------------------------------------------------------------------------------- Public Key Encryption ------------------------------------------------------------------------------- Summery... Basically a public key system (like PGP, GPG, or the old RSA), has two keys. You would encrypt data with one key and decrypt it with the other. Which is used for encrypt does not matter, the other key then decrypts. One key is made public (anyone can know it) the other private (only you know it) and is generally protected by a normal symmetric key encryption like AES. So to protect data (generally communications like email) you encrypt something using the public key of the receiver. No password is needed for this as it is public. To decrypt the receiver the uses their private key (password protected). As such a password (to get the private key) is needed to decrypt. However to protect against anyone encrypting anything (with your public key) and replacing the data, they also include some encrypted data (a checksum or MAC) in the file with the senders private key. If that special data decrypts using the senders public key, then sender must have encrypted it and thus created the rest of the data. This is a digital signature, as only the sender could have sent it. Thus in a full system you end up needing the password to your private key, to both encrypt (send, digital signing) and decrypt (receive). Public Keys thus work well communications between two different parties. But it is not good for disk, file system, or directory level encryption as the system needs to be encrypting and decrypting the data constantally for the duration of the mounted data. As such you may as well use a symmetric key for encrypted data stores. (like AES). Because of this GPG (or other) does not use public keys for normal file encryption, but uses normal symmetric key encryption (using a -c flag). This is also the same encryption method it actually uses to protect private keys. I hope this makes it clear However you can still use public keys to encrypt files, for situations where a daemon is encrypting data (without knowing the password) for a user to later decrypt. ------------------------------------------------------------------------------- Summary of Public Key Encruyption... load message to send generate cryptographic checksum (MAC) encrypt MAC using SENDERS private key (password needed) append MAC to message (digital signature) encrypt message+MAC using RECEIVERS public key Send signed and encrypted message || _||_ \ / \/ decrypt using RECEIVERS private key (password needed) extract MAC (digital signature) from message decrypt MAC using SENDERS public key (validate sender) checksum message to generate MAC compare the two MAC's (validate data) read/save decrypted message The complication of public key systems is the handling and validation of private and public keys. (Web of Trust) ------------------------------------------------------------------------------- Commands Setup... Config file vi "$HOME/.gnupg/gpg.conf" # # Set yourself as the default reciepent # default-recipient {your_email} # # symmetric cypher to use (default CAST5) # cipher-algo AES256 # # Compress message first # compress-algo zlib Generate key if you don't have one gpg --gen-key (follow prompts) List Public Keys gpg --list-keys List Secret Keys gpg --list-secret-keys GPG Encrypt... # Add --armour to make it ASCII for mail transmission gpg -c filename # encrypt using symmetric (same key) encryption gpg --batch --yes --passphrase secret filename # command line batch gpg -e filename # encrypt using your public key (you decrypt) # To let a different person decrypt it (use there public key) gpg -e --armour -r 'Bob User' filename # Encrypting a file to multiple recipients... # Add more -r (--recipient) to allow multiple people to decrypt gpg --e --armour \ --recipient g.racz@griffith.edu.au \ --recipient d.claverie@griffith.edu.au \ --recipient s.greene@griffith.edu.au \ --output document.txt.gpg \ document.txt # To not declare who can decrypt use --hidden-recipient gpg -e --hidden-recipient Friend \ --output totallyinnocent.txt secrets.txt GPG Decrypt... gpg filename # It will list the private key needed to decrypt # optionally add --decrypt Export Import gpg --list-keys # list keys you know gpg --delete-secret-key {key} # remove them from key ring gpg --delete-key {key} gpg --export {your_key} > exported.public.gpg gpg --show-key exported.public.gpg gpg --import exported.public.gpg gpg --sign-key {your_key} gpg --check-signatures {key} # Adjust the trust of a key gpg --edit-key {key} gpg> trust ... Your decision? 4 # I trust this key gpg> quit ------------------------------------------------------------------------------- How is the pass-phrase handled? The speed of failure for a wrong password on a private key makes me doubt that GPG is using hash iteration (PBKDF2) to protect the pass-phrase to cryptographic, key stretching. Just how secure are private keys and symmetric encrypted files? ------------------------------------------------------------------------------- Encrypt a big file using OpenSSL and someone's public key https://www.czeskis.com/random/openssl-encrypt-file.html Step 0) Get their public key The other person needs to send you their public key in .pem format. If they only have it in rsa format (e.g., they use it for ssh), then have them do: openssl rsa -in id_rsa -outform pem > id_rsa.pem openssl rsa -in id_rsa -pubout -outform pem > id_rsa.pub.pem Have them send you id_rsa.pub.pem Step 1) Generate a 256 bit (32 byte) random key openssl rand -base64 32 > key.bin Step 2) Encrypt the key openssl rsautl -encrypt -inkey id_rsa.pub.pem -pubin -in key.bin -out key.bin.enc Step 3) Actually Encrypt our large file openssl enc -aes-256-cbc -salt -in SECRET_FILE -out SECRET_FILE.enc -pass file:./key.bin Step 4) Send/Decrypt the files Send the .enc files to the other person and have them do: openssl rsautl -decrypt -inkey id_rsa.pem -in key.bin.enc -out key.bin openssl enc -d -aes-256-cbc -in SECRET_FILE.enc -out SECRET_FILE -pass file:./key.bin NOTES: You should always verify the hash of the file with the recipient or sign it with your private key, so the other person knows it actually came from you. If there is a man-in-the-middle, then he/she could substitute the other person's public key for his/her own and then you're screwed. Always verify the other person's public key (take a hash and read it to each other over the phone). -------------------------------------------------------------------------------