PGP keys 192 using PGPnet keyring files 192 using X 509 certificates 192 Authentication definition 261 Authorization definition 261 Authorization certificate definition 261 Auto unmount preference after x minutes of inactivity 148 on computer sleep 148 ANSI American National Standards Institute Automated freespace wiping definition 261 What s New in PGP 14 User s Guide 273 Index automatic mounting of volumes 149 unmounting of volumes 148 B bindings review 163 Blind signature definition 262 Block cipher definition 262 block ciphers 233 C CA Certificate Authority definition 262 CA options 133 caching passphrases 190 CAPI Crypto API definition 262 CAST definition 262 CAST algorithm 133 231 key size 231 CBC cipher block chaining 231 Certificate d
174. ibly weak products do not come from companies that specialize in cryptographic technology PGP Desktop Security Phil Zimmermann on PGP Even the really good software packages that use DES in the correct modes of operation still have problems Standard DES uses a 56 bit key which is too small by today s standards and can now be easily broken by exhaustive key searches on special high speed machines The DES has reached the end of its useful life and so has any software package that relies on it There is a company called AccessData http www accessdata com that sells a very low cost package that cracks the built in encryption schemes used by WordPerfect Lotus 1 2 3 MS Excel Symphony Quattro Pro Paradox MS Word and PKZIP It doesn t simply guess passwords it does real cryptanalysis Some people buy it when they forget their password for their own files Law enforcement agencies buy it too so they can read files they seize I talked to Eric Thompson the author and he said his program only takes a split second to crack them but he put in some delay loops to slow it down so it doesn t look so easy to the customer In the secure telephone arena your choices look bleak The leading contender is the STU III Secure Telephone Unit made by Motorola and AT amp T for 2 000 to 3 000 and used by the government for classified applications It has strong cryptography but requires some sort of special license from the govern
175. ide 255 Biometric Word Lists 256 Stewart s scheme for error detection while reading aloud long sequences of bytes via a word list entails using not one but two lists of words Each list contains 256 phonetically distinct words each word representing a different byte value between 0 and 255 The two lists are used alternately for the even offset bytes and the odd offset bytes in the byte sequence For example the first byte offset 0 in the sequence is used to select a word from the even list The byte at offset 1 is used to select a byte from the odd list The byte at offset 2 selects a word from the even list again and the byte at offset 3 selects from the odd list again Each byte value is actually represented by two different words depending on whether that byte appears at an even or an odd offset from the beginning of the byte sequence For example suppose the word adult and the word amulet each appears in the same corresponding position in the two word lists position 5 That means that the repeating 3 byte sequence 05 05 05 is represented by the 3 word sequence adult amulet adult This approach makes it easy to detect all three kinds of common errors in spoken data streams transposition duplication and omission A transposition will result in two consecutive words from the even list followed by two consecutive words from the odd list or the other way around A duplication will be detected by two consec
176. ide 257 Biometric Word Lists I m not entirely happy with the word list I wish it had more cool words in it and less bland words I like words like Aztec and Capricorn and the words in the standard military alphabet While we d like to reserve the right to revise the list at some future time it s not likely due to the legacy problems that this initial version will create This version of the list was last modified in September 1998 If you have any suggested words you d like to see added or deleted send them in to pgpfone bugs mit edu and while you re at it send a copy to Patrick Juola at juola mathcs duq edu Here are the full word lists both odd and even 258 PGP Desktop Security Biometric Word Lists Two Syllable Word List aardvark adult allow artist baboon bedlamp berserk blowtorch breadline button checkup clamshell cobra cranky cubic dragnet drumbeat edict enlist eyetooth flytrap gazelle goldfish hockey island klaxon miser Neptune offload pheasant prefer puppy ragtime reindeer reward rocker scenic sentence skydive snowcap spaniel spindle standard stopwatch sweatband tempest tracker trouble unearth vapor wallet Zulu absurd afflict alone assume backfield beehive billiard bluebird breakup buzzard chisel classic commence crowfoot dashboard drainage drunken egghead erase facial fracture Geiger gremlin indoors jawbone locale Mohawk newborn o
177. ie Hellman DSS public keys accept CAST IDEA or Triple DES as the block cipher with CAST as the default selection At present for compatibility reasons RSA keys do not provide this feature Only the IDEA cipher is used by PGP to send messages to RSA keys because older versions of PGP only supported RSA and IDEA About PGP data compression routines PGP normally compresses the plaintext before encrypting it because it s too late to compress the plaintext after it has been encrypted encrypted data is not compressible Data compression saves modem transmission time and disk space and more importantly strengthens cryptographic security Most cryptanalysis techniques exploit redundancies found in the plaintext to crack the cipher Data compression reduces this redundancy in the plaintext thereby greatly enhancing resistance to cryptanalysis It takes extra time to compress the plaintext but from a security point of view it s worth it Files that are too short to compress or that just don t compress well are not compressed by PGP In addition the program recognizes files produced by most popular compression programs such as PKZIP and does not try to compress a file that has already been compressed For the technically curious the program uses the freeware ZIP compression routines written by Jean Loup Gailly Mark Adler and Richard B Wales This ZIP software uses compression algorithms that are functionally equivalent to those use
178. iewing the Status Panel 169 What s New in PGP 14 to 15 X 509 56 PGPnet keyring files using to authenticate a connection 192 PGPnet window Advanced Panel 194 description 163 features of 165 File menu 165 Help menu 165 Hosts panel 165 Log panel 165 Status panel 165 169 View menu 165 PGPnet creating a VPN 205 certificate based authentication 207 configuring PGPnet 213 configuring the firewall 209 establishing the link 215 firewall terms 206 topology 205 PGPtools window using PGP from 35 PGPtray starting 33 using 91 93 using Free Space Wipe 100 using Secure Wipe 99 Phil Zimmermann 227 photo ID adding to a key 47 PKCS Public Key Crypto Standards definition 267 Pkcs 12 73 121 PKI 54 PKI Public Key Infrastructure definition 268 PKZIP compression 233 plaintext definition 268 plug ins using PGP with 77 plugins Eudora 23 Microsoft Outlook Express 24 PGP Microsoft Exchange Outlook 24 preferences Advanced 133 Certificate Authority CA Email 126 File 125 General 123 Server 130 User s Guide 283 Index Preferred Algorithm 133 primary keys IKE 191 Privacy Enhanced Mail 239 private and public key pairs creating 27 creating with PGP Key Wizard 30 private key definition 268 private keyring definition 268 private keys compromised 246 creating 27 key pairs 27 creating with PGP Key Wizard 30 importing Pkcs 12 X 509 73 121 location of 105 overview 27 protecting 53 protecting against 240
179. iginal sensitive data you wanted to erase and will probably be overwritten by new data at some point in the future If an attacker reads these deleted disk blocks soon after they have been deallocated he could recover your plaintext In fact this could even happen accidentally if something went wrong with the disk and some files were accidentally deleted or corrupted A disk recovery program may be run to recover the damaged files but this often means that some previously deleted files are resurrected along with everything else Your confidential files that you thought were gone forever could then reappear and be inspected by whoever is attempting to recover your damaged disk Even while you are creating the original message with a word processor or text editor the editor may be creating multiple temporary copies of your text on the disk just because of its internal workings These temporary copies of your text are deleted by the word processor when it s done but these sensitive fragments are still on your disk somewhere The only way to prevent the plaintext from reappearing is to somehow cause the deleted plaintext files to be overwritten Unless you know for sure that all the deleted disk blocks will soon be reused you must take positive steps to overwrite the plaintext file and also any fragments of it on the disk left by your word processor You can take care of any fragments of the plaintext left on the disk by using PGP s Secure Wi
180. igital certificate definition 262 Certificate Authority description 236 setting options 133 What s New 14 See also CA Certificate server See key server certificates adding X 509 root CA cert to your keyring 56 X 509 53 Certification definition 262 274 PGP Desktop Security certify definition 262 certifying public keys 28 236 certifying authority definition 262 CFB cipher feedback 231 changing your passphrase 56 110 changing Network control panel settings 163 checking authenticity of a key 74 fingerprints 114 checksum 234 cipher block chaining 231 cipher feedback 231 ciphers allowing specific within PGPnet 194 ciphertext definition 262 Clear text definition 262 clearing log information 170 Clipboard using PGP from the 34 Clipper chip 230 CommandLine 24 communicating with insecure hosts 161 with secure hosts 161 with secure hosts behind secure gateway 161 with unconfigured hosts 187 communication allowing with unconfigured hosts 188 comparing key fingerprints 74 Index compatibility among versions of Desktop Security 20 compression used in PGP 233 compression functions allowed within PGPnet 194 connections authenticating 192 conventional encryption 80 82 91 to 92 definition 263 Corporate signing key 262 creating key pairs 40 PGPdisk volumes 138 private and public key pairs 30 recipient groups 84 subkeys 49 creating a VPN 205 Cryptanalysis definition 263 Cryptography d
181. igned then the options for performing these functions appear on the menu If the file is already encrypted or signed then options for decrypting and verifying the contents of the file are displayed Using PGPtools If you are using an email application that is not supported by the plug ins or if you want to perform PGP functions from within other applications you can encrypt and sign decrypt and verify or securely wipe messages and files directly from PGPtools You can open PGPtools by e Clicking Start gt Programs gt PGP gt PGPtools Or e Clicking the PGPtools icon 9 on the System tray When PGPtools Figure 2 3 opens you can begin your encryption tasks Figure 2 3 PGPtools If you are working with text or files you can encrypt decrypt sign and verify by selecting the text or file and then dragging it onto the appropriate button in PGPtools If you are working with files click on the appropriate button in PGPtools to choose a file or select the Clipboard User s Guide 35 Using PGP When you decrypt a file a Save As dialog box appears and PGP creates a new plaintext file with a txt suffix the decrypted file has a txt pgp suffix Using PGP within supported email applications One of the most convenient ways to use PGP is through one of the popular email applications supported by the PGP plug ins With these plug ins you can encrypt and sign if your version of PGP supports the PGP email plug ins as wel
182. ilable to everyone on a royalty free basis As a hedge PGP includes three key Triple DES in its repertoire of available block ciphers The DES was developed by IBM in the mid 1970s While it has a good design its 56 bit key size is too small by today s standards Triple DES is very strong and has been well studied for many years so it might be a safer bet than the newer ciphers such as CAST and IDEA Triple DES is the DES applied three times to the same block of data using three different keys except that the second DES operation is run backwards in decrypt mode While Triple DES is much slower than either CAST or IDEA speed is usually not critical for email applications Although Triple DES uses a key size of 168 bits it appears to have an effective key strength of at least 112 bits against an attacker with impossibly immense data storage capacity to use in the attack According to a paper presented by Michael Weiner at Crypto96 any remotely plausible amount of data storage available to the attacker would enable an attack that would require about as much work as breaking a 129 bit key Triple DES is not encumbered by any patents PGP Desktop Security Phil Zimmermann on PGP PGP public keys that were generated by PGP Version 5 0 or later have information embedded in them that tells a sender what block ciphers are understood by the recipient s software so that the sender s software knows which ciphers can be used to encrypt Diff
183. immermann on PGP e The first is the virtually universal lack of competence of implementors of commercial encryption software although this is starting to change since the publication of PGP Every software engineer fancies himself a cryptographer which has led to the proliferation of really bad crypto software e The second is the NSA deliberately and systematically suppressing all the good commercial encryption technology by legal intimidation and economic pressure Part of this pressure is brought to bear by stringent export controls on encryption software which by the economics of software marketing has the net effect of suppressing domestic encryption software e The third principle method of suppression comes from the granting of all the software patents for all the public key encryption algorithms to a single company affording a single choke point to suppress the spread of this technology although this crypto patent cartel broke up in the fall of 1995 The net effect of all this is that before PGP was published there was almost no highly secure general purpose encryption software available in the United States I m not as certain about the security of PGP as I once was about my brilliant encryption software from college If I were that would be a bad sign But I don t think PGP contains any glaring weaknesses although I m pretty sure it contains bugs I have selected the best algorithms from the published literature
184. imple enough to guess PGP is not designed to protect your data while it is in plaintext form on a compromised system Nor can it prevent an intruder from using sophisticated measures to read your private key while it is being used You will just have to recognize these risks on multiuser systems and adjust your expectations and behavior accordingly Perhaps your situation is such that you should consider only running PGP on an isolated single user system under your direct physical control Traffic analysis Even if the attacker cannot read the contents of your encrypted messages he may be able to infer at least some useful information by observing where the messages come from and where they are going the size of the messages and the time of day the messages are sent This is analogous to the attacker looking at your long distance phone bill to see who you called and when and for how long even though the actual content of your calls is unknown to the attacker This is called traffic analysis PGP alone does not protect against traffic analysis Solving this problem would require specialized communication protocols designed to reduce exposure to traffic analysis in your communication environment possibly with some cryptographic assistance Cryptanalysis 252 An expensive and formidable cryptanalytic attack could possibly be mounted by someone with vast supercomputer resources such as a government intelligence agency They might crack y
185. ination host or subnet is indented beneath the gateway Packets sent to such hosts are tunneled That is the entire packet sent to the destination is physically placed inside another packet encrypted and then sent to the gateway What is transport mode PGPnet is fully capable of peer to peer secure communications Two machines running PGPnet can communicate securely no matter where they are on the internet A secure gateway is not necessary This type of communication is called transport mode There is no secure gateway or firewall and packets are transmitted securely from the source machine to the destination machine In this mode packets are encrypted and authenticated How does PGPnet communicate with secure and insecure hosts The following paragraphs describe how PGPnet communicates with hosts Secure host with no secure gateway between hosts PGPnet packets are encrypted and authenticated to their destination transport mode Secure host behind secure gateway PGPnet encrypts each packet to its final destination and then tunnels each packet to the gateway This feature eliminates the possibility of someone using the gateway as an eavesdropping point tunnel mode Insecure host behind secure gateway PGPnet tunnels packets to the gateway and the gateway forwards the packets to the final destination tunnel mode User s Guide 161 PGPnet Virtual Private Networking How do you use PGPnet 162
186. ind your passphrase 3 Be creative Use an easy to remember but hard to guess passphrase you can easily construct one by using some creatively nonsensical sayings or obscure literary quotes Public key tampering A major vulnerability exists if public keys are tampered with This may be the most crucially important vulnerability of a public key cryptosystem in part because most novices don t immediately recognize it 246 PGP Desktop Security Phil Zimmermann on PGP To summarize When you use someone s public key make certain it has not been tampered with A new public key from someone else should be trusted only if you got it directly from its owner or if it has been signed by someone you trust Make sure no one else can tamper with your own public keyring Maintain physical control of both your public keyring and your private key preferably on your own personal computer rather than on a remote timesharing system Keep a backup copy of both keyrings Not quite deleted files Another potential security problem is caused by how most operating systems delete files When you encrypt a file and then delete the original plaintext file the operating system doesn t actually physically erase the data It merely marks those disk blocks as deleted allowing the space to be reused later It s sort of like discarding sensitive paper documents in the paper recycling bin instead of the paper shredder The disk blocks still contain the or
187. ine logins leave this box blank Setting key expiration values 190 You can set expiration values for Setup Keys IKE and Primary Keys IPSec These keys are responsible for creating your Security Associations Values can be set in time Duration or data size Megabytes Duration is displayed in the following manner 2d 08h 04m key expires in 2 days 8 hours and 4 minutes Megabytes is displayed in the following manner 99 key expires after 99 megabytes of data are transferred Note that when you establish an SA with another host PGPnet uses the most restrictive expiration values set by either of the two hosts As a result you may see an SA expire before your maximum expiration value is met z4 WARNING Lowering the default value for Megabytes may result in multiple rekeyings when transmitting large files which may in turn cause temporary interruption of normal network function PGP Desktop Security PGPnet Virtual Private Networking Options General Authentication Advanced m User Interface m Security I Require valid authentication key I Cache passphrases between logins M Allow communications with unconfigured hosts I Require secure communications with all hosts Expiration Setup Keys IKE M Duration l 1d 00h Olm a I Megabytes 5 Primary Keys IPSEC M Duration Od 08h 00m a F Megabytes i024 4 Figure 8 10 The General Panel To se
188. infancy integrate Jupiter matchmaker microwave molasses narrative Ohio Pacific paragraph penetrate photograph potato publisher recipe resistor revenue Saturday souvenir supportive telephone torpedo typewriter unify vagabond voyager Wilmington aggregate antenna asteroid backwater bookseller Brazilian Camelot caretaker Cherokee commando conformist corrosion customer designing dinosaur distortion enterprise everyday filament gadgetry graduate handiwork hideaway impetus inferno intention leprosy maverick midsummer molecule nebula onlooker pandemic paramount perceptive pioneer processor pyramid recover responsive revival savagery specialist surrender therapist tradition ultimate universe vertigo warranty Wyoming Three Syllable Word List alkali applicant Atlantic barbecue borderline breakaway candidate celebrate Chicago company congregate councilman Dakota detector direction document equation examine finicky Galveston gravity hazardous holiness inception informant inventive letterhead Medusa millionaire Montana newsletter opulent Pandora passenger performance pockettul provincial quantity repellent retraction revolver scavenger speculate suspicious tobacco travesty undaunted unravel Virginia Waterloo yesteryear Glossary AES Advanced Encryption Standard Algorithm encryption Algorithm hash Anonymity ANSI American National Sta
189. ing PGP Options Subkey properties window To access the Subkey Properties panel for a particular key select the desired key and then choose Properties from the Keys menu The Key Properties dialog box appears as shown in Figure 6 2 on page 109 Click the Subkey tab The Subkey panel appears as shown in Figure 6 3 Philip R Zimmermann lt prz pgp com gt 21x General Subkeys Revokers Valid from Expires Om 4 7 97 Never re Figure 6 3 Key Property dialog box Subkey panel Refer to Table 6 2 General Key Properties panel attributes for a description of each attribute and task available in the Subkey panel User s Guide 111 Managing Keys and Setting PGP Options Table 6 3 Subkey properties panel Valid From Expires Key Size New Revoke Remove The date when the subkey becomes active The date when the subkey expires Owners specify this date when they create their subkeys Subkeys are usually active for a limited period of time The size of the subkey Creates a new subkey For information about creating a new subkey see Creating new subkeys on page 49 Revokes the currently selected encryption subkey After you revoke the subkey and redistribute your key others will no longer be able to encrypt data to this subkey Permanently removes the currently selected encryption subkey This procedure cannot be undone Any data that is encrypted to the selected subkey can
190. ing to another user of PGP Version 5 5 or above on any platform This means that Mac OS users will receive the exact file that was intended and the Windows version will automatically decode the MacBinary and even append the appropriate file extension such as doc for Microsoft Word or ppt for Microsoft PowerPoint PGP includes information on most popular application filename extensions and Macintosh creator codes In cases where the type is unknown or known to be a Mac OS only file such as a Mac OS application the file remains in MacBinary format so that it can later be forwarded to a Macintosh fully intact e MacBinary No If you are communicating with users who have an older version of PGP the decision of whether to send with MacBinary generally ends up in the sender s hands as in most other programs and in previous versions of PGP for Mac OS When sending to a PC using an older version if you know that the file you are sending can be read by Windows applications when no MacBinary is used select this option This includes most files that are generally cross platform such as those created by the Microsoft Office applications graphics files compressed files and many others The sender or the recipient will have to manually rename the file to have the correct filename extension on Windows This is required because the Windows recipient does not have the creator information normally encoded with MacBinary e MacBinary Smart There are some v
191. ion key is used for each communication session to apply a signature a digital code created with a private key Signatures allow authentication of information by the process of signature verification When you sign a message or file the PGP program uses your private key to create a digital code that is unique to both the contents of the message and your private key Anyone can use your public key to verify your signature a proposed standard developed by Deming software and RSA Data Security for encrypting and or authenticating MIME data S MIME defines a format for the MIME data the algorithms that must be used for interoperability RSA RC2 SHA 1 and the additional operational concerns such as ANSI X 509 certificates and transport over the Internet User s Guide 269 Glossary SSL Secure Socket Layer developed by Netscape to provide security and privacy over the Internet Supports server and client authentication and maintains the security and integrity of the transmission channel Operates at the transport layer and mimics the sockets library allowing it to be application independent Encrypts the entire communication channel and does not support digital signatures at the message level symmetric algorithm a k a conventional secret key and single key algorithms the encryption and decryption key are either the same or can be calculated from one another Two sub categories exist Block and Stream subkey a s
192. ional security officers who in turn had their keys signed by the head security officer who is a meta introducer This allows the establishment of a trust hierarchy in the organization 76 PGP Desktop Security Sending and Receiving Secure Email This chapter explains how to encrypt and sign the email you send to others and decrypt and verify the email others send to you Encrypting and signing email There are three ways to encrypt and sign email messages The quickest and easiest way to encrypt and sign email is with an application supported by the PGP email plug ins Although the procedure varies slightly between different email applications you perform the encryption and signing process by clicking the appropriate buttons in the application s toolbar If you are using an email application that is not supported by the PGP plug ins you can encrypt and sign your email messages via Windows clipboard by selecting the appropriate option from the lock icon in the System tray To include file attachments you encrypt the files from Windows Explorer before attaching them amp TIP If you are sending sensitive email consider leaving your subject line blank or creating a subject line that does not reveal the contents of your encrypted message If you do not have one of the email applications that is supported by PGP see Chapter 5 for information about how to encrypt files As an alternative to using the plug ins you can us
193. iption Edit Displays the values for the selected item in the Edit Host Gateway dialog box Remove Removes selected host entry Add Activates the Add New Host Gateway Wizard if you are in Expert Mode activates the Edit Host Gateway dialog Connect Connect establishes an SA Disconnect terminates an SA Disconnect The Connect and Disconnect buttons Use the Connect button to establish an SA with a configured host Select the host then click Connect The Connect button is disabled when an inappropriate host entry is selected for example when you select a secure subnet or insecure host that is not behind a gateway Use the Disconnect button to terminate an SA with a configured host Select the host then click Disconnect For more information about establishing an SA please see Establishing an SA on page 173 Establishing an SA Establish an SA using PGP keys authentication Follow the steps below to establish an SA with another host using PGP keys for authentication To establish an SA with another host using PGP keys for authentication 1 Verify that each system has a network connection 2 Install PGPnet on both systems During installation you must select the appropriate network adapter for PGPnet For example if the network connection is via ethernet PGPnet must be bound to the ethernet adapter if the network connection is via modem then PGPnet must be bound to the modem adapter also known as the Remote A
