Network Computingwww.networkcomputing.com

Protecting Your Privacy

Cryptography, the science of concealing messages, has been vital for diplomatic and military security for centuries. While the technique used by Julius Caesar, the simple substitution cipher, is extremely weak by today's standards, recent advances in cryptographic research hold the promise of arbitrarily strong protection for your personal files. A popular and powerful program by the name of Pretty Good Privacy (PGP) will serve your data protection needs and is especially suited for electronic mail.

Until recently, cryptography systems used the same key to encrypt and decrypt a file. With these systems, the strength of the algorithm and the key used determined the amount of security. The best algorithms retained their strength even if the algorithm used was public. These systems are private key, or symmetric, cryptosystems, and their advantage is speed. A disadvantage to private key cryptography is key management, since each pair that wishes to communicate must have a unique shared key. So if you need encrypted communication with five other people, you need to generate five keys to keep your data secure (using the same private key with all your friends would allow each to access information intended for another). Since an eavesdropper who learns of a key would be able to read any messages encrypted by that key, you must distribute the keys securely, which may be difficult if you communicate over a network.

However, in 1976, Whitfield Diffie and Martin Hellman suggested a different approach, which they called public key, or asymmetric, cryptography. Here, each key actually consists of two parts -- an encrypti on half (the "public key") and a decryption half (the "private key," which unlocks data encrypted with the matching public key).

This system allows a more convenient key distribution method -- anyone who wishes to communicate with you can use your public key, rather than prearrange generating a key and keeping it secure. Furthermore, eavesdroppers can't use an overheard public key to decrypt files. Unfortunately, public key cryptosystems are typically slower than private key cryptosystems. Until recently, there weren't any easy-to-use programs that implemented public key cryptography.

The Many Algorithms

IDEA is a private key system invented by Xue Lai and James Massey in 1992 and incorporated in PGP since version 2.0. It uses a 128-bit key, which is considerably longer than the 56-bit key the Data Encryption Standard (DES) uses. The DES makes a brute force search of all possible keys unfeasible. IDEA is fast in software and resists advanced attacks such as differential cryptanalysis.

RSA is a public key cryptosystem named for its inventors: Ron Rivest, Adi Shamir and Len Adelman. In 1978, these mathematicians discovered a technique that fulfilled all the requirements of public key cryptography described by Diffie and Hellman, and also allowed for "digital signatures," which are analogous to handwritten signatures on documents. Most importantly, digital signatures are unforgeable. By placing a digital signature on a file, you add information that others can use to establish your authorship or agreement.

MD5 is a message digest algorithm, invented by Ron Rivest in 1992. A message digest algorithm takes an input string, performs various bit mixing operations on it and outputs a fixed-length result, called the hash. The hash is a fingerprint or distillate of the input: It is unfeasible to find another input string with the same hash.

PGP combines these algorithms. First, since asymmetric cryptography is slower than symmetric cryptography, a message is encrypted with IDEA instead of RSA, using a randomly generated key, called a session key. Then, to gain the advantages of asymmetric cryptography, the session key is RSA encrypted with the public key of the person to whom you want to send the message. To guard against change, a hash is taken using MD5. That way, if the message is altered in transit, the change will be detected.

Using PGP

The first step involves generating a key pair-a public key, which others use to encrypt and/or verify signatures, and a private key, that you use for decrypting and/or signing files. You exchange public keys with anyone you need to communicate with and add their public keys to your key ring-a collection of all your public keys that PGP helps you maintain.

PGP's primary user interface is the command-line, although Windows and Macintosh shells are available that provide easy point-and-click usage. GUI interfaces are available that reduce complexity, so you can easily encrypt a Microsoft Word document under Windows and send it to your Macintosh-using friend.

Pulling It Together

When Alice receives your file, PGP unlocks the hash with your public key and decrypts the session key with her private key. Then, the hash is checked with another hash taken of the file and the file is decrypted with the session key. If the file was altered in transit, the mismatch will be detected and Alice will be warned that the digital signature is bad.

PGP takes some time to learn, since it has options such as text vs. binary input and output, symmetric encryption only, detached signatures and encryption for multiple recipients. Luckily, many of the esoteric features aren't used frequently. Further work on ease of use is needed.

PGP has a controversial past. Public key cryptography is patented. The patents are held by RSA Data Security Inc. (RSADSI), and Zimmerman did not obtain permission to use them. RSADSI feels all versions of PGP prior to 2.3 infringe on the patents. A company named ViaCrypt negotiated a license and sells a version of PGP for commercial use. An MIT group obtained a license from RSADSI, and so all versions of PGP after 2.5 are legal.

However, the U.S. government classifies cryptographic devices as munitions, making such devices export controlled. So just because you can use it legally doesn't mean you can export it legally. Zimmerman is under investigation for "exporting" PGP by making it available via anonymous ftp to the world. His legal situation is far from resolved.

Karl L. Barrus is a software engineer at Compaq Computer Corp. He can be reached at klbarrus@bangate.compaq.com.

FTP Sites For Obtaining PGP

The latest freely available version for DOS/Windows and Unix is 2.6.2, for Macintosh is 2.6.

telnet://net-dist.mit.edu and login as getpgp
Answer the questions and you will be given further instructions.

ftp://ftp.csn.net/mpj
Read the file README.MPJ for further instructions.

ftp://ftp.eff.org/pub/Net_info/Tools/Crypto
Read the file README.Dist for further instructions.

ftp://ftp.wimsey.bc.ca/pub/crypto/software
Read the file README for further instructions.

ftp://ftp.informatik.uni-hamburg.de/pub/virus/crypt/pgp

ftp://ftp.ox.ac.uk/pub/crypto/pgp