If you need or want PGP (Pretty Good Privacy) try the commercial PGP software at : http://www.pgp.com/ or the (free) GNU implementation of the OpenPGP standard at http://www.gnupg.org/.

Strong encryption software such as PGP Was (possibly still is) regarded as a sensitive "munition" or some such rubbish, and export is not allowed - as if publicly available software could possibly be restricted to national borders. I am told that copies have managed to creep out and if you are outside Canada or the US and want the software you can get it.

It seems that the following international site (though it is old) ignored the wishes and laws of the US government on this matter: The International PGP Home Page. The search engines can no doubt find hundreds more of these scofflaw sites. Imagine that!

I believe attempts to restrict encryption software and undermine its widespread use represent the fear by "Big Brother" that the era of universal easy snooping is coming to an end. I assert that no organization has the right to read all my mail, listen to all my phone messages and generally track every aspect of my life at will. This assertion is meaningless unless I can enforce the remaining shreds of my privacy using convenient unbreakable encryption.

If EVERYONE encrypted EVERYTHING they sent as a matter of course, the snoops would be OUT OF BUSINESS and, in my view, the world might be a slightly better place ...

I guess it depends on who you are more afraid of: bad guys in the government or bad guys out of the government. Granting sweeping authority to the government might be useful temporarily ("our" bad guys) but it is virtually impossible to get them to relinquish their powers once granted. That is, often, how governments become blatant dictatorships: not at the point of a gun but accepted willingly, a step at a time, by a fearful populace and impatient leaders.

Sermon and paranoia aside, this stuff is just WAY COOL. MUCH better than secret decoder rings.

It works as follows:

Encryption keys are created in pairs. Either key can be used to unbreakably encrypt a message. However only the OTHER key in the pair can decrypt that message. Typically one key of the pair is made public (such as the one below) and the other kept very secure and private.

If you want to send me a secure message, you use my public key to encrypt it and then only my private key can unscramble it.

If you want to digitally "sign" the message, so I know you actually sent it and the message was not altered in transit, you encrypt information about the message using your private key. This is done automatically by your copy of the PGP software.

When I receive the message I decrypt the message using my private key. I know that no one else could have read this encrypted message.

If I wish to verify authenticity (i.e. that you sent it and not someone pretending to be you) I then decrypt the signature using your public key and compare the information there to the corresponding info from the message I received. Once again, this is done automatically by the PGP software. Only you could have signed it using your private key. The signature contains info about the message to verify that you were looking at the same message I received when you encrypted it to my public key.

Unbreakable encryption. Unforgeable signature. Verification that the encrypted message arrived unaltered and came from you. All of these details are handled by the software, and most popular mail clients also support PGP plugins to automate the encryption/decryption process.


Version: PGPfreeware 6.5.1 for non-commercial use 


Some Words About The Term "Unbreakable"

"Unbreakable" is a pretty strong claim. Currently only the smallest key pairs (perhaps a couple of hundred bits) can be cracked by brute computational force in the civilian world - and that only with the expenditure of costly amounts of computer time. Obviously this is not a static record and also there are supercomputer resources and techniques classified by governments that are unavailable to civilians. However mathematicians think that the difficulty in cracking a key pair is not linear in the key size, but exponential in the number of bits in the key. A 3072 bit key would not be 48 times harder to crack than a 64 bit key - it might be 1000000000000000 times harder.

Most Diffie-Helman keys are 3072 or 4096 bits and RSA keys should be 2048 bits (for backward compatibility with older software.)

Phil Zimmerman, the author of the original PGP software, has this to say :

An expensive and formidable cryptanalytic attack could possibly be mounted by someone with vast supercomputer resources, such as a government intelligence agency. They might crack your public key by using some new secret mathematical breakthrough. But civilian academia has been intensively attacking public key cryptography without success since 1978. Perhaps the government has some classified methods of cracking the conventional encryption algorithms used in PGP. This is every cryptographers worst nightmare. There can be no absolute security guarantees in practical cryptographic implementations.

Still, some optimism seems justified. The public key algorithms, message digest algorithms, and block ciphers used in PGP were designed by some of the best cryptographers in the world. PGPs algorithms have had extensive security analysis and peer review from some of the best cryptanalysts in the unclassified world.

Besides, even if the block ciphers used in PGP have some subtle unknown weaknesses, PGP compresses the plaintext before encryption, which should greatly reduce those weaknesses. The computational workload to crack it is likely to be much more expensive than the value of the message.

Zimmerman's conservative and careful statement aside, and with all due respect to the computing community, no one involved in this business seems to believe that anyone can now or will in the near future crack big key encryption by brute force. No one seems to think the encryption techniques themselves carry subtle weaknesses that would make them vulnerable to a "smart" attack.

There are, however, conventional "spy" techniques that could work rather easily and cheaply if your messages are a valuable target. These all involve physical invasion, break-ins or other monitoring of the computer on which the encryption occurs. Each item can be dealt with and security breaches detected and corrected. Each time you solve a potential problem you make the software more cumbersome to use but more secure : "Bug" searches, no windows in the room, locks on all doors, security guards, electromagnetic screening, software checksum monitoring, keeping keys on different media, no direct internet connection etc. etc. etc.

You must decide how valuable your data is and to what lengths you are willing to go to obtain incremental increases in security. Examples of things that can go wrong:

As a final note, I reproduce a comment contributed to a forum on the topic by an individual who calls himself "Anonymous Coward." It is interesting to see the things people who spend a lot of time thinking about security have to say.

It's physically impossible to securely remove plaintext data on a magnetic medium without destroying the media. The data is always there, no matter how many times you write over it because there is more than one atom involved on the part of the medium where a given bit is written, and you never change the magnetic properties of all the atoms involved in storing that given bit.

A well funded attacker will be able to recover every bit of data ever written to the medium, and establish chronological order of writes per bit on the disk. The number of times you overwrite or otherwise wipe the files is irrelevant

Also, random data is a less secure means of obscuring existing data than random actual day to day files because the entropy of the data you're trying to hide, and the entropy of the noise you're using to cover it up with differ so greatly. With a chronological record of the bits written in a volume (given, only available to the most sophisticated and well funded attacker), and a search for entropy, it is a quite simple task to recover any data that was ever represented on the media.

These tools only obscure the data from poorly funded, inept attackers. If those are who concern you given your threat model, then OK. Else the NSA is having a great belly laugh at your expense.

If you would like true file security, you need a cryptographic filesystem on a fresh drive. Ensure that the keys to decrypt said partition and your passphrase are stored on a separate media (cd-r perhaps) which you can shred using a cross-cut shredder (one that makes fingernail clipping sized chunks) before being burned.

Keep this disk on you at all times, or be able to account for it at all times. Your reaction time for removing your key media, turning off your machine, shredding and then burning said media must be less than the time between your detecting an attacker on the premises and their reaching the machine.

Your browser cache, saved emails and chat logs can be used as cribs to crack the encryption on your partition. never write them to disk, even in encrypted form.

In general, never write plaintext to your hard drive, and keep the keys off of your hard drive if keeping people from reading data that was ever at any time written to it is important to you.

Happy Encrypting! ;-)

Link to my Bellevue College Page

Susanka's Front Door

I can be contacted by phone at Bellevue College at (425) 564-2484 or by e-mail at lsusanka@bellevuecollege.edu .

Join the Blue Ribbon Online Free Speech Campaign!
Join the Blue Ribbon Online Free Speech Campaign!
This page was last modified on 07/18/14 at 22:08.
These are my personal pages. Bellevue College is not responsible for their contents, nor do they reside on a BC server.