194. ir public key ona certificate server This makes it very convenient for you to get a copy of their most up to date key whenever you want to send them mail and also relieves you from having to store a lot of keys on your public keyring Your security officer may direct you to use a corporate certificate server that holds all of your organization s frequently used keys In this case your PGP software is probably already configured to access the appropriate server PGP Desktop Security Making and Exchanging Keys There are a number of public certificate servers such as the one maintained by Network Associates Inc where you can locate the keys of most PGP users If the recipient has not pointed you to the Web address where his or her public key is stored you can access any certificate server and do a search for the user s name or email address because all certificate servers are regularly updated to include the keys stored on all the other servers To get someone s public key from a certificate server 1 2 Open PGPkeys Choose Search from the Server menu or click the Search button x in PGPkeys The PGPkeys Search window appears as in Figure 3 16 9 PGPkeys Search Window _ joy x Search for keys on idap certserver pgp com where Search usen x fis sinedby x Philip R Zimmermann Clear Search ei mie a OT key Size 7 fis x 2048 7 kem xfs Key Type 7 fis 7 Ditfie Hellman 7 More Choices
195. is checkbox to protect text from TEMPEST attacks upon decryption If you select this option the data is displayed in a special TEMPEST attack prevention font that is unreadable to radiation capturing equipment upon decrypting For more information about TEMPEST attacks see Vulnerabilities on page 246 NOTE This option is only available when encrypting text or text files Conventional Encrypt Select this checkbox to rely on a common passphrase rather than on public key cryptography The file is encrypted using a session key which encrypts and decrypts using a passphrase that you will be asked to choose Self Decrypting Archive Select this checkbox to create a self decrypting executable file If you select this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you are asked to choose The resulting executable file can be decrypted by simply double clicking on it and entering the appropriate passphrase This option is especially convenient for users who are sending encrypted files to people who do not have PGP software installed Note that sender and recipient must be on the same platform 6 Click OK If you are signing the files you are asked to supply your passphrase 92 PGP Desktop Security Using PGP for Secure File Storage After encryption if you look in the folder where the original file was located you will find a file with the specified n
196. is product includes software developed by the Apache Group for use in the Apache HTTP server project http www apache org Copyright 1995 1999 The Apache Group All rights reserved See text files included with the software or the PGP web site for further information This software is based in part on the work of the Independent JPEG Group Soft TEMPEST font courtesy of Ross Anderson and Marcus Kuhn Biometric word list for fingerprint verification courtesy of Patrick Juola The software provided with this documentation is licensed to you for your individual use under the terms of the End User License Agreement and Limited Warranty provided with the software The information in this document is subject to change without notice Network Associates Inc does not warrant that the information meets you requirements or that the information is free of errors The information may include technical inaccuracies or typographical errors Changes may be made to the information and incorporated in new editions of this document if and when made available by Network Associates Inc Export of this software and documentation may be subject to compliance with the rules and regulations promulgated from time to time by the Bureau of Export Administration United States Department of Commerce which restrict the export and re export of certain products and technical data Network Associates International BV 31 20 5866100 Gatwickstraat 25 31 20 5866101 fax 104
197. isk volume is mounted you can use it as you would any other disk You can install applications within the volume or move or save your files to the volume When the volume is unmounted it is inaccessible to anyone who does not know your secret passphrase which is a longer version of a password Even a mounted volume is protected unless a file or application is in use it is stored in encrypted format If your computer should crash while a volume is mounted the volume s contents remain encrypted O NOTE PGP products encourage you to use an entire phrase or long sequence of characters to protect sensitive data Such passphrases are generally more secure than traditional 6 10 character passwords PGPdisk features The PGPdisk program e Allows you to create secure volumes of encrypted data which function just like any other volumes you are accustomed to using for storing your files e Provides fast and secure encryption of your data with minimal impact on the amount of time it takes to access your programs and files e Uses a strong military grade encryption algorithm known as CAST which has a solid reputation for its ability to withstand unauthorized access e Stores the contents of each secure volume in an encrypted file which can easily be backed up and exchanged with colleagues User s Guide 135 PGPdisk Why use PGPdisk While other products offer the ability to restrict access to disk files through permission att
198. ith a Gauntlet Firewall for Windows NT 5 0 CAST must be deselected For a VPN with a Gauntlet Firewall for UNIX 5 0 the IPSec proposal being used in this example MD5 Triple DES must be at the top of the list of IPSec proposals User s Guide 215 Creating a VPN with PGPnet 216 2 Click on the name of the gateway host the firewall you configured 3 If your X 509 certificate has already been set as your authenticating key skip to Step 10 If you have not set your X 509 certificate as your authenticating key or you are not sure continue with Step 4 4 Pull down the View menu and select Options The Options screen displays 5 Click the Authentication tab 6 On the Authentication tab click Select Certificate A list of X 509 certificates that are on your keyring displays 7 Click on the name of the certificate you would like to use to authenticate yourself and click OK 8 Click OK again to close the Options screen A dialog box prompts you for the passphrase for the selected key 9 Enter the passphrase for the key and click OK The Hosts screen displays 10 Click the plus sign next to the gateway host the firewall you configured A list of host entries hosts or subnets behind the gateway displays 11 To start communications with an insecure host or subnet click on the host entry you want to connect to then click Connect If everything is configured correctly the IPSec protocols establish a Security
199. k Secure Viewer Select this checkbox to protect text from TEMPEST attacks upon decryption If you select this option the data is displayed in a special TEMPEST attack prevention font that is unreadable to radiation capturing equipment upon decrypting For more information about TEMPEST attacks see Vulnerabilities on page 246 NOTE This option is only available when encrypting text or text files Using PGP for Secure File Storage e Conventional Encrypt Select this checkbox to rely on a common passphrase rather than on public key cryptography The file is encrypted using a session key which encrypts and decrypts using a passphrase that you are asked to choose e Self Decrypting Archive Select this checkbox to create a self decrypting executable file If you select this option the file is encrypted using a session key which encrypts and decrypts using a passphrase that you are asked to choose The resulting executable file can be decrypted by simply double clicking on it and entering the appropriate passphrase This option is especially convenient for users who are sending encrypted files to people who do not have PGP software installed Note that sender and recipient must be on the same platform If you are signing the files you are asked to supply your passphrase After encryption if you look in the folder where the original file was located you will find a file with the specified name represent
200. l Help T Wipe Original T Conventional Encryption I Self Decrypting Archive Encryption options Figure 4 1 PGP Recipient Selection window User s Guide 79 Sending and Receiving Secure Email 80 4 Drag the public keys for those who are to receive a copy of the encrypted email message into the Recipients list box You can also double click any of the keys to move them from one area of the screen to the other The Validity icon indicates the minimum level of confidence that the public keys in the Recipient list are valid This validity is based on the signatures associated with the key See Chapter 6 Managing Keys and Setting PGP Options for details 5 Youcan choose from the following encryption options depending on the type of data you are encrypting Secure Viewer Select this option to protect the data from TEMPEST attacks upon decryption If you select this option the decrypted data is displayed in a special TEMPEST attack prevention font that is unreadable to radiation capturing equipment For more information about TEMPEST attacks see Vulnerabilities on page 246 NOTE The Secure Viewer option may not be compatible with previous versions of PGP Files encrypted with this option enabled can be decrypted by previous versions of PGP however this feature may be ignored Conventional Encrypt Select this option to use a common passphrase instead of public key encryption If you sel
201. l as decrypt and verify your messages while you are composing and reading your mail with a simple click of a button If you are using an email application that is not supported by the plug ins you can easily encrypt the text of the message using PGPtray In addition if you need to encrypt or decrypt files you can do so directly from the Windows Clipboard or by choosing the appropriate PGP menu option in Windows Explorer You can also use PGP to encrypt and sign files on the hard disk of your computer for secure storage to securely wipe files from your hard disk and to wipe free disk space so that sensitive data can t be retrieved with disk recovery software If you have one of these popular email application supported by the PGP plug ins you can access the necessary PGP functions by clicking the appropriate buttons in your application s toolbar e Qualcomm Eudora e Microsoft Exchange e Microsoft Outlook e Microsoft Outlook Express e Lotus Notes available separately e Novell Groupwise available separately For example you click the envelope and lock icon GB to indicate that you want to encrypt your message and the pen and paper z to indicate that you want to sign your message Some applications also have an icon of both a lock and quill which lets you do both at once When you receive email from another PGP user you decrypt the message and verify the person s digital signature by clicking the opened lock and envelo
202. l keyring For detailed instructions on signing a key see Signing someone s public key on page 116 Working with trusted introducers PGP users often have other trusted users sign their public keys to further attest to their authenticity For instance you might send a trusted colleague a copy of your public key with a request that he or she certify and return it so you can include the signature when you post your key on a public certificate server Using PGP when someone gets a copy of your public key they don t have to check the key s authenticity themselves but can instead rely on how well they trust the person s who signed your key PGP provides the means for establishing this level of validity for each of the public keys you add to your public keyring and shows the level of trust and validity associated with each key PGPkeys This means that when you get a key from someone whose key is signed by a trusted introducer you can be fairly sure that the key belongs to the purported user For details on how to sign keys and validate users see Signing someone s public key on page 116 Your Security Officer can act as a trusted introducer and you may then trust any keys signed by the corporate key to be valid keys If you work for a large company with several locations you may have regional introducers and your Security Officer may be a meta introducer or a trusted introducer of trusted introducers What is a trusted int
203. le indiscriminately copy disks from your computer About the message digest 234 The message digest is a compact 160 bit or 128 bit distillate of your message or file checksum You can also think of it as a fingerprint of the message or file The message digest represents your message in such a way that if the message were altered in any way a different message digest would be computed from it This makes it possible to detect any changes made to the message by a forger A message digest is computed using a cryptographically strong one way hash function of the message It should be computationally infeasible for an attacker to devise a substitute message that would produce an identical message digest In that respect a message digest is much better than a checksum because it is easy to devise a different message that would produce the same checksum But like a checksum you can t derive the original message from its message digest The message digest algorithm now used in PGP Version 5 0 and later is called SHA which stands for Secure Hash Algorithm designed by the NSA for the National Institute of Standards and Technology NIST SHA is a 160 bit hash algorithm Some people might regard anything from the NSA with suspicion because the NSA is in charge of intercepting communications and breaking codes But keep in mind that the NSA has no interest in forging signatures and the government would benefit from a good unf
204. leave this field blank or consult your company s PGP or PKI administrator 8 Inthe Type box specify the name of certificate authority you are using Your options are e Net Tools PKI Server e VeriSign OnSite e Entrust 9 Click the Select Certificate button then select the Root CA certificate you just retrieved 54 PGP Desktop Security Making and Exchanging Keys The Root Certificate text box displays information on the selected root CA certificate The terminology for the certificate is a policy decision Typically the following terminology is true for X 509 certificates CN Often a description of the type of certificate Common Name e g Root EMAIL The email address for the certificate holder OU The organization to which the certificate Organizational belongs e g Accounting Unit 0 Typically the name of the company to which Organization the certificate belongs e g Secure Company L The location of the holder of the certificate Locality e g Santa Clara 10 Click OK 3 Make a certificate request To do this follow these steps 1 Right click on your PGP keypair and select Keys gt Add Certificate from the right click menu The Certificate Attributes dialog box appears as shown in Figure Certificate Attributes 21x Certificate Authority Type Net Tools PKI Server Email Address beth company com Organization Name Company Name City Any City
205. lephone the owner of a public key and have him or her read the fingerprint associated with their key so you can compare it with the fingerprint on your copy of their public key to see if they match If the fingerprint does not match then you know you have a bogus key a legible code that uniquely identifies a key pair Two key pairs may have the same user ID but they will have different Key IDs the number of bits representing the key size the longer the key the stronger it is the process and procedure for safely storing and distributing accurate cryptographic keys the overall process of generating and distributing cryptographic key to authorized recipients in a secure manner a public key and its complimentary private key In public key cryptosystems like the PGP program each user has at least one key pair a set of keys Each user has two types of keyrings a private keyring and a public keyring the process of dividing up a private key into multiple pieces and share those pieces among a group of people A designated number of those people must bring their shares of the key together to use the key a simple protocol that supports access and search operations on directories containing information such as names phone numbers and addresses across otherwise incompatible systems over the Internet Glossary Message digest Meta introducer MIC Message Integrity Check MIME Multipurpose Internet Mail Extensions
206. ll be lost on the user who often has no idea what the correct decision is The decision should generally be based on whether the file is being sent to Windows or Mac OS But what about if you re sending to both at the same time There is no good solution to that problem with older versions of PGP and many other utilities This has resulted in great confusion and inconvenience for users The reverse sending a file from Windows to the Mac OS has also been a major problem Windows uses filename extensions such as doc to identify the type of a file This is meaningless to the Mac OS These files are sent to a Macintosh computer without any file type or creator information The process of making them readable after receipt generally involves various arcane motions in the Open dialog of the creator application or in many cases requires the user to understand Mac OS lore of creator and type codes by setting them manually in a third party utility User s Guide 221 Transferring Files Between the Mac OS and Windows Fortunately the latest version of PGP versions 5 5 through 6 5 leads the way out of this confusion If all PGP users were to use the latest versions no one would have to think about how to send files from Mac OS to Windows and vice versa Sending from the Mac OS to Windows On the Mac OS there are three options when encrypting or signing a file e MacBinary Yes This is the recommended option for all encryptions when send
207. lly belongs to her Other people who trust you will accept her public key because it bears your signature It can be ill advised to rely on hearsay don t sign her public key unless you have independent first hand knowledge that it really belongs to her Preferably you should sign it only if you got it directly from her In order to sign a public key you must be far more certain of that key s ownership than if you merely want to use that key to encrypt a message To be convinced of a key s validity enough to use it certifying signatures from trusted introducers should suffice But to sign a key yourself you should require your own independent first hand knowledge of who owns that key Perhaps you could call the key s owner on the phone and read the key fingerprint to her to confirm that the key you have is really her key and make sure you really are talking to the right person Bear in mind that your signature on a public key certificate does not vouch for the integrity of that person but only vouches for the integrity the ownership of that person s public key You aren t risking your credibility by signing the public key of a sociopath if you are completely confident that the key really belongs to him Other people would accept that key as belonging to him because you signed it assuming they trust you but they wouldn t trust that key s owner Trusting a key is not the same as trusting the key s owner It would be a go
208. ltiple schedules Cancel Figure 5 8 Windows Task Schedule dialog box 4 Choose how often you want the task to run from the Schedule Task area Your choices are e Daily This runs your task once at the time you specify on the days you indicate Click OK to close the dialog box then enter in the Start Time text box the time each day when the task will run e Weekly This runs your task on a weekly basis at the date and time you specify Specify how many weeks between disk wipes in the text box provided then choose a day from the Schedule Task Weekly list e Monthly This runs your task once each month on the day and at the time you specify Enter the time text box provided then enter the day of the month on which you want the task to run Click Select Months to specify which months the task will run User s Guide 103 Using PGP for Secure File Storage e Once This runs your task exactly once on the date and at the time you specify Enter the time in the text box provided then select a month and a date from the lists Run On text box e At System Start up This runs your task only upon system start up e At Logon This runs your task when you log on to your computer e When Idle This runs your task when your system is idle for the amount of time you specify in the minutes text box 5 Click Advanced to open a dialog box where you can select additional scheduling options such as the start date the end date
209. me other value Although it would be unlikely for anyone to crack your key based on their knowledge of these canned prime numbers some may want to spend the extra time to create a key pair with the maximum level of security The general belief in the cryptographic community is that using canned primes provides no decrease in security for the Diffie Hellman DSS algorithms If this feature makes you uncomfortable you may turn it off Cache Decryption Passphrases for When this setting is selected your decryption passphrase is automatically stored in your computer s memory Specify the frequency in hours minutes seconds in which you want to save your passphrase The default setting is 2 minutes Cache Signing Passphrases for When this setting is selected your signing passphrase is automatically stored in your computer s memory Specify the frequency in hours minutes seconds in which you want to save your signing passphrase The default setting is 2 minutes Comment Block You can add your comment text in this area The text you enter hear is always included in messages and files that you encrypt or sign Comments entered in this field appear below the BEGIN PGP MESSAGE BLOCK text header and PGP version number of each message Warn Before Wiping When this setting is selected a dialog box appears before you wipe a file to give you one last chance to change your mind before PGP securely overwrites the contents of the file
210. ment to buy this strong version A commercial version of the STU III is available that is watered down for NSA s convenience and an export version is available that is even more severely weakened Then there is the 1 200 AT amp T Surity 3600 which uses the government s famous Clipper chip for encryption with keys escrowed with the government for the convenience of wiretappers Then of course there are the analog nondigital voice scramblers that you can buy from the spy wannabe catalogs that are really useless toys as far as cryptography is concerned but are sold as secure communications products to customers who just don t know any better In some ways cryptography is like pharmaceuticals Its integrity may be absolutely crucial Bad penicillin looks the same as good penicillin You can tell if your spreadsheet software is wrong but how do you tell if your cryptography package is weak The ciphertext produced by a weak encryption algorithm looks as good as ciphertext produced by a strong encryption algorithm There s a lot of snake oil out there A lot of quack cures Unlike the patent medicine hucksters of old these software implementors usually don t even know their stuff is snake oil They may be good software engineers but they usually haven t even read any of the academic literature in cryptography But they think they can write good cryptographic software And why not After all it seems intuitively easy to do so And th
211. ment was signed A trustworthy Certifying Authority or notary could create notarized signatures with a trustworthy timestamp This would not necessarily require a centralized authority Perhaps any trusted introducer or disinterested party could serve this function the same way real notary publics do now When a notary signs other people s signatures it creates a signature certificate of a signature certificate This would serve as a witness to the signature in the same way that real notaries now witness handwritten signatures The notary could enter the detached signature certificate without the actual whole document that was signed into a special log controlled by the notary Anyone could read this log The notary s signature would have a trusted timestamp which might have greater credibility or more legal significance than the timestamp in the original signature There is a good treatment of this topic in Denning s 1983 article in IEEE Computer Future enhancements to PGP might have features to easily manage notarized signatures of signatures with trusted timestamps User s Guide 251 Phil Zimmermann on PGP Exposure on multi user systems PGP was originally designed for a single user PC under your direct physical control If you run PGP at home on your own PC your encrypted files are generally safe unless someone breaks into your house steals your PC and persuades you to give them your passphrase or your passphrase is s
212. most cases Insummary if you are sending only to versions 6 x always select MacBinary Yes the default Thus no thought is required if your environment is using PGP version 6 x exclusively When sending to users with older versions you should select MacBinary No for cross platform file types and MacBinary Yes for files which simply wouldn t be readable to PC users anyway such as a Mac OS application NOTE PGP Version 5 0 did not have a MacBinary No option In order to send file types without MacBinary which are not included in the MacBinary Smart list to a PC using 5 0 the file must be manually set to one of the creator and type codes on the Smart list before sending Receiving Windows files on the Mac OS When decrypting PGP version 5 5 x and later automatically attempts to translate filename extensions for non MacBinary files into Mac OS creator and type information For example if you receive a file from Windows with an extension of doc the file will be saved as a Microsoft Word document The same list of applications used when adding filename extensions upon receipt of a MacBinary file on Windows is used to translate filename extensions back into the Mac OS equivalent when received on a Macintosh computer In almost all cases this results in files which are immediately readable and double clickable on Mac OS User s Guide 223 Transferring Files Between the Mac OS and Windows Previous versions o
213. mpting to sign or decrypt with it will cause PGP to automatically attempt to rejoin the key There are two ways to rejoin the key locally and remotely Rejoining key shares locally requires the shareholders presence at the rejoining computer Each shareholder is required to enter the passphrase for their key share Rejoining key shares remotely requires the remote shareholders to authenticate and decrypt their keys before sending them over the network PGP s Transport Layer Security TLS provides a secure link to transmit key shares which allows multiple individuals in distant locations to securely sign or decrypt with their key share IMPORTANT Before receiving key shares over the network you should verify each shareholder s fingerprint and sign their public key to ensure that their authenticating key is legitimate To learn how to verify a keypair see Verify with a digital fingerprint on page 74 To rejoin a split key 1 Contact each shareholder of the split key To rejoin key shares locally the shareholders of the key must be present User s Guide 61 Making and Exchanging Keys To collect key shares over the network ensure that the remote shareholders are prepared to send their key share file Remote shareholders must have their key share file and password akeypair for authentication to the computer that is collecting the key shares anetwork connection the IP address or Domain Name
214. n is secure Under no circumstances is it a good idea to allow the contents of your mounted volumes to be backed up as this defeats the whole purpose of keeping this information encrypted Exchanging PGPdisk volumes You can exchange PGPdisk volumes with colleagues who have their own PGPdisk program by sending them a copy of the encrypted file which contains the data associated with the volume Here are some of the ways you might exchange PGPdisk volumes e As mail attachments e On floppy disks or cartridges 150 PGP Desktop Security PGPdisk Over a network TIP You should carefully consider the method you use to provide someone the passphrase used to gain access to a PGPdisk volume In general unless you use PGP to encrypt your message email is not a good way to exchange passphrases Telephone lines are also vulnerable to monitoring and your conversation could be overheard The more security precautions you take the greater assurance you have that your sensitive information remains confidential If you do not have secure e mail then it is probably safer to tell the other person the passphrase in a face to face meeting or even by regular postal mail Once the intended party has a copy of the encrypted file all they need in order to gain access to the contents of the volume is to mount it using the correct passphrase or if the volume was encrypted to their public key their private key They also need a copy of the PGPdi
215. n line services business and personal contacts financial records and so on are subject to misuse by those with criminal intent and could end up costing more than the price of the missing notebook To secure the contents of external media such as floppy disks and storage cartridges The ability to encrypt external media provides an added level of security for storing and exchanging sensitive information PGP Desktop Security PGPdisk Starting the PGPdisk program To start PGPdisk Select Start gt Programs gt PGP gt PGPdisk This opens the PGPdisk toolbar as shown in Figure 7 1 amp PGPdisk x Figure 7 1 The PGPdisk toolbar The PGPdisk toolbar provides a convenient means of creating and mounting volumes Here is a brief description of each button New Displays the PGPdisk wizard which guides you through the process of creating a new PGPdisk volume Mount Mounts the specified PGPdisk volume provided that the correct passphrase is entered Unmount Unmounts the specified PGPdisk volume Preferences Specifies how you prefer to unmount your volumes User s Guide 137 PGPdisk Working with PGPdisk Volumes This section explains how to create mount and unmount PGPdisk volumes and how to specify preferences which protect volume contents by unmounting them under certain circumstances NOTE You can perform most PGPdisk operations by right clicking on the PGPdisk volume file
216. nally valid keys if the Advanced Options Treat marginally valid keys as invalid is set a green circle for valid keys that you do not own In a corporate environment your security officer may sign users keys with the Corporate Signing Key Keys signed with the Corporate Signing Key are usually assumed to be completely valid See Chapter 2 Using PGP for more information Shows the number of bits used to construct the key Generally the larger the key the less chance that it will ever be compromised However larger keys require slightly more time to encrypt and decrypt data than do smaller keys When you create a Diffie Hellman DSS key there is one number for the Diffie Hellman portion and another number for the DSS portion The DSS portion is used for signing and the Diffie Hellman portion for encryption User s Guide 107 Managing Keys and Setting PGP Options Description Additional Decryption Key Key ID Trust Expiration Creation Describes the type of information displayed in the Keys column key type type of ID or signature type Shows whether the key has an associated Additional Decryption Key A unique identifying number associated with each key This identification number is useful for distinguishing between two keys that share the same user name and email address Indicates the level of trust you have granted to the owner of the key to serve as an introducer for the public keys of other
217. nated as your default key pair If you have more than one key pair you may want to specifically designate one pair as your default pair To specify your default key pair 1 Open PGPkeys 2 Highlight the key pair you want to designate as your default key 3 Choose Set Default from the Keys menu User s Guide 113 Managing Keys and Setting PGP Options The selected key pair is displayed in bold type indicating that it is now designated as your default key pair Verifying someone s public key 114 In the past it was difficult to know for certain whether a key belonged to a particular individual unless that person physically handed the key to you on a floppy disk Exchanging keys in this manner is not usually practical especially for users who are located many miles apart There are several ways to check a key s fingerprint but the safest is to call the person and have them read the fingerprint to you over the phone Unless the person is the target of an attack it is highly unlikely that someone would be able to intercept this random call and imitate the person you expect to hear on the other end You can also compare the fingerprint on your copy of someone s public key to the fingerprint on their original key on a public server The fingerprint can be viewed in two ways in a unique list of words or in its hexadecimal format To check a public key with its digital fingerprint 1 Open PGPkeys 2 Highlight the public key
218. ncerning any of these procedures refer to the appropriate chapters in this book For a comprehensive overview of PGP encryption technology refer to An Introduction to Cryptography which is included with the product Basic steps for using PGP 1 Install PGP on your computer Refer to Chapter 1 Installing PGP for complete installation instructions 2 Create a private and public key pair Before you can begin using PGP you need to generate a key pair A PGP key pair is composed of a private key to which only you have access and a public key that you can copy and make freely available to everyone with whom you exchange information You have the option of creating a new key pair immediately after you have finished the PGP installation procedure or you can do so at any time by opening the PGPkeys application For more information about creating a private and public key pair refer to Making a key pair on page 40 3 Exchange public keys with others After you have created a key pair you can begin corresponding with other PGP users You will need a copy of their public key and they will need yours Your public key is just a block of text so it s quite easy to trade keys with someone You can include your public key in an email message copy it to a file or post it on a public or corporate key server where anyone can get a copy when they need it User s Guide 27 Using PGP For more information about excha
219. ncrypt the deciphered message with Alice s real public key and send it on to her so that no one suspects any wrongdoing Furthermore he can even make apparently good signatures from Alice with this private key because everyone will use the bogus public key to check Alice s signatures The only way to prevent this disaster is to prevent anyone from tampering with public keys If you got Alice s public key directly from Alice this is no problem But that may be difficult if Alice is a thousand miles away or is currently unreachable Perhaps you could get Alice s public key from a mutually trusted friend David who knows he has a good copy of Alice s public key David could sign Alice s public key vouching for the integrity of Alice s public key David would create this signature with his own private key User s Guide 235 Phil Zimmermann on PGP 236 This would create a signed public key certificate and would show that Alice s key had not been tampered with This requires that you have a known good copy of David s public key to check his signature Perhaps David could provide Alice with a signed copy of your public key also David is thus serving as an Introducer between you and Alice This signed public key certificate for Alice could be uploaded by David or Alice to the BBS and you could download it later You could then check the signature via David s public key and thus be assured that this is really Alice
220. nd gateway is an entry in PGPnet s host list You can use PGPnet s Add Host wizard or Host Gateway dialog to add additional entries to the host list If you do not have a PGPnet administrator or hosts subnets or gateways are not configured when you install PGPnet the Add Host wizard starts automatically the first time you start PGPnet Use the wizard to add the necessary hosts subnets and gateways 2 PGPnet iof x File View Help Status Log Hosts See ss Set feeen S g E Secure Gateway 123 222 33 1 amp HostBehindGateway 192 168 1 5 B Secure Host 123 222 33 4 erg EH Secure Subnet 123 123 123 0 255 255 2550 5 PGPnet COn Off status Off Figure 8 7 The Hosts Panel 176 PGP Desktop Security PGPnet Virtual Private Networking What you need to know The following paragraphs identify information that you need to add a host subnet or gateway Table 8 1 What you must know to add hosts gateways and subnets To You must know Add a secure host Host domain name or IP address Add a subnet IP address and subnet mask Add a gateway Host domain name or IP address Add a host behind a configured Host domain name or IP address gateway Add a subnet behind a configured IP address and subnet mask gateway Table 8 2 Where to go to add hosts subnets and gateways To See page Add a host page 177 Add a subnet page 179 Add a gateway page 180 Add a host behind a configured gateway pag
221. nd to any of the keys on your public keyring or if you are encrypting from PGPtray or from PGPtools you must manually select the recipient s public key from the PGP Key Selection dialog box To select a recipient s public key drag the icon representing the key into the Recipients list box and then click OK For complete instructions on how to encrypt sign decrypt and verify email see Chapter 4 Sending and Receiving Secure Email For complete instructions on how to encrypt files to store on your hard disk or to send as attachments see Chapter 5 Using PGP for Secure File Storage Taking shortcuts Although you will find that PGP is quite easy to use a number of shortcuts are available to help you accomplish your encryption tasks even quicker For example while you are managing your keys in the PGPkeys window you can press the right mouse button to perform all the necessary PGP functions rather than accessing them from the menu bar You can also drag a file containing a key into the PGPkeys window to add it to your keyring Keyboard shortcuts are also available for most menu operations These keyboard shortcuts are shown on all the PGP menus and other shortcuts are described in context throughout this manual User s Guide 37 Using PGP Getting Help When you choose Help from PGPtray or from the Help menu within PGPkeys you access the PGP Help system which provides a general overview and instructions for
222. ndards Institute ASCII armored text Asymmetric keys Authentication Authorization certificate Authorization NIST approved standards usually used for the next 20 30 years a set of mathematical rules logic used in the processes of encryption and decryption a set of mathematical rules logic used in the processes of message digest creation and key signature generation of unknown or undeclared origin or authorship concealing an entity s identification develops standards through various Accredited Standards Committees ASC The X9 committee focuses on security standards for the financial services industry binary information that has been encoded using a standard printable 7 bit ASCII character set for convenience in transporting the information through communication systems In the PGP program ASCII armored text files are given the default filename extension and they are encoded and decoded in the ASCII radix 64 format a separate but integrated user key pair comprised of one public key and one private key Each key is one way meaning that a key used to encrypt information can not be used to decrypt the same data the determination of the origin of encrypted information through the verification of someone s digital signature or someone s public key by checking its unique fingerprint an electronic document to prove one s access or privilege rights also to prove one is who they say they are
223. ndom keystrokes until the progress bar is completely filled in Your mouse movements and keystrokes generate random information that is needed to create a unique key pair NOTE PGPkeys continually gathers random data from many sources on the system including mouse positions timings and keystrokes If the Random Data dialog box does not appear it indicates that PGP has already collected all the random data that it needs to create the key pair After the key generation process begins it may take a while to generate the keys In fact if you specify a size other than the default values for a Diffie Hellman DSS key the fast key generation option is not used and it may take hours to generate your key at larger sizes Eventually the PGP Key Generation Wizard indicates that the key generation process is complete PGP Desktop Security Making and Exchanging Keys 13 Click Next to advance to the next pane The PGP Key Generation Wizard indicates that you have successfully generated a new key pair and asks if you want to send your public key to a certificate server 14 Specify whether you want your new public key to be sent to the server and then click Next the default server is specified in the Server Options dialog box When you send your public key to the certificate server anyone who has access to that certificate server can get a copy of your key when they need it For complete details see Distributing y
224. nents involves the remote detection of the electromagnetic signals from your computer This expensive and somewhat labor intensive attack is probably still cheaper than direct cryptanalytic attacks An appropriately instrumented van can park near your office and remotely pick up all of your keystrokes and messages displayed on your computer video screen This would compromise all of your passwords messages and so on This attack can be thwarted by properly shielding all of your computer equipment and network cabling so that it does not emit these signals This shielding technology known as Tempest is used by some government agencies and defense contractors There are hardware vendors who supply Tempest shielding commercially Some newer versions of PGP after version 6 0 can display decrypted plaintext using a specially designed font that may have reduced levels of radio frequency emissions from your computer s video screen This may make it harder for the signals to be remotely detected This special font is available in some versions of PGP that support the Secure Viewer feature Protecting against bogus timestamps 250 A somewhat obscure vulnerability of PGP involves dishonest users creating bogus timestamps on their own public key certificates and signatures You can skip over this section if you are a casual user and aren t deeply into obscure public key protocols PGP Desktop Security Phil Zimmermann on PGP There s no
225. net Set Adapter Ba Please select the network adapter you want secured E3 4 Remote Access WAN Wrapper E3 1 3Com Megahertz LAN PC Card Ethernet Figure 8 17 Set Adapter Selection Dialog 6 Reboot your machine this is mandatory for any network functionality to occur 202 PGP Desktop Security PGPnet Virtual Private Networking To resecure a network interface after a bindings review Windows NT 1 Reboot your machine when prompted 2 On reboot Set Adapter will automatically start up and ask you to select an adapter for PGPnet to bind to 3 Select the appropriate network interface PGP review s your machine s bindings and prompts you to reboot your machine Reboot your machine this is mandatory for any network functionality to occur User s Guide 203 PGPnet Virtual Private Networking 204 PGP Desktop Security Creating a VPN with PGPnet 9 This chapter describes one way to use PGPnet to establish a VPN with a Gauntlet Firewall using its GVPN feature For the example in this chapter we will be creating a trusted link between the two devices using IKE Client mode and certificate based authentication This type of VPN configuration is suitable for situations where a company employee is accessing the corporate network through a firewall over the Internet using an Internet Service Provider or if they get their IP address dynamically via DHCP for example Topology The topology of such a
226. ng 166 The bottom line of the PGPnet window the Status bar displays messages that relate to PGPnet s status on the left and the number of active SAs on the right The following messages may appear in the Status bar Table 8 1 Status Messages Message Description status On user logged on status On user logged off status no logon required status Off driver not installed service not running service not responding PGP Desktop Security PGPnet is on user is logged on PGPnet is on user is logged off Occurs when no authentication key is set User turned PGPnet off The PGPnet driver is not responding to the service Reboot your system If the driver still does not respond reinstall PGPnet If PGPnet continues to display this message contact NAI Technical Support The PGPnet service is not running Reboot your system If PGPnet continues to display this message reinstall PGPnet If these actions do not resolve this problem contact NAI Technical Support The PGPnet service is running but it is not responding to messages from the application Reboot your system If PGPnet continues to display this message reinstall PGPnet If these actions do not resolve this problem contact NAI Technical Support PGPnet Virtual Private Networking Using PGPnet from PGPtray Use PGPnet s submenu in PGPtray in the Windows system tray to perform the following tasks To Do this Display the Log
227. ng a key the preferred cipher is recorded as part of the key so that other people will use that algorithm when encrypting to you The Allowed Algorithm choice affects the following e When creating a key the allowed ciphers are recorded as part of the key so that other people will use one of those algorithms when encrypting to you if the preferred algorithm is not available to them User s Guide 133 Managing Keys and Setting PGP Options NOTE Encrypting to a public key will fail if neither the Preferred Algorithm nor any of the Allowed Algorithms are available to the person encrypting the message z4 WARNING Use the CAST IDEA and Triple DES checkboxes only if you have suddenly learned that a particular algorithm is insecure For example if you become aware that Triple DES has been broken you can deselect that checkbox and all new keys you generate will have a record that Triple DES may not be used when encrypting to you PGP gives you the option to select and or change how key trust is displayed and whether or not you wish to be warned whenever you encrypt a message to a public key that has an associated Additional Decryption Key In the Trust Model section choose from these options e Display marginal validity level Use this checkbox to specify whether to display marginally valid keys as such or simply to show validity as on or off Marginal validity appears as bar icons having differing shading
228. ng bar to choose the appropriate level of trust for the key pair Trust Model Invalid Valid Untrusted Trusted Figure 6 9 Trust Level dialog box 5 Close the dialog box to accept the new setting If you give a key with a photo a high level of trust PGP removes the red question mark from the photograph Disabling and enabling keys Sometimes you may want to temporarily disable a key The ability to disable keys is useful when you want to retain a public key for future use but you don t want it cluttering up your recipient list every time you send mail To disable a key 1 Open PGPkeys 2 Select the key you want to disable 3 Select Disable in the Keys menu The key is dimmed and is temporarily unavailable for use To enable a key 1 Open PGPkeys 2 Select the key you want to enable 3 Select Enable in the Keys menu The key becomes visible and can be used as before User s Guide 119 Managing Keys and Setting PGP Options Importing and Exporting Keys Although you often distribute your public key and obtain the public keys of others by cutting and pasting the raw text from a public or corporate key server you can also exchange keys by importing and exporting them as separate text files For instance someone could hand you a disk containing their public key or you might want to make your public key available over an FTP server To import a key from a file 1 2 Open PGPkeys Choose Impor
229. nging public keys refer to Distributing your public key on page 66 and Obtaining the public keys of others on page 70 Validate public keys Once you have a copy of someone s public key you can add it to your public keyring You should then check to make sure that the key has not been tampered with and that it really belongs to the purported owner You do this by comparing the unique fingerprint on your copy of someone s public key to the fingerprint on that person s original key When you are sure that you have a valid public key you sign it to indicate that you feel the key is safe to use In addition you can grant the owner of the key a level of trust indicating how much confidence you have in that person to vouch for the authenticity of someone else s public key For more information about validating your keys refer to Verifying the authenticity of a key on page 74 Encrypt and sign your email and files After you have generated your key pair and have exchanged public keys you can begin encrypting and signing email messages and files PGP works on the data generated by other applications Therefore the appropriate PGP functions are designed to be immediately available to you based on the task you are performing at any given moment There are several ways to encrypt and sign with PGP e From the System tray PGPtray PGPtray includes utilities to perform cryptographic tasks on data on the Clipboard o
230. niverse on average to break a single message William Crowell Deputy Director National Security Agency March 20 1997 No data security system is impenetrable PGP can be circumvented ina variety of ways In any data security system you have to ask yourself if the information you are trying to protect is more valuable to your attacker than the cost of the attack This should lead you to protect yourself from the cheapest attacks while not worrying about the more expensive attacks Some of the discussion that follows may seem unduly paranoid but such an attitude is appropriate for a reasonable discussion of vulnerability issues Compromised passphrase and private key Probably the simplest attack comes if you leave the passphrase for your private key written down somewhere If someone gets it and also gets your private key file they can read your messages and make signatures in your name Here are some recommendations for protecting your passphrase 1 Don t use obvious passphrases that can be easily guessed such as the names of your kids or spouse 2 Use spaces and a combination of numbers and letters in your passphrase If you make your passphrase a single word it can be easily guessed by having a computer try all the words in the dictionary until it finds your password That s why a passphrase is so much better than a password A more sophisticated attacker may have his computer scan a book of famous quotations to f
231. ns 00 cece eee ee eee 31 Using PGPtray so ste cscs cere eee ee ee ws we ee cae eee A 33 Performing PGP functions from the Clipboard or Current Window 34 Using PGP from Windows Explorer 0 00 c ee eee eee eee 35 Using PGPtOols occ koe te eee ee te be ee oe ele ee ee 35 Using PGP within supported email applications 36 Using PGP MIME 2 20 02 eee eee eee 37 Selecting recipients for encrypted files or email 37 Taking Shortcuts 2 2 0 ie ee ee ee ee ee eee 37 Getting Help 2c icccc eee teed teats pean ieee eae oe 38 Chapter 3 Making and Exchanging Keys 2000ee0e 39 Key COnCepts i cess iee sie ee eee E binn aA REONE eA ee cewek 39 User s Guide v Table of Contents Making a key pair 000 eee eee eee eee eee eens 40 Creating a passphrase that you will remember 2 55 45 Backing up your keyS 000 cece eee eee eee eee 46 Protecting your keyS 2 0 02 s000 see ee tee sbeebs eee eee eee ees 46 Adding and removing information in your key pair 2 0055 47 Adding a photographic ID to your key 22000e eee eeee 47 Creating new subkeyS 20 00 cece eee eee eee eee 49 Adding a new user name or address to your key pair 51 Adding a designated revoker 000 eee eee e eee eee 52 Adding an X 509 certificate to your PGP key 2 0000005 53 Changing your
232. nstall PGP on a Windows 95 Widows 98 or Windows NT system you must have e Windows 95 Windows 98 or Windows NT 4 0 Service Pack 3 or later e 32 MB RAM e 16 MB Hard Disk Space If you plan to run PGPnet on the system you must also have e Microsoft TCP IP e A compatible LAN WAN network adapter e Windows 95b OSR2 if you are installing on a Windows 95 system User s Guide 19 Installing PGP Compatibility with other versions PGP has gone through many revisions since it was released by Phil Zimmermann as a freeware product in 1991 Although this version of PGP represents a significant rewrite of the original program and incorporates a completely new user interface it has been designed to be compatible with earlier versions of PGP This means that you can exchange secure email with people who are still using these older versions of the product e PGP 2 6 Distributed by MIT e PGP for Personal Privacy Version 5 0 5 5 e PGP for Business Security or PGP for Email and Files Version 5 5 e PGP Desktop Security or PGP for Personal Privacy Version 6 0 NOTE PGP desktop products that are version 5 0 and later may require the RSA add on for backward compatibility Upgrading from a previous version If you are upgrading from a previous version of PGP from PGP Inc Network Associates Inc or ViaCrypt you may want to remove the old program files before installing PGP to free up some disk space However you
233. nt site If you do not know the URL consult your company s PGP or PKI administrator 2 Click the Download a CA Certificate link From the drop down list select a certificate authority and the appropriate certificate 3 Click Examine this Certificate and copy the key block for the Root CA certificate and paste it into PGPkeys The Import Key dialog box appears and imports the Root CA certificate into your keyring 4 Sign the Root CA certificate with your key to make it valid then open the Key Properties and set the trust level Trust must be set on the Root CA 2 Configure CA Options panel To do this follow these steps User s Guide 53 Making and Exchanging Keys 5 Select Options from the PGPkeys Edit menu then click on the CA tab The CA panel appears as shown in Figure 3 7 PGP Options RES General Files Email Hotkeys Servers CA Advanced r Certificate Authority URL Revocation URL Type Net Tools PKI Server x Root Certificate L Clear Certificate Select Certificate Figure 3 7 PGP Options dialog box CA Panel 6 Enter the CA s URL in the Certificate Authority URL text box for example https nnn nnn nnn nnn nnnnn this is the same URL you used to retrieve the Root CA 7 If there is a separate URL for retrieving certificate revocation lists CRLs enter it in the corresponding text box If you do not know the URL for Revocation
234. ntications appear on the Log panel and each entry displays the key ID NOTE When this box is active checked and a PGP Key is selected as the Remote Authentication method Host Gateway dialog both requirements apply the machine must present the correct key and the key must also be valid User s Guide 189 PGPnet Virtual Private Networking Cache passphrases between logins Use this feature View gt Options gt General to request PGPnet to cache passphrases between machine logins e When this feature is active checked PGPnet retains passphrases that you enter if you log off of Windows and then log on again you are not required to re enter passphrases e When this feature is inactive not checked passphrases are dumped when you log off of Windows When you log on again you must re enter passphrases NOTE This applies only when logging on and logging off of Windows When this feature is active and you logoff Windows and logon as a different user you do not have to re enter passphrases This does not apply to PGPnet logins and logoffs Note that the use of a key with no passphrase eliminates the need to cache passphrases You might use a key with no passphrase if you have a machine which is automated for example a server e Ifyou want PGPnet to cache passphrases between machine logins check this box e If you do not want PGPnet to cache passphrases between mach
235. ntify yourself to the remote computer applies only if shared secret authentication is used IP Address Host Domain Name User Domain Name or Distinguished Name IP Address by the IP address of this computer nnn nnn nnn nnn Host Domain Name by the host domain name of this computer computerName nameOfNetwork User Domain Name by a user and host domain name which you specify for example username computerName nameOfNetwork Distinguished Name by a text string which you specify such as CN Bob Jones C US _O Acme _Inc Click Next If you select User Domain Name or Distinguished Name enter the name Click Next The wizard adds the entry to your hosts list Click Finish Adding a gateway Use PGPnet s Add Host wizard to add a secure gateway entry to the host list 1 2 In the PGPnet main window click the Hosts tab Click Add or Alt A PGPnet displays the Add Host wizard Read the first screen and click Next The wizard asks you if you want to add a host subnet or gateway Click the radio button next to Gateway and Click Next Enter a descriptive name for the gateway with which you want to communicate securely Click Next Enter either the host domain name or the IP Address for the gateway Click Next The wizard searches for your entry If the wizard is unable to locate your entry click Back return to the previous screen and re enter the name or IP address Click Next when the ap
236. nvalid Although you can rejoin the split key with an invalid authenticating key it is not recommended You should verify each shareholder s fingerprint and sign their public key to ensure that the authenticating key is legitimate Click Confirm to accept the share file Continue collecting key shares until the value for Total Shares Collected matches the value for Total Shares Needed in the Key Shares Collection dialog box Click OK The file is signed or decrypted with the split key To send your key share over the network 1 When you are contacted by the person who is rejoining the split key make sure that you have these items your key share file and password your keypair for authentication to the computer that is collecting the key shares anetwork connection PGP Desktop Security Making and Exchanging Keys the IP address or Domain Name of the rejoining computer collecting the key shares 2 Select Send Key Shares on the PGPkeys File menu The Select Share File dialog box appears 3 Locate your key share and then click Open The PGP Enter Passphrase dialog box appears 4 Enter your passphrase and then click OK The Send Key Shares dialog box appears as shown in Figure 3 15 Send Key Shares 2X Share File Beth Shares fi Remote Address 123 123123 12 Network Status Not Connected Authenticated Send Shares Cancel Figure 3 15 Send Key Shares dialog box 5 Enter the IP ad
237. ny com gt Select Key Clear Key Unknown certificate keyid is 0 519828E9 Select Certificate Clear Certificate Cancel Help Figure 8 11 The Authentication Panel The following table describes the buttons on the Authentication panel Button Browse buttons Use My PGP Keyring Files Select Key Clear Key Select Certificate Clear Certificate Description Displays Select Public Keyring File dialog and Select Private Keyring File dialog Use these dialog boxes to select your public and private PGPnet keyring files as your active authentication keyring Instructs PGPnet to use your PGP Keyring files as your active authentication keyring Displays the PGP Key Selection dialog Use this dialog box to select a key pair with which to authenticate your machine You must then enter the passphrase for the selected key Clears the selected PGP key Displays the Certificate Selection dialog Use this dialog box to select an X 509 certificate with which to authenticate your machine You must then enter the passphrase for the key to which the certificate is attached Clears the selected X 509 certificate User s Guide 193 PGPnet Virtual Private Networking Advanced Panel z4 WARNING The default settings on this panel allow you to communicate with PGPnet or strong crypto GVPN users Do not change the settings unless you are an experienced IPSec user The Advanced Panel View
238. ny years squashed essentially all commercial efforts to develop effective secure telephones for the general public The principal job of the United States government s National Security Agency is to gather intelligence principally by covertly tapping into people s private communications see James Bamford s book The Puzzle Palace The NSA has amassed considerable skill and resources for cracking codes When people can t get good cryptography to protect themselves it makes NSA s job much easier NSA also has the responsibility of approving and recommending encryption algorithms Some critics charge that this is a conflict of interest like putting the fox in charge of guarding the hen house In the 1980s NSA had been pushing a conventional encryption algorithm that they designed the COMSEC Endorsement Program and they won t tell anybody how it works because that s classified They wanted others to trust it and use it But any cryptographer can tell you that a well designed encryption algorithm does not have to be classified to remain secure Only the keys should need protection How does anyone else really know if NSA s classified algorithm is secure It s not that hard for NSA to design an encryption algorithm that only they can crack if no one else can review the algorithm There are three main factors that have undermined the quality of commercial cryptographic software in the United States PGP Desktop Security Phil Z
239. o answer the second question you must tell PGP explicitly When you supply the answer to question 2 PGP can then calculate the answer to question 1 for other keys signed by the introducer you designated as trusted Keys that have been certified by a trusted introducer are deemed valid by PGP The keys belonging to trusted introducers must themselves be certified either by you or by other trusted introducers PGP also allows for the possibility of your having several shades of trust for people to act as introducers Your trust for a key s owner to act as an introducer does not just reflect your estimation of their personal integrity it should also reflect how competent you think they are at understanding key management and using good judgment in signing keys You can designate a PGP Desktop Security Phil Zimmermann on PGP person as untrusted marginally trusted or completely trusted to certify other public keys This trust information is stored on your keyring with their key but when you tell PGP to copy a key off your keyring PGP does not copy the trust information along with the key because your private opinions on trust are regarded as confidential When PGP is calculating the validity of a public key it examines the trust level of all the attached certifying signatures It computes a weighted score of validity tfor example two marginally trusted signatures are deemed to be as credible as one fully trusted signature The pr
240. o your private key Given the ease with which computers are accessible over networks if you are working with extremely sensitive information you may want to keep your private key ona floppy disk which you can insert like an old fashioned key whenever you want to read or sign private information As another security precaution consider assigning a different name to your private keyring file and then storing it somewhere other than in the default PGP folder where it will not be so easy to locate Use the Files panel of the PGPkeys Options dialog box to specify a name and location for your private and public keyring files Adding and removing information in your key pair At any time you can add change or remove these items in your key pair e a photographic ID e additional subkeys e auser name and address e designated revokers e an X 509 certificate e your passphrase Adding a photographic ID to your key You can include a photographic user ID with your Diffie Hellman DSS key z WARNING Although you can view the photographic ID accompanied with someone s key for verification you should always check and compare the digital fingerprints See Verifying someone s public key on page 114 for more information about authentication To add your photograph to your key 1 Open PGPkeys 2 Select your key pair and then click Add Photo on the Keys menu User s Guide 47 Making and Exchanging Keys The Add Photo
241. od idea to keep your own public key on hand with a collection of certifying signatures attached from a variety of introducers in the hope that most people will trust at least one of the introducers who vouch for the validity of your public key You could post your key with its attached collection of certifying signatures on various electronic bulletin boards If you sign someone else s public key return it to them with your signature so that they can add it to their own collection of credentials for their own public key Make sure that no one else can tamper with your own public keyring Checking a newly signed public key certificate must ultimately depend on the integrity of the trusted public keys that are already on your own public keyring Maintain physical control of your public keyring preferably on your own personal computer rather than on a remote time sharing system just as you would do for your private key This is to protect it from tampering not from disclosure Keep a trusted backup copy of your public keyring and your private key on write protected media User s Guide 237 Phil Zimmermann on PGP Since your own trusted public key is used as a final authority to directly or indirectly certify all the other keys on your keyring it is the most important key to protect from tampering You may want to keep a backup copy ona write protected floppy disk PGP generally assumes that you will maintain physical security over
242. ogram s skepticism is adjustable for example you can tune PGP to require two fully trusted signatures or three marginally trusted signatures to judge a key as valid Your own key is axiomatically valid to PGP needing no introducer s signature to prove its validity PGP knows which public keys are yours by looking for the corresponding private keys on the private key PGP also assumes that you completely trust yourself to certify other keys As time goes on you will accumulate keys from other people whom you may want to designate as trusted introducers Everyone else will choose their own trusted introducers And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people with the expectation that anyone receiving it will trust at least one or two of the signatures This will cause the emergence of a decentralized fault tolerant web of confidence for all public keys This unique grass roots approach contrasts sharply with standard public key management schemes developed by government and other monolithic institutions such as Internet Privacy Enhanced Mail PEM which are based on centralized control and mandatory centralized trust The standard schemes rely on a hierarchy of Certifying Authorities who dictate who you must trust The program s decentralized probabilistic method for determining public key legitimacy is the centerpiece of its key management architecture PGP
243. ogram and archive the remaining files especially the configuration and keyring files 4 Install PGP version 6 5 1 using the provided installer 5 Restart your computer To upgrade from PGP Version 5 x If you are upgrading from PGP version 4 x or 5 x follow the installation instructions outlined in Installing PGP below User s Guide 21 Installing PGP Installing PGP You can install the PGP Desktop Security software from a CD ROM or from your company file server The self extracting file Setup exe automatically extracts and steps you through the installation After you install the software you can create your private and public key pair and begin using PGP Refer to the PGPWinUsersGuide pdf file included with the program for instructions on using PGP To install PGP Desktop Security for Windows systems carefully follow the steps outlined below To install PGP 1 Exitall programs currently running on your computer then do one of the following e To install from a CD ROM insert it into the CD ROM drive The Setup program automatically starts If however the Setup program does not initiate double click Setup exe in the PGP folder on the CD ROM e To install from your company file server contact your security officer for information about the server from which to download PGP Log on to the server Double click Setup exe in the PGP folder to start the Setup program 2 The Setup program searches fo
244. ompany com gt F Ge Carl lt carl company com gt 7 G Dave lt dave company com gt 4 Elle lt elle company com gt Gwen lt gwen company com re Gwen lt qwen company com gt 32 Photograph E Iris lt iris company com gt 2048 1024 DH DSS public key Iris lt iris company com gt User ID 2 Iris lt iris company com gt DSS exportable signature Jack lt jack company com gt 2048 1024 DH DSS key pair Jack lt jack company com gt User ID a Jack lt jack company com gt DSS exportable signature Dave lt dave company com gt DSS signature Beth lt beth company com gt DSS signature 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair RSA public key DH DSS key pair User ID Photograph ESOR OES OOOO 1 keys selected Figure 3 2 PGPkeys 2 Click in the PGPkeys menu bar The PGP Key Generation Wizard provides some introductory information on the first screen 3 When youare finished reading this information click Next to advance to the next pane The PGP Key Generation Wizard asks you to enter your name and email address 4 Enter your name on the first line and your email address on the second line It s not absolutely necessary to enter your real name or even your email address However using your real name makes it easier for others to identify you as the owner of your public key Also
245. on Protocol Encryption Authentication Expires Max Data 6111 222 33 20 ESP CAST HMACSHA 3 26 01 1 08 34 AM gt PGPnet On C Off Save 1 active SAs status On user logged on Figure 8 4 The Status Panel Use the Save feature to save a list of active SAs for diagnostic purposes To save the list of SAs to a tab delimited text file click Save Use the Remove feature to remove an SA Remove an SA when you think that it has been compromised if you know that the target host is down or for any reason that you think the connection should be terminated Use On and Off to turn PGPnet on or off You can also click the Log tab to view recent log entries Viewing the Log Panel 170 The Log panel shows system and service errors when they occurred date and time and a description of the error Use this information to help resolve problems that occur see Figure 8 5 on page 171 Use the Show Events check boxes to select the types of events that you want to view Service IKE IPSec PGP and or System To instruct PGPnet to display a specific kind of event click the checkbox next to the event type Use Save to save current log information to a text file Use Clear to clear current log information from the log file and screen PGP Desktop Security PGPnet Virtual Private Networking PGPnet File View Help lolx Status Hosts l Show Events V Service M
246. on is not supported by the plug ins you can copy the message to the clipboard and perform the appropriate functions from there If you want to decrypt and verify files you can do so from the Clipboard Windows Explorer or by using PGPtools You can also decrypt encrypted files stored on your computer and verify signed files to ensure that they have not been tampered with For more information about securing email refer to Decrypting and verifying email on page 85 For more information about securing files refer to Using PGP to encrypt and decrypt files on page 89 Wipe files When you need to permanently delete a file you can use the Wipe feature to ensure that the file is unrecoverable The file is immediately overwritten so that it cannot be retrieved using disk recovery software For more information about wiping files refer to Using PGP Wipe to delete files on page 99 User s Guide 29 Using PGP Using PGPkeys Figure 2 1 When you choose PGPkeys from PGPtray the PGPkeys window opens Figure 2 1 showing the private and public key pairs you have created for yourself as well as any public keys of other users that you have added to your public keyring PGPkeys 49 PGPkeys lolx File Edit View Keys Server Groups Help ZX AJAH SH 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 1024 DH DSS key pair 2048 RSA public key 2046 4 DSS key pair User ID Photograph
247. ools can be used to securely wipe the data ina file before it is deleted to negate the possibility of the data ever being recovered Many programs create temporary files while you edit the contents of the documents These files are deleted when you close the documents but the actual document data is left scattered about your drive To help reduce the chance that your document s data can later be recovered Network Associates recommends that you securely wipe the free space on your drives as well as securely deleting sensitive documents To wipe free space on your disks amp WARNING Before running the PGP Free Space Wiper file sharing must be turned off and all applications on the volume or disk that you want to wipe must be closed 1 Open PGPtools 2 Click the Wipe Free Space button c3 p in PGPtools The PGP Free Space Wiper Welcome screen appears 3 Read the information carefully then click Next to advance to the next dialog box The PGP Free Space Wiper prompts you to select the volume you want to wipe and the number of passes you want to perform 4 Inthe Volume box select the disk or volume that you want PGP to wipe Then select the number of passes that you want PGP to perform The recommended guidelines are PGP Desktop Security Using PGP for Secure File Storage e 3 passes for personal use e 10 passes for commercial use e 18 passes for military use e 26 passes for maximum security
248. orgeable digital signature standard that would preclude anyone from repudiating their signatures That has distinct benefits for law enforcement and intelligence gathering Also SHA has been published in the open literature and has been extensively peer reviewed by most of the best cryptographers in the world who specialize in hash functions and the unanimous opinion is that SHA is extremely well designed It has some design innovations that overcome all the observed weaknesses in message digest algorithms previously published by academic cryptographers All new versions of PGP use SHA as the message digest algorithm for creating signatures with the new DSS keys that comply with the NIST Digital Signature Standard For compatibility reasons new versions of PGP still use MD5 for RSA signatures because older versions of PGP used MD5 for RSA signatures PGP Desktop Security Phil Zimmermann on PGP The message digest algorithm used by older versions of PGP is the MD5 Message Digest Algorithm placed in the public domain by RSA Data Security Inc MDS is a 128 bit hash algorithm In 1996 MD5 was all but broken by a German cryptographer Hans Dobbertin Although MD5 was not completely broken at that time it was discovered to have such serious weaknesses that no one should keep using it to generate signatures Further work in this area might completely break it allowing signatures to be forged If you don t want to someday find your PGP digital
249. ornia Texas and Florida Each of the branch offices send weekly sales reports to the home office Before Company A installed a VPN each of the branch offices dialed a corporate phone number to transmit the sales report to the home office After Company A installed their VPN the branches could connect to the Internet via their local Internet Service Provider ISP connect to the home office s intranet via the Internet and use the VPN to transmit the data What was previously a costly long distance call is now a local call And there is a big bonus an increased level of security and privacy Data is protected as it travels from sender to receiver through the ISP Internet and any routers and gateways on its path A VPN gives users data privacy data integrity and data origin authentication User s Guide 157 PGPnet Virtual Private Networking Companies that install VPNs can also use them to make their internal data available to trusted companies and individuals for example suppliers and consultants This arrangement can save all parties time money and other resources In addition to letting legitimate users send and receive data securely a VPN used in conjunction with a firewall keeps unwanted users off your intranet A firewall controls the machines that an external host can see on a company s intranet and the services that the host can access A firewall also controls the machines that a host on a company s intranet can
250. ory while the disk is mounted This key is protected from virtual memory however if a certain section of memory stores the exact same data for extremely long periods of time without being turned off or reset that memory tends to retain a static charge which could be read by attackers If your PGPdisk is mounted for long periods over time detectable traces of your key could be retained in memory You won t find such devices at your neighborhood electronics shop but major governments are likely to have a few PGPdisk protects against this by keeping two copies of the key in RAM one normal copy and one bit inverted copy and inverting both copies every few seconds Other security considerations In general the ability to protect your data depends on the precautions you take and no encryption program can protect you from sloppy security practices For instance if you leave your computer on with sensitive files open when you leave your desk anyone can access that information or even obtain the key used to access the data Here are some tips for maintaining optimal security e Make sure that you unmount PGPdisk volumes when you leave your computer This way the contents will be safely stored in the encrypted file associated with the volume until you are ready to access it again 154 PGP Desktop Security PGPdisk Use a screen saver with a password option so that it is more difficult for someone to access your machine or see your
251. ou to run huge programs on your computer that are bigger than the space available in your computer s semiconductor memory chips This is handy because software has become more and more bloated since graphical user interfaces became the norm and users started running several large applications at the same time The operating system uses the hard disk to store portions of your software that aren t being used at the moment This means that the operating system might without your knowledge write out to disk some things that you thought were kept only in main memory things like keys passphrases and decrypted plaintext PGP does not keep that kind of sensitive data lying around in memory for longer than necessary but there is some chance that the operating system could write it out to disk anyway The data is written out to some scratchpad area of the disk known as a swap file Data is read back in from the swap file as needed so that only part of your program or data is in physical memory at any one time All this activity is invisible to the user who just sees the disk chattering away Microsoft Windows swaps chunks of memory called pages using a Least Recently Used LRU page replacement algorithm This means pages that have not been accessed for the longest period of time are the first ones to be swapped to the disk This approach suggests that in most cases the risk is fairly low that sensitive data will be swapped out to disk because PG
252. ounted and the data in the encrypted file is made accessible The volume appears in Windows Explorer tree of folders Alternatively you can also mount a volume without running the PGPdisk program Instead you can simply double click on the name of the encrypted file or its icon from the Finder or you can drag the file onto the PGPdisk program icon Using a mounted PGPdisk volume You can create copy move and delete files and folders on a PGPdisk volume just as you normally do with any other volume Similarly anyone else who has access to the volume either on the same machine or perhaps over the network can also access the data stored in the volume It is not until you unmount the volume that the data in the encrypted file associated with the volume is made inaccessible z4 WARNING Although the encrypted file associated with each volume is safe from snooping it can still be deleted If an unauthorized person is able to access your data he or she could potentially delete the encrypted file upon which the volume is based It is a good idea to keep a backup copy of the encrypted file 146 PGP Desktop Security PGPdisk Unmounting a PGPdisk volume After you are through accessing a given volume and you want to lock its contents you need to unmount the volume You cannot unmount a volume that has any open files To unmount a PGPdisk volume 1 Close all files in the PGPdisk volume that you want to unmount 2 Select
253. our email message as you normally would 2 When you have finished composing the text of your email message click to encrypt the text of your message then click to sign the message PGP Desktop Security Sending and Receiving Secure Email NOTE If you know that you are going to use PGP MIME regularly you can leave this turned on by selecting the appropriate settings in the Email panel of the Options dialog box 3 Send your message as you normally do If you have a copy of the public keys for every one of the recipients the appropriate keys are used However if you specify a recipient for whom there is no corresponding public key or one or more of the keys have insufficient validity the PGP Key Selection dialog box appears Figure 4 1 so that you can specify the correct key mz PGP Key Selection Dialog 24 x Drag users from this list to the Recipients list Validit Size l f Abe lt abe company com gt 4096 1024 Beth lt beth company com gt 2049 1024 t Carl lt carl company com gt 2048 1024 Dave lt dave company com gt 3072 1024 Elle lt elle company com gt 3072 1024 Frank lt frank company com gt 2048 1024 f Gwen lt qwen company com gt 2049 1024 f JHoward lt howard company com gt 2048 1024 Recipients CS vy Se Iris lt iris company com gt 2048 1024 re Jack lt jack company com gt 2048 1024 I Text Output Cance
254. our public key on page 66 When the key generation process is complete the final panel appears 15 Click Finish A key pair representing your newly created keys appears in the PGPkeys window At this point you can examine your keys by checking their properties and the attributes associated with the keys you may also want to add other email addresses that belong to you See Adding and removing information in your key pair on page 47 for details about modifying the information in your keypair Creating a passphrase that you will remember Encrypting a file and then finding yourself unable to decrypt it is a painful lesson in learning how to choose a passphrase you will remember Most applications require a password between three and eight letters A single word password is vulnerable to a dictionary attack which consists of having a computer try all the words in the dictionary until it finds your password To protect against this manner of attack it is widely recommended that you create a word that includes a combination of upper and lowercase alphabetic letters numbers punctuation marks and spaces This results in a stronger password but an obscure one that you are unlikely to remember easily We do not recommend that you use a single word passphrase A passphrase is less vulnerable to a dictionary attack This is accomplished easily by using multiple words in your passphrase rather than trying to thwart a dictionary attack by
255. our public key by using some new secret mathematical breakthrough But civilian academia has been intensively attacking public key cryptography without success since 1978 Perhaps the government has some classified methods of cracking the conventional encryption algorithms used in PGP This is every cryptographer s worst nightmare There can be no absolute security guarantees in practical cryptographic implementations PGP Desktop Security Phil Zimmermann on PGP Still some optimism seems justified The public key algorithms message digest algorithms and block ciphers used in PGP were designed by some of the best cryptographers in the world PGP s algorithms has had extensive security analysis and peer review from some of the best cryptanalysts in the unclassified world Besides even if the block ciphers used in PGP have some subtle unknown weaknesses PGP compresses the plaintext before encryption which should greatly reduce those weaknesses The computational workload to crack it is likely to be much more expensive than the value of the message If your situation justifies worrying about very formidable attacks of this caliber then perhaps you should contact a data security consultant for some customized data security approaches tailored to your special needs In summary without good cryptographic protection of your data communications it may be practically effortless and perhaps even routine for an opponent to intercept yo
256. ownload it from the Microsoft website http www microsoft com To schedule freespace wiping 1 Follow steps 1 5 in To wipe free space on your disks on page 100 The Perform Wipe dialog box opens as shown in Figure 5 6 and displays statistical information about the drive or volume you selected Wipe Free Space Perform Wipe x Disk Statistics for Drive E File System FAT 16 Number of Clusters 65505 Sectors per Cluster 64 Bytes per Sector 512 Total Capacity 2096160 K Pass 1 3 f Press Begin Wipe button to start wiping Begin Wipe Schedule Cancel Figure 5 7 Free Space Wiper Perform Wipe dialog box 2 Click the Schedule button to start freespace wiping your disk or volume The Schedule Free Space Wipe dialog box appears 3 Click OK to continue If you are running Windows NT the Windows NT Confirm Password dialog box appears 102 PGP Desktop Security Using PGP for Secure File Storage Enter your Windows NT login password in the first text box Press the TAB key to advance to the next text box and confirm your entry by entering your password again Click OK The Windows Task Schedule dialog box appears as shown in Figure a8 Please review edit the schedule for this job x Schedule Be At 4 30 PM every day starting 5 6 99 Schedule Task Start time Dar 4 30 PM Advanced Schedule Task Daily Every fi 4 day s IF Show mu
257. panel Click on the PGPtray icon select PGPnet and click on Log Display the Status panel Click on the PGPtray icon select PGPnet and click on Status Display the Hosts panel Click on the PGPtray icon select PGPnet and click on Hosts Display the Options window Click on the PGPtray icon select PGPnet and click on Options Logon to PGPnet Click on the PGPtray icon select PGPnet and click Logon Dimmed if no authentication key is selected Logoff from PGPnet Click on the PGPtray icon select PGPnet and click Logoff Dimmed if no authentication key is selected Exit Click on the PGPtray icon and click on Exit PGPtray s icon Note that the look of the PGPtray icon tells you if PGPnet is off or not installed gray lock installed and on yellow lock on a network or installed but not working yellow lock on a network with a yellow circle and exclamation mark Placing the mouse pointer over the PGPtray icon invokes tool tips that display the status of PGPnet including descriptions of error messages such as service not installed Turning PGPnet off There may be times when you want to turn PGPnet off For example for diagnostic purposes Turning PGPnet off allows all communication with all machines to pass through unmodified and unsecured To turn PGPnet off click Off on the PGPnet window see Figure 8 3 on page 168 User s Guide 167 PGPnet Virtual Private Networking PGPnet BEE File View Help
258. passphrase 00 cece eee eee 56 Deleting a key or signature on your PGP keyring 58 Splitting and rejoining keyS 002 c eee 58 Creating a split key 00 cece eee eee 59 Rejoining split keyS cece eee eee eee 61 Distributing your public key 2 020 c cece ee 66 Making your public key available through a certificate server 66 Updating your key on a certificate server 67 Including your public key in an email message 69 Exporting your public key toa file 0 000 c eee eee eee eee 69 Obtaining the public keys of others 000 e eee eee ees 70 Getting public keys from a certificate server 70 Adding public keys from email messages 0 00005 72 Importing Keys s 56 6c eee ee ee ee eee ee eee 73 Verifying the authenticity of a key 00c cece e ee eee eee 74 Why verify the authenticity ofa key 2 200eee enue 74 Verify with a digital fingerprint 00 0c eee eee eee 74 Validating the public key 000 e eects 75 Working with trusted introducers 0 2002 cece eee eee 75 What is a trusted introducer 0 00 0c eee eee eee 75 What is a meta introducer 2000 c eee 76 Chapter 4 Sending and Receiving Secure Email 77 Encrypting and signing email 200 cece eee eee 77 Encrypting and signing with suppo
259. patterns On off validity appears as circle icons green for valid gray for invalid the key has not been validated it has not been signed by either a trusted introducer or by you e Treat marginally valid keys as invalid Use this checkbox to specify whether to treat all marginally valid keys as invalid Selecting this option causes the Key Selection dialog box to appear whenever you encrypt to marginally valid keys e Warn when encrypting to an ADK Use this checkbox to specify whether to issue a warning whenever an encrypt to key has an associated Additional Decryption Key e Export format Compatible Exports keys in a format compatible with previous versions of PGP Complete Exports the new key format which includes photographic IDs and X 509 certificates 134 PGP Desktop Security PGPdisk This chapter describes PGPdisk its features and provides instructions on how to use it What is PGPdisk PGPdisk is an easy to use encryption application that enables you to set aside an area of disk space for storing your sensitive data This reserved space is used to create a file called a PGPdisk volume Although itis a single file a PGPdisk volume acts very much like a hard disk in that it provides storage space for your files and applications You can think of it like a floppy disk or an external hard disk To use the applications and files stored in the volume you mount it or make it accessible to you When a PGPd
260. pe or by selecting Decrypt Verify Fs from PGPtools You can also access the PGPkeys window at any time while composing or retrieving your mail by clicking the PGPkeys button in some plug ins 36 PGP Desktop Security Using PGP Using PGP MIME If you are using an email application with one of the plug ins that supports the PGP MIME standard and you are communicating with another user whose email application also supports this standard both of you can automatically encrypt and decrypt your email messages and any attached files when you send or retrieve your email All you have to do is turn on the PGP MIME encryption and signing functions from the PGP Options dialog box When you receive email from someone who uses the PGP MIME feature the mail arrives with an attached icon in the message window indicating that it is PGP MIME encoded To decrypt the text and file attachments in PGP MIME encapsulated email and to verify any digital signatures you simply double click the lock and quill amp icon Attachments are still encrypted if PGP MIME is not used but the decryption process is usually more involved for the recipient Selecting recipients for encrypted files or email When you send email to someone whose email application is supported by the PGP plug ins the recipient s email address determines which keys to use when encrypting the contents However if you enter a user name or email address that does not correspo
261. pe and Freespace Wipe features User s Guide 247 Phil Zimmermann on PGP Viruses and Trojan horses 248 Another attack could involve a specially tailored hostile computer virus or worm that might infect PGP or your operating system This hypothetical virus could be designed to capture your passphrase or private key or deciphered messages and to covertly write the captured information to a file or send it through a network to the virus s owner Or it might alter PGP s behavior so that signatures are not properly checked This attack is cheaper than cryptanalytic attacks Defending against this kind of attack falls into the category of defending against viral infection generally There are some moderately capable antiviral products commercially available and there are hygienic procedures to follow that can greatly reduce the chances of viral infection A complete treatment of antiviral and antiworm countermeasures is beyond the scope of this document PGP has no defenses against viruses and assumes that your own personal computer is a trustworthy execution environment If such a virus or worm actually appeared hopefully word would soon get around warning everyone A similar attack involves someone creating a clever imitation of PGP that behaves like PGP in most respects but that doesn t work the way it s supposed to For example it might be deliberately crippled to not check signatures properly allowing bogus key certificates
262. ped a long track record but its formal design and the good reputations of its designers will undoubtedly attract the attentions and attempted cryptanalytic attacks of the rest of the academic cryptographic community I m getting nearly the same preliminary gut feeling of confidence from CAST that I got years ago from IDEA the cipher I selected for use in earlier versions of PGP At that time IDEA was also too new to have a track record but it has held up well The IDEA International Data Encryption Algorithm block cipher is based on the design concept of mixing operations from different algebraic groups It was developed at ETH in Zurich by James L Massey and Xuejia Lai and published in 1990 Early published papers on the algorithm called it IPES Improved Proposed Encryption Standard but they later changed the name to IDEA So far IDEA has resisted attack much better than other ciphers such as FEAL REDOC II LOKI Snefru and Khafre And IDEA is more resistant than DES to Biham and Shamir s highly successful differential cryptanalysis attack as well as attacks from linear cryptanalysis As this cipher continues to attract attack efforts from the most formidable quarters of the cryptanalytic world confidence in IDEA is growing with the passage of time Sadly the biggest obstacle to IDEA s acceptance as a standard has been the fact that Ascom Systec holds a patent on its design and unlike DES and CAST IDEA has not been made ava
263. pert Mode includes a DNS Lookup feature Use this feature to identify a host s IP address To use the DNS Lookup feature follow these steps 1 Click DNS Lookup PGPnet displays the DNS Lookup dialog box 2 Enter the host name of the system in the Host name to lookup field and click Lookup PGPnet searches for the IP address for the host name that you entered e If PGPnet finds the IP address it displays the IP address click Use to use the IP address in the Edit Host Gateway form e If PGPnet does not find an IP address for the host it advises you User s Guide 185 PGPnet Virtual Private Networking amp TIP You can enter the host name of the system in the name field of the Host Gateway dialog and click DNS Lookup The Lookup window appears click Lookup to look up the IP address of the host name you entered DNS Lookup 21x Host name to lookup computer company com Cancel Figure 8 9 The DNS Lookup Dialog Remote Authentication The controls in the Remote Authentication section of the Host Gateway dialog allow you to require the remote host to present a specific PGP key or X 509 certificate each time the host attempts to establish an SA with your host If the host attempts to establish a connection and does not present the specified key or certificate your machine will refuse the connection The default setting is Any valid key lt IMPORTANT If you select a specific PGP key or X 509 certificate
264. place a check in the box to the left of the hash function Check None with extreme caution or not at all as it tells PGPnet to accept proposals that do not include authentication from other users A compression function takes a fixed sized input and returns a shorter fixed sized output There are two types of compression LZS and Deflate To allow a specific type of compression place a check in the box to the left of the compression type PGP Desktop Security PGPnet Virtual Private Networking NOTE LZS and Deflate increase performance for low speed communications such as modems and ISDN LZS and Deflate decrease performance for fast speed communications for example cable modem DSL T 1 and T 3 This is due to the overhead of the compression routines Diffie Hellman is a key agreement protocol To allow a specific key size 1024 or 1536 place a check in the box to the left of the key size Term Description Ciphers An algorithm used to encrypt and decrypt Types CAST TripleDES When None is checked PGPnet accepts proposals that do not include authentication from other users Hashes A hash function takes a variable sized input string and converts it to a fixed sized output string Types SHA 1 Secure Hash Algorithm MD5 Message Digest Algorithm When None is checked PGPnet accepts proposals that do not include authentication from other users Diffie Hellman Key agreement protocol Sizes 102
265. propriate IP address is entered Select the communication method that you want to use when you communicate with this machine public key cryptographic security or shared secret passphrase based security Click Next If you selected shared secret security enter the passphrase Click Next y4 WARNING Unlike traditional PGP passphrases Shared Secret passphrases are stored on your computer unencrypted This presents a potential security risk PGP Desktop Security PGPnet Virtual Private Networking e If you selected shared secret security go to Step 7 e If you selected public key cryptographic security go to Step 8 7 Select how you want to identify yourself to the remote computer applies only if shared secret authentication is used IP Address Host Domain Name User Domain Name or Distinguished Name IP Address by the IP address of this computer nnn nnn nnn nnn Host Domain Name by the host domain name of this computer computerName nameOfNetwork User Domain Name by a user and host domain name which you specify for example username computerName nameOfNetwork Distinguished Name by a text string which you specify such as CN Bob Jones C US _O Acme _Inc Click Next If you select User Domain Name or Distinguished Name enter the name Click Next The wizard adds the entry for the secure gateway to your host list At this point you can elect to create a new host or subnet
266. pted This presents a potential security risk To avoid this risk use keys or certificates 1 Verify that each system has a network connection 2 Install PGPnet on both systems During installation you must select the appropriate network adapter for PGPnet For example if the network connection is via ethernet PGPnet must be bound to the ethernet adapter if the network connection is via modem then PGPnet must be bound to the modem adapter also known as the Remote Access WAN Wrapper or Dialup Adapter 3 After installing PGPnet reboot both systems 4 Both users must create an entry in PGPnet s host list for the other system You must know the other system s host name or IP address and agree on a shared secret passphrase For more information on configuring a secure host see Adding a host subnet or gateway on page 176 5 Click on the host s entry on the Hosts panel and click Connect If the connection is successful a green dot appears in the SA column User s Guide 175 PGPnet Virtual Private Networking Adding a host subnet or gateway NOTE If you are an experienced user please see Expert Mode Bypassing the wizard to add hosts gateways and subnets on page 185 If you are in a corporate environment with a PGPnet administrator many of the hosts subnets and gateways that you communicate with may have been preconfigured by your administrator Each preconfigured host subnet a
267. ptic physique preshrunk python ratchet rematch rhythm ruffled scorecard shadow slingshot snowslide spearhead spyglass stapler stormy swelter tiger transit tumor unwind village watchword accrue ahead ammo Athens backward beeswax bison bombast brickyard cement choking classroom concert crucial deadbolt dreadful Dupont eightball escape fallout framework glitter guidance indulge keyboard lockup mural nightbird orca playhouse printer quadrant rebirth repay ribcage sailboat Scotland shamrock slowdown solo spellbind stagehand steamship sugar tactics tissue trauma tunnel uproot virus wayside acme aimless ancient atlas banjo befriend blackjack bookshelf briefcase chairlift chopper cleanup cowbell crumpled deckhand drifter dwelling endorse exceed flagpole freedom glucose hamlet inverse kickoff merit music Oakland payday Pluto prowler quiver reform retouch ringbolt sawdust seabird showgirl snapline southward spheroid stagnate sterling surmount talon tonic treadmill tycoon upset Vulcan willow adrift Algol apple Aztec beaming Belfast blockade brackish Burbank chatter Christmas clockwork crackdown crusade dogsled dropper eating endow eyeglass flatfoot frighten goggles highchair involve kiwi minnow necklace obtuse peachy preclude pupil quota regain revenge robust scallion select skullcap snapshot soybean spigot stairway
268. r You can place PGPdisk volumes on any kind of server NT 95 98 or UNIX and allow them to be mounted by anyone with a Windows 95 machine NOTE The first person to mount the volume locally has read write access to the volume No one else is then able to access the volume If you want others to be able to access files within the volume you must mount the volume in read only mode All users of the volume then have read only access If the volume is stored on a Windows 95 server you can also mount the volume remotely on the server and allow people to share the mounted volume This action provides no security for the files within the volume however Automatically mounting PGPdisk volumes If you like you can automatically mount PGPdisk volumes when you first start your system To automatically mount PGPdisk volumes 1 Create a shortcut for each of the PGPdisk files which you want mounted when you start your computer 2 Place the shortcut s in the Winnt gt Profiles gt Name of Current User gt Start Menu gt Programs folder Once you have placed the shortcuts in this folder the PGPdisk volumes are mounted whenever you start your computer You are prompted to enter the passphrase for each PGPdisk volume as it mounts User s Guide 149 PGPdisk Backing up PGPdisk volumes You may want to back up the contents of your PGPdisk volumes to safeguard your information from system corruption or di
269. r s certificate validation capabilities to a single domain enter the domain name in the Domain text box 6 If you want to assign an expiration date to this signature enter the date on which you want this signature to expire in the Date text box Otherwise the signature will never expire 7 Click OK The Passphrase dialog box appears 8 Enter your passphrase then click OK An icon associated with your user name is now included with the public key that you just signed Granting trust for key validations 118 Besides certifying that a key belongs to someone you can assign a level of trust to the user of the keys indicating how well you trust them to act as an introducer to others whose keys you may get in the future This means that if you ever get a key from someone that has been signed by an individual whom you have designated as trustworthy the key is considered valid even though you have not done the check yourself To grant trust for a key 1 Open PGPkeys 2 Select the key for which you want to change the trust level NOTE You must sign the key before you can set the trust level for it If you have not already signed the key see Validating the public key on page 75 for instructions 3 Choose Properties from the Keys menu or click gt to open the Properties dialog box as shown in Figure 6 5 PGP Desktop Security Managing Keys and Setting PGP Options 4 Use the Trust Level slidi
270. r for the passphrase are not visible on the screen However if you are sure that no one is watching either physically or over the network and you would like to see the characters of your passphrase as you type click in the Hide Typing check box NOTE Your security is only as good as your passphrase Your passphrase should contain more than one word along with spaces numbers and other printable characters The passphrase is case sensitive The minimum allowable passphrase is 8 characters Choose something with which you are very familiar and that you have already stored in your long term memory Picking a phrase on the spur of the moment is likely to result in forgetting it entirely It is vital that you do not forget your passphrase or you will lose your data For more information see Passphrase quality on page 153 Click Next Move your mouse around in a random manner within the Wizard window and or type characters on the keyboard until the progress bar shown in the dialog box is completely filled in Your mouse movements and typing are used to generate random information used by the PGPdisk program as part of the encryption data scrambling process Click Next A progress bar indicates how much of the PGPdisk volume has been initialized Click Next to mount your PGPdisk Click Finish The format window appears on your screen Enter a label for the new volume this label identifies the volume in Window
271. r in the current window See Using PGPtray on page 33 e From within supported email applications PGP email plug ins The plug ins enable you to secure your email from within the supported email application See Using PGP within supported email applications on page 36 e From PGPtools PGPtools enables you to perform cryptographic tasks within applications not supported by plug ins plus other security tasks such as wiping files from your disk See Using PGPtools on page 35 e From the Windows Explorer File menu You can encrypt and sign or decrypt and verify files such as word processing documents spreadsheets and video clips directly from the Windows Explorer See Using PGP from Windows Explorer on page 35 28 PGP Desktop Security Using PGP For more information about encrypting email refer to Encrypting and signing email on page 77 For more information about decrypting files refer to Using PGP to encrypt and decrypt files on page 89 Decrypt and verify your email and files When someone sends you encrypted data you can unscramble the contents and verify any appended signature to make sure that the data originated with the alleged sender and that it has not been altered e If you are using an email application that is supported by the plug ins you can decrypt and verify your messages by selecting the appropriate options from your application s tool bar e If your email applicati
272. r open programs and prompts you to close them If you have PGP version 4 x 6 x currently installed the PGP setup program prompts you to uninstall the old PGP files Click Yes to automatically uninstall the old version Your keyring files are saved in a file named Old Keyrings You must reboot your computer after uninstalling the files Once your computer reboots the installer continues The PGP Installation screen appears Review the instructions in the PGP Welcome dialog box then click Next The Network Associates license agreement appears Review the license agreement information then click Yes to accept the licensing terms 22 PGP Desktop Security Installing PGP The Whatsnew txt file appears listing the new features and other important information regarding PGP version 6 5 1 5 Review the Whatsnew txt file then click Next 6 Register your product by entering your name and company name in the User Information dialog box 7 Click Next 8 Click Browse to navigate to a destination directory for your PGP files or accept the default directory Click Next to continue The Select Components dialog box appears as shown in Figure 1 1 Select Components x Select the components you want to install clear the components you do not want to install Components 4 PGP Key Management Requi 411K g V PGPdisk Volume Security 505K E PGPnet Virtual Private Networking 752 vV PGP Eudora Plugin 252 K vV PG
273. rdering IKE or IPSEC proposals 200 requesting an X 509 certificate 54 Require secure communications with all hosts 188 requiring secure communications with unconfigured hosts 188 residual data 247 restoring default settings for PGPnet 201 retrieving an X 509 certificate 56 revocation definition 268 revoking keys 121 RFC Request for Comment definition 268 Root CA 53 Root CA certificates adding to your keyring 56 RSA definition 269 RSA technology keys creating 42 running PGP 33 to 34 S S MIME Secure Multipurpose Mail Extension definition 269 SA description 160 effect of logoff on 162 effect of rebooting on 162 establishing with PGP keys 173 with shared secret 175 with X 509 certificates 174 establishing an 173 establishing with a host 173 expiring 160 initiating 160 removing SAs 170 saving active SAs 170 terminating with a host 173 viewing active SAs 169 viewing expired SAs 169 User s Guide 285 Index saving active SAs 170 keys 53 log information 170 scheduling 102 scheduling Free Space Wiper 102 using Free Space Wipe 102 searching for keys 134 searching key server 70 secret sharing definition 269 secure channel definition 269 secure gateway definition 160 secure hosts adding 177 communicating with 161 definition 160 secure subnet definition 160 Secure Viewer email encryption option 78 with previous versions 80 82 Secure Wipe using 99 securing a network card 201 to
274. re to obtain user passwords and other information The security of your data machines and networks is very important and PGPnet is designed to eliminate many of the threats that continue to plague networks PGPnet features The PGPnet program includes the following features e A configuration wizard that allows you to configure hosts gateways and subnets that you can communicate with securely e Secure peer to peer communication no intermediary gateway is required e Simple user interface e A list of all active PGPnet Security Associations at a glance A Security Association SA contains information that identifies how two machines communicate with each other e Automatic re key that is initialization and negotiation of expiring Security Associations e An Expert Mode that allows experienced users to bypass the configuration wizard e Log information used for diagnostics is displayed in easy to read format no need to search through log files What is PGPnet PGPnet a Virtual Private Network VPN is an easy to use encryption application that allows you to communicate securely and economically with other PGPnet users PGPnet a standards based product based upon the IETF IPSec and IETF IKE Internet Key Exchange protocols extends the IKE protocol to add support for PGP key authentication PGPnet maintains the privacy integrity and authenticity of information sent from a PGPnet host to a secure host
275. rewall for UNIX leave blank Phase I Lifetime 480 DH Group 1024 Bit Phase II SA Encapsulation Tunnel Encryption TripleDES Authentication HMAC MD5 PFS Off Users Guide 211 Creating a VPN with PGPnet Phase II Lifetime 480 Transfer Limit Leave blank 5 Click Next to move to next screen On the Gauntlet Firewall for UNIX click the Certificate Contents button The Certificate Contents screen displays Each field should have an asterisk This screen is called Client Certificate Configuration on the Gauntlet Firewall for UNIX All fields should be blank do not enter asterisks Certificate Contents lt gt Subject Issuer Common Name CN Organization Name 0 P Organization Unit Name OU Pe Country Name C C C State or Province Name ST C Locality Name L C C Street Address SA e E 6 Click Finish and apply the changes to the firewall On the Gauntlet Firewall for UNIX click OK and then apply the changes to the firewall 212 PGP Desktop Security Creating a VPN with PGPnet Configuring PGPnet The next step in establishing a VPN between a system with PGPnet and a Gauntlet Firewall is to appropriately configure PGPnet O NOTE This procedure assumes a working installation of PGP 6 5 or greater with the PGPnet component installed In this example we will be configuring communications to an insecure host or subnet behind a se
276. ributes and simple password protection these safeguards can easily be breached by those truly intent on examining your data Only by encrypting your data can you rest assured that even with the most sophisticated technologies known today it is nearly impossible for anyone to decipher the content of your files 136 Here are a few reasons to use PGPdisk to secure the contents of your files To protect sensitive financial medical and personal information that you simply do not want others to have access to This is particularly important in today s networked environment where information on your personal computer is exposed to the world while you are surfing the net To set up personal work areas on a shared machine where each user is guaranteed exclusive access to his or her own programs and files Each user can mount his or her own volumes while using the machine and then rest assured that nobody else can access the files once the volumes are unmounted To create volumes of material that are accessible only to designated members of a given workgroup A volume can be mounted when members of the team want to work on a given project and can then be unmounted and stored in its encrypted format when they are finished To prevent someone from gaining access to proprietary information stored on a notebook computer In general if you lose your notebook or someone steals it all of your personal information including access and passwords to o
277. roducer PGP uses the concept of a trusted introducer someone who you trust to provide you with keys that are valid This concept may be familiar to you from Victorian novels in which people gave letters of introduction to one another For example if your uncle knew someone in a faraway city with whom you might want to do business he might write a letter of introduction to his acquaintance With PGP users can sign one another s keys to validate them You sign someone s key to indicate that you are sure that their key is valid which means that it truly is their key There are several ways to do this When a trusted introducer signs another person s key you trust that the keys they sign are valid and you do not feel that you must verify their keys before using them User s Guide 75 Making and Exchanging Keys What is a meta introducer PGP also supports the concept of a meta introducer a trusted introducer of trusted introducers If you work in a very large company you might have a regional security officer a trusted introducer who would sign users keys You could trust that these keys were valid because the regional security officer had performed the actions to ensure validity The organization may also have a head security officer who works with the local security officers so that a person in a West Coast office could trust a person in an East Coast office because both their keys had been signed by their respective reg
278. rom ciphertext characters in a human readable form or bits in a machine readable form also called plain text a public key that is designated by the security officer of a corporation as the system wide key that all corporate users trust to sign other keys Glossary Conventional encryption Cryptanalysis CRYPTOKI Cryptography Cryptosystem Data integrity Decryption DES Data Encryption Standard Dictionary attack Diffie Hellman Digital cash Direct trust Digital signature encryption that relies on a common passphrase instead of public key cryptography The file is encrypted using a session key which encrypts using a passphrase that you will be asked to choose the art or science of transferring cipher text into plain text without initial knowledge of the key used to encrypt the plain text same as PKCS 11 the art and science of creating messages that have some combination of being private signed unmodified with non repudiation a system comprised of cryptographic algorithms all possible plain text cipher text and keys a method of ensuring information has not been altered by unauthorized or unknown means a method of unscrambling encrypted information so that it becomes legible again The recipient s private key is used for decryption a 64 bit block cipher symmetric algorithm also known as Data Encryption Algorithm DEA by ANSI and DEA 1 by ISO Widely used for over 20 years
279. rted email applications 78 vi PGP Desktop Security Table of Contents Encrypting email to groups of recipients 2 000005 83 Working with distribution lists 0 2020ee eee 84 Sending encrypted and signed email to distribution lists 85 Decrypting and verifying email 0 0c eee eee 85 Chapter 5 Using PGP for Secure File Storage 005 89 Using PGP to encrypt and decrypt files 00 2 eee eee eee 89 Using the PGP right click menu to encrypt and sign 89 Using PGPtools to encrypt and Sign 0 200eeeeeeee 91 Using PGPtray to decrypt and verify 0 2005 93 Using PGPtools to decrypt and verify 200000eeeee 94 Signing and decrypting files with a split key 2 00055 94 Using PGP Wipe to delete files 00 eee eee eee 99 Using the PGP Free Space Wiper to clean free space on your disks 100 Scheduling Free Space Wiper 000 eee ee eee eee 102 Chapter 6 Managing Keys and Setting PGP Options 105 Managing your keyS 200 cece eee eee eee eee 105 The PGPkeys Window 000 00 e eee eee eee 106 PGPkeys attribute definitions 000200e 107 Examining a key s properties 0 00 e eee e eee eee eee 109 General Key Properties panel 000e eee eeees 109 Subkey properties window 200 eee eee ees 111 D
280. rypted version so that it remains secure NOTE Messages encrypted with the Secure Viewer option enabled cannot be saved in their decrypted state They are only viewable on the secure PGP screen after decryption Using PGPtools to decrypt and verify To decrypt and verify using PGPtools 1 In Windows Explorer select the file or files that you want to decrypt 2 Drag the file onto the Decrypt Verify button in PGPtools The PGP Enter Passphrase dialog box appears as shown in Figure 5 2 asking you to enter your passphrase 3 Enter your passphrase and then click OK If the file is signed a message appears indicating whether the signature is valid If the text file is encrypted with Secure Viewer enabled an advisory message appears Click OK to continue The decrypted text appears ona secure PGP screen in a special TEMPEST attack prevention font 4 You can save the message in its decrypted state or you can save the original encrypted version so that it remains secure NOTE Messages encrypted with the Secure Viewer option enabled cannot be saved in their decrypted state They are only viewable on the secure PGP screen after decryption Signing and decrypting files with a split key Once a key is split among multiple shareholders attempting to sign or decrypt with it will cause PGP to automatically attempt to rejoin the key There are two ways to rejoin the key locally and remotely 94 PGP
281. ryptography developed in cooperation with an informal consortium Apple DEC Lotus Microsoft MIT RSA and Sun that includes algorithm specific and algorithm independent implementation standards Specifications defining message syntax and other protocols controlled by RSA Data Security Inc User s Guide 267 Glossary PKI Public Key Infrastructure Plaintext Private key Private keyring Public key Public keyring Public key cryptography Random number Revocation RFC Request for Comment 268 PGP Desktop Security a widely available and accessible certificate system for obtaining an entity s public key with some degree of certainty that you have the right key and that it has not been revoked normal legible un encrypted unsigned text the secret portion of a key pair used to sign and decrypt information A user s private key should be kept secret known only to the user a set of one or more private keys all of which belong to the owner of the private keyring one of two keys in a key pair used to encrypt information and verify signatures A user s public key can be widely disseminated to colleagues or strangers Knowing a person s public key does not help anyone discover the corresponding private key a set of public keys Your public keyring includes your own public key s cryptography in which a public and private key pair is used and no security is needed in the channel itself
282. s This trust comes into play when you are unable to verify the validity of someone s public key for yourself and instead rely on the judgment of other users who have signed the key When you create a key pair they are considered implicitly trustworthy as shown by the striping in the trust and validity bars or by a green dot and user icon When you receive a public key that has been signed by another of the user s keys on your public keyring the level of authenticity is based on the trust you have granted to the signer of that key You assign a level of trust either Trusted Marginal or Untrusted in the Key Properties dialog box Shows the date when the key will expire Most keys are set to Never however there may be instances when the owner of a key wants it to be used for only a fixed period of time Shows the date when the key was originally created You can sometimes make an assumption about the validity of a key based on how long it has been in circulation If the key has been in use for a while it is less likely that someone will try to replace it because there are many other copies in circulation Never rely on creation dates as the sole indicator of validity 108 PGP Desktop Security Managing Keys and Setting PGP Options Examining a key s properties In addition to the general attributes shown in the PGPkeys window you can also examine and change other key and subkey properties The Key Properties window inclu
283. s Explorer Click Start A warning dialog box appears Click OK there is no data on the new disk The system tells you the formatting is complete Click Close on the format window Your PGPdisk volume appears in an Explorer window User s Guide 139 PGPdisk A PGPdisk mounted volume icon representing your volume appears in the location you specified A PGPdisk encrypted volume icon representing your secure volume appears in the location you specified as shown below untitled PGPdisk untitled PGPdisk Mounted PGPdisk volume Encrypted PGPdisk volume 20 Double click the icon to open the volume Changing a passphrase You can change the master or alternate passphrase for a PGPdisk File To change your passphrase 1 Make sure that the PGPdisk volume is not mounted You cannot change a passphrase if the PGPdisk volume is mounted Choose Change Passphrase from the File menu The Open dialog box appears Navigate to the disk file of interest The Passphrase dialog box appears as shown in Figure 7 2 Please enter the passphrase to change for myvolume Passphrase M Hide Typing careat Figure 7 2 The Change Passphrase dialog box 5 Enter your passphrase then click OK 140 PGP Desktop Security PGPdisk The New Passphrase window appears as shown in Figure 7 3 New Passphrase Please enter an additional passphrase for myvolume Your passphrase should be at least 8
284. s Search window appears Choose the server you want to search from the Search for Keys On menu Specify your search criteria to locate your public key The default is User ID but you can click the arrows to select Key ID Key Status Key Type Key Size Creation Date or Expiration Date For example you might search for all keys with the User ID of Fred To begin the search click Search The results of the search appear in the window Right click on the key that you want to remove from the server then select Delete from the right click menu The Passphrase dialog box appears Enter the passphrase for the key you want to remove from the server and then click OK Confirmation dialog appears and the key is removed Update your key remove the unwanted signatures or user names Copy the updated key to the server see Making your public key available through a certificate server on page 66 for instructions If the server on which you are updating your public key is configured to synchronize keys with other public certificate servers your key will be updated on the other servers automatically upon synchronization PGP Desktop Security Making and Exchanging Keys 4 IMPORTANT If you delete your key from a certificate server you should be aware that someone who has your public key on their keyring can upload it to the server again You should check the server periodically to see if the key has reappeared you ma
285. s book is a history of codes and code breakers from the time of the Egyptians to the end of WWII Kahn first wrote it in the sixties and there is a revised edition published in 1996 This book won t teach you anything about how cryptography is done but it has been the inspiration of the whole modern generation of cryptographers e Charlie Kaufman Radia Perlman and Mike Spencer Network Security Private Communication in a Public World Prentice Hall ISBN 0 13 061466 1 This is a good description of network security systems and protocols including descriptions of what works what doesn t work and why Published in 1995 so it doesn t have many of the latest advances but is still a good book It also contains one of the most clear descriptions of how DES works of any book written Intermediate books e Bruce Schneier Applied Cryptography Protocols Algorithms and Source Code in C John Wiley amp Sons ISBN 0 471 12845 7 This is a good beginning technical book on how a lot of cryptography works If you want to become an expert this is the place to start e Alfred J Menezes Paul C van Oorschot and Scott Vanstone Handbook of Applied Cryptography CRC Press ISBN 0 8493 8523 7 This is the technical book you should get after Schneier There is a lot of heavy duty math in this book but it is nonetheless usable for those who do not understand the math User s Guide 17 Preface Richard E Smith Intern
286. s to another location on your hard drive or to a floppy disk By default the private keyring secring skr and the public keyring pubring pkr are stored along with the other program files in the PGP Keyrings folder in your PGP folder but you can save your backups in any location you like PGP periodically prompts you to backup your keys When you specify that you want to save a backup copy of your keys the Save As dialog box appears asking you to specify the location of the backup private and public keyring files that are to be created Protecting your keys 46 Besides making backup copies of your keys you should be especially careful about where you store your private key Even though your private key is protected by a passphrase that only you should know it is possible that someone could discover your passphrase and then use your private key to decipher your email or forge your digital signature For instance somebody could look over your shoulder and watch the keystrokes you enter or intercept them on the network or even over the airwaves PGP Desktop Security Making and Exchanging Keys To prevent anyone who might happen to intercept your passphrase from being able to use your private key you should store your private key only on your own computer If your computer is attached to a network you should also make sure that your files are not automatically included in a system wide backup where others might gain access t
287. screen when you are away from your desk Make sure that your PGPdisk volumes cannot be seen by other computers on the network You may need to talk to your network management people to guarantee this The files in a mounted PGPdisk volume can be accessed by anyone who can see them on the network Never write down your passphrases Pick something you can remember If you have trouble remembering your passphrase use something to jog your memory such as a poster a song a poem a joke but do not write down your passphrases If you use PGPdisk at home and share your computer with other people they will probably be able to see your PGPdisk files As long as you unmount the PGPdisk volumes when you finish using them no one else will be able to read their contents If another user has physical access to your machine that person can delete your PGPdisk files as well as any other files or volumes If physical access is an issue try either backing up your PGPdisk files or keeping them on an external device over which only you have physical control Be aware that copies of your PGPdisk volume use the same secret key as the original If you exchange a copy of your volume with another and both change your master passwords both of you are still using the same key to encrypt the data While it is not a trivial operation to recover the key it is not impossible User s Guide 155 PGPdisk 156 PGP Desktop Security PGPnet Virtual Private
288. ses when it seemed worthwhile Senate Bill 266 a 1991 omnibus anticrime bill had an unsettling measure buried in it If this non binding resolution had become real law it would have forced manufacturers of secure communications equipment to insert special trap doors in their products so that the government could read anyone s encrypted messages It reads It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice data and other communications when appropriately authorized by law It was this bill that led me to publish PGP electronically for free that year shortly before the measure was defeated after vigorous protest by civil libertarians and industry groups The 1994 Digital Telephony bill mandated that phone companies install remote wiretapping ports into their central office digital switches creating a new technology infrastructure for point and click wiretapping so that federal agents no longer have to go out and attach alligator clips to phone lines Now they will be able to sit in their headquarters in Washington and listen in on your phone calls Of course the law still requires a court order for a wiretap But while technology infrastructures can persist for generations PGP Desktop Security Phil Zimmermann on PGP
289. should be careful not to delete the private and public keyring files used to store any keys you have created or collected while using the previous version When you install PGP you are given the option of retaining your existing private and public keyrings so you don t have to go to the trouble of importing all of your old keys To upgrade from a previous version follow the appropriate steps listed next To upgrade from PGP Version 2 6 2 or 2 7 1 1 Exit all programs or open applications 2 Make backups of your old PGP keyrings on another volume In PGP for Windows versions 2 6 2 and 2 7 1 your public keys are stored in pubring pgp and your private keys are stored in secring pgp In versions 5 x 6 5 your public keys are stored in pubring pkr and your private keys are stored in secring skr 20 PGP Desktop Security Installing PGP amp TIP Make two separate backups of your keyrings onto two different floppy disks just to be safe Be especially careful not to lose your private keyring otherwise you will never be able to decrypt any email messages or file attachments encrypted with the lost keys Store the keyrings in a secure place where only you have access to them 3 When you have successfully backed up your old keyrings remove or archive the old PGP software You have two options here e Manually delete the entire old PGP folder and all of its contents or e Manually delete the old PGP pr
290. signing The selected key can only be used for encrypting The destination address you provided is incorrect or your network connection is misconfigured You attempted to combine the same share twice Solution Re install PGP onto your machine If the message continues to appear after re installing contact your PGP administrator and report this message They will need to generate a new PGP installer for you Use a different key to authenticate the network share file connection or contact the remote user to assure them that the key you re using is valid If you are encrypting or signing you may have to break up the message and encrypt sign smaller pieces at a time If you are decrypting or verifying ask the sender to encrypt sign smaller pieces and re send them to you Choose a different key or generate a new key that can encrypt data Choose a different key or generate a new key that can sign data Check to make sure that the destination address you provided is the correct one If you are sure of this check your connection to the network If you received the shares from a share file try choosing a different share file If you received the shares from the network you may need to contact the user at the remote location and tell them to send a different set of shares User s Guide 217 Troubleshooting PGP Error No secret keys could be found on your keyring Socket is not connected Th
291. sk failures While it is possible to back up the contents of a mounted PGPdisk volume just as you would any other volume it is probably not a good idea because the contents are not encrypted and will thus be accessible to anyone who can restore the back up Rather than back up the contents of the mounted PGPdisk volume you should instead make a back up of the encrypted PGPdisk volume To back up PGPdisk volumes 1 Click on the PGPdisk volume s icon Select the Unmount PGPdisk option 2 Copy the unmounted encrypted file to a floppy disk tape or removable cartridge just as you would any other file Even if some unauthorized person has access to the backup he or she will not be able to decipher its contents When making backups of the encrypted files keep these issues in mind e PGPdisk is a product for security minded people and organizations Backing up the encrypted files to a network drive gives others plenty of opportunity to guess at a weak passphrase We recommend that you back up only to devices over which you have physical control A lengthy complicated passphrase helps further reduce the risk in this situation See Passphrase quality on page 153 e If youare onanetwork make sure that any network back up system does not back up your mounted volumes You may need to discuss this with your System Administrator Under some circumstances you may not mind if backups are made of your encrypted files because this informatio
292. sk program For more information on how to mount a PGPdisk volume see Mounting a PGPdisk volume on page 145 Changing the size of a PGPdisk volume While you cannot change the size of a PGPdisk volume once it has been created you can create a larger or smaller volume and then copy the contents from the old volume to the new one To change the size of a PGPdisk volume 1 2 Create a new PGPdisk volume and specify the desired size Copy the contents of the existing mounted PGPdisk volume into the newly created volume Unmount the old PGPdisk volume and then delete the encrypted file associated with the volume to free up the disk space Technical Details and Security Considerations This section discusses encryption and security issues and provides user tips and other technical information about PGPdisk User s Guide 151 PGPdisk About PGPdisk volumes You can use PGPdisk volumes to organize your work keep similarly named files separate or keep multiple versions of the same documents or programs separate Although the volumes you create with PGPdisk function just as any other volume you are accustomed to working with the data is actually stored in one large encrypted file It is only when you mount the file that its contents are presented in the form of a volume It is important to realize that all of your data remains secure in the encrypted file and is only deciphered when you access one of the files Having
293. so a candidate for IPSec security archetecture Implicit trust is reserved for key pairs located on your local keyring If the private portion of a key pair is found on your keyring PGP assumes that you are the owner of the key pair and that you implicity trust yourself assurance that data is not modified by unauthorized persons during storage or transmittal a person or organization who is allowed to vouch for the authenticity of someone s public key You designate an introducer by signing their public key a TCP IP layer encryption scheme under consideration within the IETF responsible for a wide range of standards like the OSI model and international relationship with ANSI on X 509 a digital code used to encrypt and sign and decrypt and verify messages and files Keys come in key pairs and are stored on keyrings a practice where a user of a public key encryption system surrenders their private key to a third party thus permitting them to monitor encrypted communications User s Guide 265 Glossary Key exchange Key fingerprint Key ID Key length Key management Key pair Keyring Key splitting or secret sharing LDAP Lightweight Directory Access Protocol 266 PGP Desktop Security a scheme for two or more nodes to transfer a secret session key across an unsecured channel a uniquely identifying string of numbers and characters used to authenticate public keys For example you can te
294. ssphrase A passphrase is less vulnerable to a dictionary attack This is accomplished easily by using multiple words in your passphrase rather than trying to thwart a dictionary attack by arbitrarily inserting a lot of funny non alphabetic characters which has the effect of making your passphrase too easy to forget and could lead to a disastrous loss of information because you can t decrypt your own files However unless the passphrase you choose is something that is easily committed to long term memory you are unlikely to remember it verbatim Picking a phrase on the spur of the moment is likely to result in forgetting it entirely Choose something that is already residing in your long term memory It should not be something that you have repeated to others recently nor a famous quotation because you want it to be hard for a sophisticated attacker to guess If it s already deeply embedded in your long term memory you probably won t forget it Do not write it down Your passphrase is part of the random data used to encrypt your PGPdisk files The Passphrase Quality bar should fill at least half way when you enter your passphrase Unless you fill the entire bar you are not achieving maximum security You can create a separate or alternate passphrase for every PGPdisk volume you create This enables you to allow some users access to selected PGPdisk files on a volume by volume basis You can use a passphrase for PGPdisk files that you s
295. ssphrase Click Next 4 WARNING Unlike traditional PGP passphrases Shared Secret passphrases are stored on your computer unencrypted This presents a potential security risk If you have not selected an authentication key or certificate the wizard asks you to select one now e If you selected shared secret security go to Step 8 e If you selected public key cryptographic security go to Step 9 Select how you want to identify yourself to the remote computer applies only if shared secret authentication is used IP Address Host Domain Name User Domain Name or Distinguished Name IP Address by the IP address of this computer nnn nnn nnn nnn Host Domain Name by the host domain name of this computer computerName nameOfNetwork User Domain Name by a user and host domain name which you specify for example username computerName nameOfNetwork Distinguished Name by a text string which you specify such as CN Bob Jones C US _O Acme _Inc PGP Desktop Security PGPnet Virtual Private Networking Click Next If you select User Domain Name or Distinguished Name enter the name Click Next 9 The wizard adds the entry to your host list Click Finish to close the wizard Adding a subnet NOTE To add a subnet behind an existing configured gateway see Adding a subnet behind a configured gateway on page 182 Use PGPnet s Add Host wizard to add subnet entries
296. stockman suspense tapeworm topmost Trojan uncut upshot waffle woodlark User s Guide 259 Biometric Word Lists 260 adroitness almighty Apollo atmosphere belowground bottomless Burlington cannonball cellulose clergyman component consensus crossover decadence detergent disable embezzle equipment existence forever getaway guitarist headwaters hurricane indigo insincere Istanbul liberty megaton miracle monument Norwegian Orlando paperweight pedigree pharmacy politeness proximate racketeer replica retrieval sandalwood sensation stethoscope sympathy tolerance trombonist underfoot upcoming visitor whimsical Yucatan adviser amulet armistice autopsy bifocals Bradbury businessman Capricorn certify coherence concurrent consulting crucifix December determine disbelief enchanting escapade exodus fortitude glossary hamburger hemisphere hydraulic inertia insurgent Jamaica maritime microscope misnomer mosquito October outfielder paragon Pegasus phonetic positive puberty rebellion reproduce retrospect sardonic sociable stupendous tambourine tomorrow truncated unicorn vacancy vocalist Wichita PGP Desktop Security aftermath amusement article Babylon bodyguard bravado butterfat caravan chambermaid combustion confidence corporate cumbersome decimal dictator disruptive enrollment Eskimo fascinate frequency gossamer Hamilton hesitate impartial
297. storing 53 proposals setting 197 protecting against bogus timestamps 250 your keys 53 public key definition 268 public key tampering 246 public keyring definition 268 284 PGP Desktop Security public keys advantages of sending to key server 66 certifying 28 236 consequences of sending to key server 45 copying from email messages 72 creating 27 key pairs 27 creating with PGP Key Wizard 30 distributing your 66 exchanging with other users 27 exporting to files 69 getting from a key server 70 giving to other users 27 importing from files 73 including in an email message 69 location of 105 obtaining others 70 to 73 protecting 53 protecting against tampering 235 searching key server 70 sending to key server 45 66 to 67 signing 116 236 storing 53 trading with other users 27 validating 28 public key cryptography definition 268 Q quitting PGPnet 167 to 168 R random data generating 139 random number definition 268 random numbers their use as session keys 233 Index random seed file 234 rebooting effect on SAs 162 receiving private email 77 recipient groups combining groups 85 creating 84 deleting 84 deleting a group 84 recipients groups of 83 selecting 37 rejoining a split key 61 94 to 95 Remote Access WAN Wrapper 173 remote authentication 186 removing an IKE or IPSEC proposal 200 files using Secure Wipe 99 gateways 183 hosts 183 key from server 66 SAs 170 subnets 183 reo
298. stribution list The name of your encryption distribution list must correspond to the name of the email distribution list Use your email application to compose your email message just as you normally would When you have finished composing the text of your email message click ef to encrypt the text of your message then click to sign the message The PGP Key Recipients dialog box appears Figure 4 1 You can select the recipient s public keys for the text you are encrypting or signing The options available are described in To encrypt and sign with supported email applications on page 78 Send the message Decrypting and verifying email The quickest and easiest way to decrypt and verify the email sent to you is with an application supported by the PGP plug ins Although the procedure varies slightly between different email applications when you are using an email application supported by the plug ins you can perform the decryption and verification operations by clicking the envelope icon in the message or your application s toolbar In some cases you may need to select Decrypt Verify from the menu in your email application In addition if you are using an application that supports the PGP MIME standard you can decrypt and verify your email messages as well as any file attachments by clicking an icon attached to your message User s Guide 85 Sending and Receiving Secure Email 86 If you are using an email
299. sts gateways and subnets 185 expiration setting for key pairs 43 setting key expiration values 190 Expire property 110 112 expiring SAs 160 Explorer using PGP with 35 export format for exporting keys 134 exporting keys to files 69 121 F features automated freespace wiping 14 CA support 14 finger print word list 14 HotKeys 14 new in PGP 14 of PGPdisk 135 of PGPnet 159 PGPnet 14 to 15 self decrypting archive 14 X 509 certificates 14 files 93 deleting 99 exporting keys to 121 exporting public keys to 69 importing public keys from 73 wiping 99 Finder using PGP from 33 finding keys 134 finger print word list What s New in PGP 14 fingerprint definition 264 hexidecimal 110 fingerprints 110 checking 114 comparing 74 description 234 word list 14 FIPS Federal Information Processing Standard definition 264 Firewall definition 264 Free Space Wipe 100 automatic wiping 14 scheduling tasks 102 User s Guide 277 Index G gateways adding 180 removing 183 generating key pairs 40 setting options 124 granting trust for key validations 118 group lists 131 groups adding members 84 combining groups 85 creating 84 deleting 84 H Hash function definition 264 hash functions allowing withing PGPnet 194 description 234 Hexadecimal definition 265 hexidecimal 110 Hierarchical trust definition 264 hosts adding 176 to 177 communicating with unconfigured 187 establishing an SA 173 findin
300. subject of implementing network security The focus of this guide is on implementing PGP as a tool within your overall network security structure PGP is merely one piece of an overall security system but it is an extremely important one PGP provides encryption which protects data from the eyes of anyone for whom it was not intended even those who can see the encrypted data This protects information from both internal and external outsiders This guide describes how to use PGP Desktop Security for Windows 95 Windows 98 and Windows NT PGP Desktop Security has many new features which are described in What s new in PGP version 6 5 1 on page 14 If you are new to cryptography and would like an overview of the terminology and concepts you will encounter while using PGP see An Introduction to Cryptography User s Guide 13 Preface What s new in PGP version 6 5 1 This version of PGP includes these new features e PGPnet PGPnet is a landmark product in the history of PGP PGPnet secures all TCP IP communications between itself and any other machine running PGPnet It is also fully interoperable with the Gauntlet GVPN firewall gateway providing a complete solution for corporate remote access VPNs using the industry standard IPSec Internet Protocol Security and IKE Internet Key Exchange protocols PGPnet has also been successfully tested with Cisco routers requires Cisco IOS 12 0 5 or later with IPSec TripleD
301. t expiration values for Setup Keys IKE 1 Display the General panel View gt Options The Expiration information appears in the bottom section of the General tab 2 To set a duration for Setup Keys click the box next to Duration Use the up and down arrows next to the duration field to set the appropriate time limit or enter a numeric value in each field d h m 3 To seta data value in Megabytes for Setup Keys click Megabytes Use the up and down arrows to set the appropriate megabyte limit or enter a numeric value 4 Click OK User s Guide 191 PGPnet Virtual Private Networking To 1 set expiration values for Primary Keys IPSec Display the General panel View gt Options The Expiration information appears in the bottom section of the General tab To set a duration for Primary Keys click Duration Use the up and down arrows next to the Duration field to set the appropriate time limit or enter a numeric value in each field d h m To set a data value in Megabytes for Primary Keys click the box next to Megabytes Use the up and down arrows to set the appropriate megabyte limit or enter a numeric value Click OK Authenticating a connection The controls on the Authentication panel allow you to perform the following tasks 192 Select your public and private PGPnet keyring files as your active authentication keyrings PGPnet Keyring Files This feature allows you to set independent PGPnet
302. t from the Keys menu The Import dialog box appears Select the file that contains the key you want to import then click Open The Import Selection dialog box appears Select the key s that you want to import to your keyring then click the Import button The imported key s appears in PGPkeys where you can use it to encrypt data or to verify someone s digital signature To add a key from an email message If a colleague sends you an email message with their key enclosed as a block of text you can add it to your keyring 1 2 While the email message window is open open PGPkeys Tile the two windows so that you can see part of PGPkeys behind the message window Select the key text including the BEGIN PGP PUBLIC KEY BLOCK and END PGP PUBLIC KEY BLOCK text and drag the text onto the PGPkeys window The Import Selection dialog box appears Select the key s that you want to import to your keyring then click the Import button The imported key s appears in PGPkeys where you can use it to encrypt data or to verify someone s digital signature 120 PGP Desktop Security Managing Keys and Setting PGP Options To export a key to a file 1 2 3 Open the PGPkeys window Select the key you want to export to a file Choose Export from the Keys menu The Export dialog box appears Enter the name of the file or navigate to the file which you want the key to be exported and then click Save The
303. t through email it appears as a block of text in the body of the message 72 PGP Desktop Security Making and Exchanging Keys To add a public key from an email message If you have an email application that is supported by the PGP plug ins then click in your email application to extract the sender s public key from the email and add it to your public keyring If you are using an email application that is not supported by the plug ins you can add the public key to the keyring by copying the block of text that represents the public key and pasting it into PGPkeys Importing keys You can import public keys and PKCS 12 X 509 private keys to your PGP public keyring To import from your browser by copying and pasting into your public keyring Another method for obtaining someone s public key is to have that person save it to a file from which you can import or it or copy and paste it into your public keyring To import a public key from a file There are three methods of extracting someone s public key and adding it to your public keyring e Click on Import from the Keys menu and then navigate to the file where the public key is stored e Drag the file containing the public key onto the main PGPkeys window Or e Open the text document where the public key is stored select the block of text representing the key and then click on the Edit menu Go to PGPkeys and choose Paste from the Edit menu to copy the key The k
304. ted Before queuing encrypted messages you should check to see if your application does in fact encrypt the messages in your outbox If it does not you can use PGPmenu s Encrypt Now option to encrypt your messages before queuing them in the outbox To encrypt and sign text using PGPtools 1 Copy the text that you want to encrypt and sign to the clipboard 2 Click on the Encrypt Sign or Encrypt and Sign button in PGPtools PGPkeys encrypt sign encrypt decrypt wipe Freespace and sign verify wipe Figure 4 3 PGPtools window The PGP Key Select File s dialog box appears 3 Click the Clipboard button The PGP Key Recipients dialog box appears Figure 4 1 User s Guide 81 Sending and Receiving Secure Email 82 4 Drag the public keys for those who are to receive a copy of the encrypted email message into the Recipients list box You can also double click any of the keys to move them from one area of the screen to the other The Validity icon indicates the minimum level of confidence that the public keys in the Recipient list are valid This validity is based on the signatures associated with the key See Chapter 6 Managing Keys and Setting PGP Options for details You can choose from the following encryption options depending on the type of data you are encrypting e Secure Viewer Select this option to protect the data from TEMPEST attacks upon decryption If you select this option the decrypted
305. the order of these columns click and drag the header of the column you want to move Table 6 1 PGPkeys attribute overview Shows an iconic representation of the key along with the user name and email address of the owner and the names of the key s signers Indicates the level of confidence that the key actually belongs to the alleged owner The validity is based on who has signed the key and how well you trust the signer s to vouch for the authenticity of a key The public keys you sign yourself have the highest level of validity based on the assumption that you only sign someone s key if you are totally convinced that it is valid The validity of any other keys which you have not personally signed depends on the level of trust you have granted to any other users who have signed the key If there are no signatures associated with the key then it is not considered valid and a message indicating this fact appears whenever you encrypt to the key Validity is indicated by either circle or bar icons depending upon your Advanced Options Display marginal validity level setting see Setting advanced options later in this chapter If set then validity appears as C an empty bar for invalid keys EE a half filled bar for marginally valid keys E a filled bar for valid keys that you do not own ESS a striped bar for valid keys that you do own If not set then validity appears as a gray circle for invalid keys and margi
306. the transaction is displayed in the Network Status box When the status changes to Connected you are asked to authenticate yourself to the rejoining computer The Remote Authentication dialog box appears asking you to confirm that the remote computer is the one to whom you want to send your key share 6 Click Confirm to complete the transaction After the remote computer receives your key shares and confirms the transaction a message box appears stating that the shares were successfully sent 7 Click OK 8 Click Done in the Key Shares window when you have completed sending your key share 98 PGP Desktop Security Using PGP for Secure File Storage Using PGP Wipe to delete files The Wipe option on PGPtools deletes files and their contents The Wipe feature is a secure way of permanently removing a file and its contents from the hard drive of your computer When you delete a file normally by placing it in the Trash the name of the file is removed from the file directory but the data in the file stays on the disk Wipe removes all traces of a file s data so that no one can use a software tool to recover the file To permanenily delete a file using the PGP right click menu 1 In the Windows Explorer select the file or files that you want to wipe 2 Right click on the file and then choose Wipe from the menu A confirmation dialog box appears 3 Click OK to permanently erase the file To stop wiping the file before
307. then use the appropriate pair depending on the version of PGP used by the recipient You must create a separate key pair for each type of key that you need The PGP Key Generation Wizard asks you to specify a size for your new keys Select a key size from 1024 to 3072 bits or enter a custom key size from 1024 to 4096 bits NOTE A custom key size may take a long time to generate depending on the speed of the computer you are using The key size corresponds to the number of bits used to construct your digital key The larger the key the less chance that someone will be able to crack it but the longer it takes to perform the decryption and encryption process You need to strike a balance between the convenience of performing PGP functions quickly with a smaller key and the increased level of security provided by a larger key Unless you are exchanging extremely sensitive information that is of enough interest that someone would be willing to mount an expensive and time consuming cryptographic attack in order to read it you are safe using a key composed of 1024 bits PGP Desktop Security Making and Exchanging Keys 8 10 11 NOTE When creating a Diffie Hellman DSS key pair the size of the DSS portion of the key is less than or equal to the size of the Diffie Hellman portion of the key and is limited to a maximum size of 1024 bits Click Next to advance to the next pane The PGP Ke
308. thing to stop a dishonest user from altering the date and time setting of his own system s clock and generating his own public key certificates and signatures that appear to have been created at a different time He can make it appear that he signed something earlier or later than he actually did or that his public private key pair was created earlier or later This may have some legal or financial benefit to him for example by creating some kind of loophole that might allow him to repudiate a signature I think this problem of falsified timestamps in digital signatures is no worse than it is already in handwritten signatures Anyone can write any date next to their handwritten signature on a contract but no one seems to be alarmed about this state of affairs In some cases an incorrect date on a handwritten signature might not be associated with actual fraud The timestamp might be when the signator asserts that he signed a document or maybe when he wants the signature to go into effect In situations where it is critical that a signature be trusted to have the actual correct date people can simply use notaries to witness and date a handwritten signature The analog to this in digital signatures is to get a trusted third party to sign a signature certificate applying a trusted timestamp No exotic or overly formal protocols are needed for this Witnessed signatures have long been recognized as a legitimate way of determining when a docu
309. tinued this tradition by making our site on the World Wide Web a valuable resource for answers to technical support issues We encourage you to make this your first stop for answers to frequently asked questions for updates to Network Associates software and for access to Network Associates news and encryption information World Wide Web http www nai com Technical Support for your PGP product is also available through these channels Phone 31 20 5866100 Email tech support europe nai com User s Guide 15 Preface To provide the answers you need quickly and efficiently the Network Associates technical support staff needs some information about your computer and your software Please have this information ready before you call If the automated services do not have the answers you need contact Network Associates at one of the following numbers Monday through Friday between 6 00 A M and 6 00 P M Phone 31 20 5866100 To provide the answers you need quickly and efficiently the Network Associates technical support staff needs some information about your computer and your software Please have this information ready before you call e Product name and version number e Computer brand and model e Any additional hardware or peripherals connected to your computer e Operating system type and version numbers e Network type and version if applicable e Content of any status or error message displayed on screen or appearing
310. tment to make CAST available to anyone on a royalty free basis CAST appears to be exceptionally well designed by people with good reputations in the field The design is based on a very formal approach with a number of formally provable assertions that give good reasons to believe that it probably requires key exhaustion to break its 128 bit key CAST has no weak keys There are strong arguments that CAST is immune to both linear and differential cryptanalysis the two most powerful forms of cryptanalysis in the published literature both of which have been effective in cracking the Data Encryption Standard DES 152 PGP Desktop Security PGPdisk Passphrase quality Your security is only as good as your passphrase However encrypting a file and then finding yourself unable to decrypt it is a painful lesson in learning how to choose a passphrase you will remember Most applications require a password between three and eight letters A single word password is vulnerable to a dictionary attack which consists of having a computer try all the words in the dictionary until it finds your password To protect against this manner of attack it is widely recommended that you create a word that includes a combination of upper and lowercase alphabetic letters numbers punctuation marks and spaces This results in a stronger password but an obscure one that you are unlikely to remember easily We do not recommend that you use a single word pa
311. to convey official sanction access or legal power to an entity User s Guide 261 Glossary Blind signature Block cipher CA Certificate Authority CAPI Crypto API CAST Certificate digital certificate Certification Certify Certifying authority Ciphertext Clear text Corporate signing key 262 PGP Desktop Security ability to sign documents without knowledge of content similar to a notary public a symmetric cipher operating on blocks of plain text and cipher text usually 64 bits a trusted third party TTP who creates certificates that consist of assertions on various attributes and binds them to an entity and or to their public key Microsoft s crypto API for Windows based operating systems and applications a 64 bit block cipher using 64 bit key six S boxes with 8 bit input and 32 bit output developed in Canada by Carlisle Adams and Stafford Tavares an electronic document attached to a public key by a trusted third party which provides proof that the public key belongs to a legitimate owner and has not been compromised endorsement of information by a trusted entity to sign another person s public key one or more trusted individuals who are assigned the responsibility of certifying the origin of keys and adding them to a common database plaintext converted into a secretive format through the use of an encryption algorithm An encryption key can unlock the original plaintext f
312. to locate your entry you must click Back return to the previous screen and re enter the name or IP address The wizard adds the entry to your hosts list Click Finish to close the wizard Adding a subnet behind a configured gateway NOTE To add a subnet that is not behind an existing configured gateway see Adding a subnet on page 179 Use PGPnet s Add Host wizard to add a subnet behind a configured gateway to the host list 1 2 In the PGPnet main window click the Hosts tab Select the configured gateway and click Add PGPnet displays the Add Host wizard Read the first screen and click Next The wizard asks if you want to create a new host entry for a computer or subnet accessed through the selected gateway To do so select Yes and then click Next The wizard asks you to select the type of communication you want to configure Select Subnet and then click Next To add a secure subnet see Adding a subnet on page 179 To add an insecure subnet go to Step 5 The wizard asks you if you want to add a secure or insecure subnet Select Allow insecure communications and click Next Enter a descriptive name for the subnet with which you want to communicate Click Next Enter the IP address and subnet mask for the subnet with which you want to communicate Click Next The wizard adds the entry for the subnet to your host list Click Finish to close the wizard 182 PGP Desktop Security P
313. to securely maintain files It describes how to use PGP to encrypt decrypt sign and verify files either for email or for secure storage on your computer It also describes the PGP Wipe and Free Space Wiper functions which delete files by erasing their contents completely from your computer Using PGP to encrypt and decrypt files You can use PGP to encrypt and sign files to use as email attachments You can also use the techniques described in this chapter to encrypt and sign files so that you can store them securely on your computer Using the PGP right click menu to encrypt and sign Use the PGP right click menu to send an encrypted file as an attachment with your email message or to encrypt a file to protect it on your computer To encrypt and sign using the right click menu 1 In the Windows Explorer right click on the file or files that you want to encrypt 2 Choose one of the following options from the PGP right click menu e Encrypt Select this option to only encrypt the file or files you selected e Sign Select this option to only sign the file or files you selected Encryptand Sign Select this option to both encrypt and sign the file or files you selected The PGP Key Selection dialog box appears as shown in Figure 5 1 User s Guide 89 Using PGP for Secure File Storage 90 Encryption options wz PGP Key Selection Dialog 21 x Drag users from this list to the Recipients list Validity Sie l
314. to sign someone s public key to indicate that you believe it is valid assign a level of trust to the key s owner or change a passphrase for your private key You may even want to search a key server for someone s key You perform all of these key management functions from PGPkeys User s Guide 105 Managing Keys and Setting PGP Options The PGPkeys window 106 To open the PGPkeys window open the Start menu click _ Programs gt PGP gt PGPkeys or click the PGPtray icon in the System tray and then click Launch PGPkeys The PGPkeys window as shown in Figure 6 1 displays the keys you have created for yourself as well as any public keys you have added to your public keyring 49 PGPkeys Oy x File Edit View Keys Server Groups Help ZIX AJAH ca m O Abe lt abe company com gt G gt Beth lt beth company com gt Ge Carl lt carl company com gt Dave lt dave company com gt SF Elle lt elle company com gt Gwen lt qwen company com Gwen lt qwen company com gt 30 Photograph Iris lt iris company com gt 2048 1024 DH DSS public key Iris lt iris company com gt User ID 2 Iris lt iris company com gt DSS exportable signature E Jack lt jack company com gt 2048 1024 DH DSS key pair Jack lt jack company com gt User ID Oy Jack lt jack company com gt DSS exportable signature 2 Dave lt dave company com gt DSS signature Beth lt beth company com gt DSS signature 2048 1024 DH DSS
315. to the host list In the PGPnet main window click the Hosts tab Click Add or Alt A PGPnet displays the Add Host wizard Read the first screen and click Next The wizard asks you if you want to add a host subnet or gateway Click Subnet and click Next You can elect to enforce secure communications or allow insecure communications Click the radio button next to your selection and click Next Enter a descriptive name for the subnet with which you want to communicate Click Next Enter the IP address and subnet mask for the subnet Click Next NOTE If you configure a subnet with shared secret passphrase all machines in that subnet must be configured with the same shared secret passphrase The following steps apply if you elected to enforce secure communications 7 Select the communication method that you want to use when you communicate with this subnet public key cryptographic security or shared secret passphrase based security Click Next If you selected shared secret security enter the passphrase If you select shared secret each computer on that subnet must also be configured with the same shared secret passphrase Click Next 4 WARNING Unlike traditional PGP passphrases Shared Secret passphrases are stored on your computer unencrypted This presents a potential security risk User s Guide 179 PGPnet Virtual Private Networking 180 8 9 Select how you want to ide
316. top Security validating keys meta introducer 76 trusted introducers 75 validity 235 checking a key s 74 definition 271 validity level invalid 134 marginal 134 verification definition 271 verifying authenticity of a key 74 email 29 85 to 87 ViaCrypt upgrading from 20 viewing active SAs 169 attributes of keyrings 106 to 110 expired SAs 169 key attributes 30 PGPnet Hosts Panel 172 PGPnet Log Panel 170 PGPnet Status Panel 169 Virtual Private Networks VPNs 23 definition 157 See also VPNs virus as attacker 248 volumes creating 138 mounting 145 unmounting 147 VPN Virtual Private Network definition 271 VPN creating a 205 VPNs description 157 how VPNs work 158 tunneling protocol 158 using to protect data 158 Index vulnerabilities 246 W web of trust definition 271 Windows Explorer using PGP with 35 wiping using Free Space Wipe 100 wiping disks 100 102 wiping files 99 word wrap 128 worm as attacker 248 X X 509 73 121 X 509 certificates adding root CA certificates 53 adding to keypair 56 adding to your keyring 56 definition 271 requesting 54 retrieving 56 using to authenticate a connection 192 using to establish an SA 174 What s New in PGP 14 Z Zimmermann Phil 227 User s Guide 289
317. tor needs more input in order to generate good random numbers The program failed to write data to a certain file A file that was needed couldn t be opened You can t sign a key that you have already signed A file that was needed is set to read only or is being used by another program Solution Ask the sender of the message to re send the message and make sure they encrypt the message to your public key Browse to find the exact name and path of the file you want When prompted move the mouse around or press random keys in order to generate input Your hard drive may be full or if the file is on a floppy the floppy is not present in the floppy drive Make sure the settings in your PGP Preferences is correct If you ve recently deleted files in the directory that you installed PGP you may need to re install the product You may have accidentally picked the wrong key If so choose a different key to sign Close other programs that may be accessing the same files as the program you are running If you keep your keyring files on a floppy disk make sure that the floppy disk is in the floppy drive User s Guide 219 Troubleshooting PGP 220 PGP Desktop Security Transferring Files Between BR the Mac OS and Windows Transferring files to and from Mac OS is a classic problem in using almost any kind of data exchange software such as email applications FTP compression utilities
318. ubkey is a Diffie Hellman encryption key that is added as a subset to your master key Once a subkey is created you can expire or revoke it without affecting your master key or the signatures collected on it Text standard printable 7 bit ASCII text Timestamping recording the time of creation or existence of information TLS Transport Layer an IETF draft version 1 is based on the Secure Sockets Layer Security SSL version 3 0 protocol and provides communications privacy over the Internet TLSP Transport Layer 15O 19736 draft international standard Security Protocol Triple DES an encryption configuration in which the DES algorithm is used three times with three different keys Trusted a public key is said to be trusted by you if it has been validated by you or by someone you have designated as an introducer Trusted introducer someone whom you trust to provide you with keys that are valid When a trusted introducer signs another person s key you trust that the person s key is valid and you do not need to verify the key before using it 270 PGP Desktop Security Glossary User ID Validity Verification VPN Virtual Private Network Web of trust X 509 a text phrase that identifies a key pair For example one common format for a user ID is the owner s name and email address The user ID helps users both the owner and colleagues identify the owner of the key pair indicates the level of confid
319. ur messages especially those sent through a modem or email system If you use PGP and follow reasonable precautions the attacker will have to expend far more effort and expense to violate your privacy If you protect yourself against the simplest attacks and you feel confident that your privacy is not going to be violated by a determined and highly resourceful attacker then you ll probably be safe using PGP PGP gives you Pretty Good Privacy User s Guide 253 Phil Zimmermann on PGP 254 PGP Desktop Security Biometric Word Lists Biometric Word Lists By Philip Zimmermann and Patrick Juola PGP uses a special list of words to convey binary information in an authenticated manner over a voice channel such as a telephone via biometric signatures The human voice that speaks the words if recognized by the listener serves as a means of biometric authentication of the data carried by the words The word list serves the same purpose as the military alphabet which is used to transmit letters over a noisy radio voice channel But the military alphabet has 26 words each word representing one letter For our purposes our list has 256 carefully selected phonetically distinct words to represent the 256 possible byte values of 0 to 255 We created a word list for reading binary information over the phone with each word representing a different byte value We tried to design the word list to be useful for a variety of applications T
320. ure that the PGPdisk volume is not currently mounted You cannot add or change a passphrase while the PGPdisk volume is mounted 2 Select Add Passphrase from the File menu The Passphrase dialog box appears asking you to enter the volume s master passphrase If you have multiple PGPdisk volumes on your machine you must select a disk volume 3 Enter the master passphrase and click OK The New Passphrase dialog box appears as shown in Figure 7 4 Please enter an additional passphrase for myvolume four passphrase should be at least 8 characters long and should contain non alphabetic characters Passphrase MV Hide Typing Passphrase Quality Confirmation Options I Read only passphrase Peal Figure 7 4 The New Passphrase dialog box 4 Enter an alternate passphrase for the named volume and then press TAB Enter the passphrase again to confirm it At this point you also have the option of checking the Read only Passphrase checkbox to indicate that you want the entire volume contents to be designated as read only 5 Click OK Once you have created an alternate passphrase you or anyone who knows it can remove the passphrase by choosing the Remove Passphrase command from the File menu Master passphrases cannot be removed For more information see Removing a passphrase below PGP Desktop Security PGPdisk Removing a passphrase Removing a passphrase is similar to
321. urrent Window Select this option to create a hot key that allows you to encrypt all data in the current window with a key stroke or series of key The default hot key strokes for this operation is CTRL SHFT E e Sign Current Window Select this option to create a hot key that allows you to sign the data in the current window with a key stroke or series of key strokes The default hot key for this operation is CTRL SHFT S e Encrypt and Sign Current Window Select this option to create a hot key that allows you to both encrypt and sign the data in the current window with a key stroke or series of key strokes The default hot key for this operation is CTRL SHFT C User s Guide 129 Managing Keys and Setting PGP Options e Decrypt and Verify Current Window Select this option to create a hot key that allows you to both decrypt and verify the secure data in the current window with a key or series of key strokes The default hot key strokes for this operation is CTRL SHFT D 4 Click OK or select another Options tab to continue configuring PGP Setting server options Use the Server panel to specify settings for the public key servers that you are using to send and retrieve public keys and with which you will automatically synchronize keys To set key server options 1 Open PGPkeys 2 Select Options from the PGPkeys Edit menu then click the Server tab 3 The Options menu opens with the Server panel showing Figure
322. uthority or in a more decentralized environment where individuals exchange personal keys This whole business of protecting public keys from tampering is the single most difficult problem in practical public key applications It is the Achilles heel of public key cryptography and a lot of software complexity is tied up in solving this one problem You should use a public key only after you are sure that it is a good public key that has not been tampered with and that it actually belongs to the person with whom it purports to be associated You can be sure of this if you got this public key certificate directly from its owner or if it bears the signature of someone else that you trust from whom you already have a good public key Also the user ID should have the full name of the key s owner not just her first name PGP Desktop Security Phil Zimmermann on PGP No matter how tempted you are you should never give in to expediency and trust a public key you downloaded from a bulletin board unless it is signed by someone you trust That uncertified public key could have been tampered with by anyone maybe even by the system administrator of the bulletin board If you are asked to sign someone else s public key certificate make certain that it really belongs to the person named in the user ID of that public key certificate This is because your signature on her public key certificate is a promise by you that this public key rea
323. uting your public key on page 66 for instructions PGP Desktop Security Making and Exchanging Keys Adding an X 509 certificate to your PGP key NOTE The instructions in this section describe how to add an X 509 certificate to your keypair if you are using the Net Tools PKI Server An X 509 digital certificate is a recognized electronic document used to prove identity and public key ownership over a communication network You can request an X 509 digital certificate and add it to your keypair using PGP menu options and your company s Certificate Authority CA or a public CA for example VeriSign There are four main steps to adding an X 509 certificate to your keypair First retrieve the Root CA certificate from the CA and add it to your PGP keyring Next enter information about the CA in the CA Options panel Request a certificate from the CA Your X 509 certificate request is verified and signed by the CA The CA s signature on the certificate makes it possible to detect any subsequent tampering with the identifying information or the public key and it implies that the CA considers the information in the certificate valid Finally retrieve the certificate issued by the CA and add it to your keypair To add an X 509 certificate to your PGP keypair 1 Obtain and add the Root CA certificate to your PGP keyring To do this follow these steps 1 Open your Web browser and connect to the CA s enrollme
324. utive duplicate words a condition that cannot occur in a normal sequence An omission will be detected by two consecutive words drawn from the same list To facilitate the immediate and obvious detection by a human of any of the three error syndromes described above without computer assistance we made the two lists have one obviously different property The even list contains only two syllable words while the odd list contains only three syllable words That suggestion came from Patrick Juola a computational linguist PGPfone was the application that precipitated the actual development of the word list by Juola and Zimmermann PGPfone is an application that turns your computer into a secure telephone We used it to authenticate PGPfone s initial Diffie Hellman key exchange without using digital signatures and public key infrastructures We knew we would end up using it for authenticating PGP key fingerprints when we applied it to PGP later The idea behind building the word lists was to develop a metric to measure the phonetic distance between two words then use that as a goodness measure to develop a full list Grady Ward provided us with a large collection of words and their pronunciations and Patrick Juola used genetic algorithms to evolve the best subset of Ward s list To briefly summarize what he did he made a PGP Desktop Security Biometric Word Lists large population of guesses and let the population sexually reproduce
325. voking 121 saving 53 searching for 134 setting size of 42 50 signing 116 splitting 51 verifying authenticity of 74 LDAP Lightweight Directory Access Protocol definition 266 280 PGP Desktop Security legitimacy determining a key s 74 locating keys 134 location specifying volume location 138 log information clearing 170 saving 170 logging off effect on SAs 162 of PGPnet 167 logging on to PGPnet 167 LZS compression and PGPnet 194 M making key pairs 40 managing keys 105 man in the middle attack 74 master passphrase creating 139 141 MD5 hash and PGPnet 194 menu bar icon description 31 message digest definition 267 description 234 meta introducer 76 definition 267 MIC Message Integrity Check definition 267 Microsoft Outlook Express 24 MIME Multipurpose Internet Mail Extensions definition 267 Index MIME standard using to decrypt email 86 to 87 using to encrypt email 77 to 82 modem adapter 173 modes expert 185 transport 161 tunnel 161 modifying a host 183 a secure gateway 183 a subnet 183 mounting volumes 145 automatically 149 on a remote server 149 N name specifying volume name 138 Net Tools PKI Server 54 network adapter 173 network adapters 163 Network Associates contacting Customer Care 15 within the United States 16 training 16 network card securing 201 to 202 setting for PGPnet 201 Network control panel settings 163 network interface card ch
326. x appears 4 Click the OK button Splitting and rejoining keys 58 Any private key can be split into shares among multiple shareholders using a cryptographic process known as Blakely Shamir key splitting This technique is recommended for extremely high security keys For example Network Associates keeps a corporate key split between multiple individuals Whenever we need to sign with that key the shares of the key are rejoined temporarily PGP Desktop Security Making and Exchanging Keys Creating a split key To split a key select the key pair to be split and choose Share Split from the Keys menu You are then asked to set up how many different shares will be required to rejoin the key The shares are saved as files either encrypted to the public key of a shareholder or encrypted conventionally if the shareholder has no public key After the key has been split attempting to sign with it or decrypt with it will automatically attempt to rejoin the key For information about rejoining a split key see Signing and decrypting files with a split key on page 94 To create a split key with multiple shares 1 Open PGPkeys 2 In PGPkeys create a new key pair or select an existing key pair that you want to split 3 On the Keys menu click Share Split The Share Split dialog box opens Figure 3 11 on top of PGPkeys Split Key Accounting Dept Mm Ei Split Key Accounting Dept r Shareholders To add sharehold
327. y Generation Wizard asks you to indicate when the key pair will expire Indicate when you want your keys to expire You can either use the default selection which is Never or you can enter a specific date after which the keys will expire Once you create a key pair and have distributed your public key to the world you will probably continue to use the same keys from that point on However under certain conditions you may want to create a special key pair that you plan to use for only a limited period of time In this case when the public key expires it can no longer be used by someone to encrypt mail for you but it can still be used to verify your digital signature Similarly when your private key expires it can still be used to decrypt mail that was sent to you before your public key expired but can no longer be used to sign mail for others Click Next to advance to the next pane The PGP Key Generation Wizard asks you to enter a passphrase In the Passphrase dialog box enter the string of characters or words you want to use to maintain exclusive access to your private key To confirm your entry press the TAB key to advance to the next line then enter the same passphrase again Normally as an added level of security the characters you enter for the passphrase do not appear on the screen However if you are sure that no one is watching and you would like to see the characters of your passphrase as you type clear the Hide Typing
328. y Network Associates Inc are available without proof of purchase from an authorized international source and may not be available from Network Associates Inc to the extent they subject to restrictions under U S export control laws and regulations NO OTHER WARRANTIES TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW AND EXCEPT FOR THE LIMITED WARRANTIES SET FORTH HEREIN THE SOFTWARE AND DOCUMENTATION ARE PROVIDED AS IS AND NETWORK ASSOCIATES INC AND ITS SUPPLIERS DISCLAIM ALL OTHER WARRANTIES AND CONDITIONS EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE CONFORMANCE WITH DESCRIPTION TITLE AND NON INFRINGEMENT OF THIRD PARTY RIGHTS AND THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES THIS LIMITED WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS YOU MAY HAVE OTHERS WHICH VARY FROM JURISDICTION TO JURISDICTION LIMITATION OF LIABILITY TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN NO EVENT SHALL NETWORK ASSOCIATES INC OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT INCIDENTAL CONSEQUENTIAL SPECIAL OR EXEMPLARY DAMAGES OR LOST PROFITS WHATSOEVER INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS OF BUSINESS PROFITS BUSINESS INTERRUPTION LOSS OF BUSINESS INFORMATION OR ANY OTHER PECUNIARY LOSS ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE PRODUCT OR THE FAILURE TO PROVIDE SUPPORT SERVICES EVEN IF NETWORK ASSOCIATES INC HAS BEEN A
329. y have to delete your key from the server more than once Including your public key in an email message Another convenient method of delivering your public key to someone is to include it along with an email message To include your public key in an email message 1 Open PGPkeys 2 Select your key pair and then click Copy on the Edit menu 3 Open the editor you use to compose your email messages place the cursor in the desired area and then click Paste on the Edit menu In newer email applications you can simply drag your key from PGPkeys into the text of your email message to transfer the key information When you send someone your public key be sure to sign the email That way the recipient can verify your signature and be sure that no one has tampered with the information along the way Of course if your key has not yet been signed by any trusted introducers recipients of your signature can only truly be sure the signature is from you by verifying the fingerprint on your key Exporting your public key to a file Another method of distributing your public key is to copy it to a file and then make this file available to the person with whom you want to communicate To export your public key to a file There are three ways to export or save your public key to a file e Select the icon representing your key pair from PGPkeys then click Export on the Keys menu and enter the name of the file where you want the key to be save
330. y saying that if Clipper failed to gain public support and FBI wiretaps were shut out by non government controlled cryptography his office would have no choice but to seek legislative relief Later in the aftermath of the Oklahoma City tragedy Mr Freeh testified before the Senate Judiciary Committee that public availability of strong cryptography must be curtailed by the government although no one had suggested that cryptography was used by the bombers The Electronic Privacy Information Center EPIC obtained some revealing documents under the Freedom of Information Act In a briefing document titled Encryption The Threat Applications and Potential Solutions and sent to the National Security Council in February 1993 the FBI NSA and Department of Justice DOJ concluded that Technical solutions such as they are will only work if they are incorporated into all encryption products To ensure that this occurs legislation mandating the use of Government approved encryption products or adherence to Government encryption criteria is required PGP Desktop Security Phil Zimmermann on PGP The government has a track record that does not inspire confidence that they will never abuse our civil liberties The FBI s COINTELPRO program targeted groups that opposed government policies They spied on the antiwar movement and the civil rights movement They wiretapped the phone of Martin Luther King Jr Nixon had his enemies list
331. y to send data securely across the Internet and other untrusted networks What is a Security Association 160 The first time a local machine communicates with a remote machine PGPnet performs an Internet Key Exchange IKE negotiation and creates a Security Association e During the IKE negotiation the two machines establish how they will communicate with each other for example type of encryption duration of Security Association and authentication method e The resulting Security Association SA contains information that identifies how the two machines are communicating PGPnet records and monitors all SAs that your machine initiates and that other machines initiate with your machine When an SA that your machine initiated is close to expiration PGPnet initiates another SA with the remote host You can view all active SAs on PGPnet s Status panel For more information on the Status panel see Viewing the Status Panel on page 169 PGP Desktop Security PGPnet Virtual Private Networking PGPnet s two modes tunnel and transport PGPnet uses tunnel mode to communicate with hosts or subnets behind a secure gateway and transport mode for peer to peer communications between two secure hosts that do not have a gateway between them What is tunnel mode Tunneling occurs when the machine running PGPnet sends packets through a secure gateway to a host or subnet behind the gateway In the PGPnet Hosts window the dest
332. ynchronize with server upon area select the options to use when synchronizing your private keyring with your key server s Your options are Encrypting to unknown keys Select this option to have PGP automatically look up unknown recipients on the server to locate users that are not on your keyring when encrypting email Signing keys Select this option to allow keys to which you re adding your signature first to be updated from the server and then your changes sent to the server upon completion of the update Adding names photos revokers Select this option to allow keys to which you ve added names photographs or revokers first to be updated from the server and then your changes sent to the server upon completion of the update Updating the key beforehand ensures that for example the key has not been revoked since you last updated it Revocations Select this option to allow keys you revoke first to be updated from the server and then your changes sent to the server upon completion of the update User s Guide 131 Managing Keys and Setting PGP Options e Verification Select this option to have PGP automatically search and import from the key server when verifying a signed email message or file for which you do not have the sender s public key 6 Click OK to save your changes and return to the PGPkeys main window or choose another tab to continue configuring your PGP options To add a key server to the server list 1
333. you change the word wrap setting in PGP make sure that it is less than the word wrap settings in your email application If you set it to be the same or a greater length carriage returns may be added that invalidate your PGP signature 4 Click OK to save your changes and return to the PGPkeys window or choose another tab to continue configuring your PGP options Setting HotKey preferences 128 Use the HotKeys panel to specify keystroke shortcuts for PGP functions To set HotKey preferences 1 Open PGPkeys 2 Choose Options from the PGPkeys Edit menu then click the HotKeys tab PGP Desktop Security Managing Keys and Setting PGP Options The Options menu opens with the HotKeys panel showing Figure 6 13 PGP Options BE General Files Email HotKeys Servers CA Advanced HotKeys IV Purge passphrase caches Ctrl F12 Encrypt current window Ctrl Shift E I Sign current window Ctrl Shift S IV Encrypt amp Sign current window Ctrl Shift C Ctrl Shift D Cancel Help Figure 6 13 PGP Options dialog box HotKeys panel Select the hot key options that you want to use from the HotKey pane Your options are e Purge Passphrase Caches Select this option to create a hot key that allows you to delete the cache which contains your PGP decryption passphrase with a key stroke or series of key strokes The default hot key for this function is CTRL F12 Encrypt C
334. your system and your keyrings as well as your copy of PGP itself If an intruder can tamper with your disk then in theory he can tamper with the program itself rendering moot the safeguards the program may have to detect tampering with keys One somewhat complicated way to protect your own whole public keyring from tampering is to sign the whole ring with your own private key You could do this by making a detached signature certificate of the public keyring How does PGP keep track of which keys are valid 238 Before you read this section you should read the previous section How to protect public keys from tampering PGP keeps track of which keys on your public keyring are properly certified with signatures from introducers that you trust All you have to do is tell PGP which people you trust as introducers and certify their keys yourself with your own ultimately trusted key PGP can take it from there automatically validating any other keys that have been signed by your designated introducers And of course you can directly sign more keys yourself There are two entirely separate criteria that PGP uses to judge a public key s usefulness don t get them confused 1 Does the key actually belong to the person to whom it appears to belong In other words has it been certified with a trusted signature 2 Does it belong to someone you can trust to certify other keys PGP can calculate the answer to the first question T
335. yptography is destined to play in the power relationship with its people In April 1993 the Clinton administration unveiled a bold new encryption policy initiative which had been under development at the National Security Agency NSA since the start of the Bush administration The centerpiece of this initiative was a government built encryption device called the Clipper chip containing a new classified NSA encryption algorithm The government tried to encourage private industry to design it into all their secure communication products such as secure phones secure faxes and so on AT amp T put Clipper into its secure voice products The catch At the time of manufacture each Clipper chip is loaded with its own unique key and the government gets to keep a copy placed in escrow Not to worry though the government promises that they will use these keys to read your traffic only when duly authorized by law Of course to make Clipper completely effective the next logical step would be to outlaw other forms of cryptography The government initially claimed that using Clipper would be voluntary that no one would be forced to use it instead of other types of cryptography But the public reaction against the Clipper chip has been strong stronger than the government anticipated The computer industry has monolithically proclaimed its opposition to using Clipper FBI director Louis Freeh responded to a question in a press conference in 1994 b
336. ys This feature is useful for preventing seldom used keys from cluttering up the Key Selection dialog box when you are sending encrypted email Changes the passphrase for a private key If you ever think that your passphrase is no longer a secret click this button to enter a new passphrase It is a good idea to change your passphrase every 6 months or so For instructions on changing your passphrase see Changing your Passphrase later in this chapter A unique identification number that is generated when the key is created This is the primary means by which you can check the authenticity of a key The best way to check a fingerprint is to have the owner read their fingerprint to you over the phone so that you can compare it with the fingerprint shown for your copy of their public key The fingerprint can be viewed in two ways in a unique list of words or in its hexadecimal format Displays the fingerprint as a unique series of hexadecimal numbers By default this option is disabled and the fingerprint is displayed as a unique series of words Indicates the validity of the key based on its certification and the level of trust you have in the owner to vouch for the authenticity of someone else s public key You set the trust level by sliding the bar to the appropriate level Trusted Marginal or Untrusted The bar is disabled for revoked expired and implicitly trusted keys 110 PGP Desktop Security Managing Keys and Sett
337. ys subnets and hosts If a plus sign appears to the left of an item click on the plus sign to expand the display and view other entries associated with that item see Figure 8 7 on page 176 2 gt PGPnet iol x File View Help Status Log Hosts Name Address Subnet Authentication _ A S 8 Secure Gateway 123 222 33 1 Or Aa B HostBehindGateway 192 168 1 5 B Secure Host 123 222 33 4 erg EH Secure Subnet 123 123 123 0 255 255 2550 Ey PGPnet COn Off status Off 0 active S s Figure 8 6 The Hosts Panel The following table describes the information displayed for each entity Column Description Name Descriptive name of host subnet or gateway entry Address IP address of host subnet or gateway Subnet If the host entry is a subnet this field displays the subnet mask Otherwise this field is blank Authentication An icon appears indicating the type of authentication used for the host entry A key icon indicates public key cryptography authentication e A certificate icon indicates X 509 certificate authentication e An ear icon indicates shared secret authentication e No icon indicates that the configured host entry is insecure SA Displays a green dot when there is an SA with the host If there is no SA with the host the column is blank 172 PGP Desktop Security PGPnet Virtual Private Networking The following table describes the buttons on the Hosts panel Button Descr
Download Pdf Manuals
Related Search