My Foray Info End-to-end Encryption

Saturday, April 04, 2015
By Kevin
Encryption Padlock
Image credit: Yuri Samoilov

A couple weeks ago I read an article about how journalists communicated with Edward Snowden. It was an interesting article on the precautions needed for secure communications. Combine that with this TED talk from Glenn Greenwald on "Why Privacy Matters" and my curiosity was piqued. If you have not read the article or watched the video please do so now. They're really good and worth your time.

Over the last several weeks I've been doing a lot of reading about the two main implementations of end-to-end encryption: PGP and S/MIME. They both have the same goal, accomplish it in mostly the same way, but have one or two key differences that set them appart.

TL; DR

  • S/MIME is the easiest to setup, but only works with email and not with web interfaces.
  • PGP is a bit more flexible and robust, but also more complicated to use.
  • Choose at least one, but regardless of your choice: backup your private keys!

The GNU Privacy Guard

GNU Privacy Guard (GPG) is a free and open source implementation of the OpenPGP Standard. PGP stands for "Pretty Good Privacy" and is a strong encryption mechanism for data communications.

In A Nutshell

PGP is almost always 1-to-1 communication. Data is encrypted so that it can only be decrypted by the intended recipient. This is accomplished with the use of public and private keys. A message encrypted with a public key can only be decrypted with the private key. So, for example, if John encrypts a PDF using my public key, I will be the only person that can decrypt the file. To anyone else the file will look like a bunch of random characters. Here's an abbreviated version of what an encrypted file looks like.

-----BEGIN PGP MESSAGE-----
hQIMA2htye3Rmn7yAQ//YIvCFWBADZZ7QARJt/JzM8QPhdmEb6lVbdMjaOSmT0s8
ZF/w6G4ti6EZUh1t/+uS2dhmWygtsfaMV91ONxzMtlZr54ycxOMmW/ISVOSXU1bZ
D1T31Au5rNj9TISNdgjkcQMa/B9mI9u6cIT26Jxujk58Fq8X1EkdVpNu0EsdXnQs
ddg2XgOuBiyw0YlFUQYHQitG9WpNxyWuuuXPbGxadRoJfwNWtYRpoglW+b3DeC6H
j5Bb3iH+1mezJg==
=ZGmu
-----END PGP MESSAGE-----

In addition to encryption and decryption, PGP also includes a signing feature. Signing is a way of proving that a message, encrypted or not, actually came from you. It proves your identity; no one else can sign as you without your private key.

Full Control

One of the biggest advantages of PGP is in the creation of private and public keys. Both keys are created by you, and both keys are created locally. This should give you a high amount of confidense that no one else has seen your private key.

PGP is also very flexible. It can be used to encrypt almost any digital item: e-mail, text message, file, etc. Its flexibility does, however, make it more difficult to use in day-to-day life.

Web of Trust

The most unique trait to PGP is something called the Web of Trust. This is a concept used for proving an individual's identity. If you can prove your identity (usually with a government issued ID) to another person, they will use their private key to sign your public key. This adds endorsement to your identity. If you've ever heard of a key signing party this is what is taking place. People get together, positively identify each other, and sign each other's keys.

Public keys can be shared like any other public information. There are even several Keyserver sites to help host and distribute public keys.

Subkeys

Subkeys add more security to your private key. You can use your main private key to generate a second private key that becomes the one you use on a daily basis. If the second private key is compromised you can use your main private key to revoke the second key and generate a new one. This is a lot less work than recreating a new main private (and public) key and going through the keysigning all over again.

Resources

There are a lot of resources on the internet that can assist in setting up a PGP key pair. The links here favor Mac or Linux and the use of a terminal window.

Further Reading

Here are a few tutorials I found helpful when learning and setting up PGP.

Software

GPG has the following supported software suites that can create and manage PGP keys.

The following email clients support PGP encryption (some require addons/plugins from the above sites).

Secure Internet Mail

S/MIME stands for Secure/Multipurpose Internet Mail Extensions. It adds public key encryption and signing to electronic mail.

S/MIME is very similar to PGP. It is used to encrypt messages such that only the recipient can decrypt them. The difference is that it's specific to email. S/MIME also supports identity authentication (signing).

The biggest difference between S/MIME and PGP is instead of the "Web of Trust" there are Certificate Authorities.

Certificate Authorities

A Certificate Authority (CA) is an establishment that issues digital certificates, manages these credentials, and provides proof that the owner of a certificate is legit. One type of certificate that a CA can issue can be used for S/MIME cryptography. There are a few CAs that will provide an S/MIME certificate for free, but most will charge a fee and provide additional services.

The creation of an S/MIME certificate is typically done by the CA issuing the certificate. Most do this using functions built into your web browser and then save them directly to your computer. This is probably secure, but if you want to be really sure you'll need to find a CA that allows you to generate your own certificate.

Resources

There are a lot of resources, guides, and tools out there for configuring S/MIME. Here are a few I found interesting.

Software

The following software supports signing and encrypting email with S/MIME certificates.

Further Reading

Both of these are good guides for getting S/MIME configured, but I would not email your certificate to yourself. It gives a copy of your private certificate to your email provider and is at risk for being viewed while in transit to your device. It's too much of a security risk. Use this guide I wrote instead to copy your certificate to your iPhone.

Private Keys

Private keys are crazy important. If you lose a private key, you no longer have access to decrypt any message (past, present, or future) that was encrypted with your public key. If your private key is stolen, then that person has access to all messages that were ever encrypted with your public key.

Backup your private keys.

USB Flash Drive

The easiest place to backup your private keys is to a USB flash drive. I bought this key on Amazon and used it to backup both keys. I wanted a separate flash drive so I could store it in a safe place (e.g. lock box or safe).

Paper Backup

There are a few options if you want to make a paper backup of your private key or certificate. Linux and Mac users can use qrencode from libqrencode. I wrote a bash shell script to make this process easier. Windows users can use PaperBack.

Secure Remove

If you make any copies of your private key via export be sure to securely remove it from your computer. On a Mac, you can do this by either deleting the file and doing a Secure Delete on the trash, or by using the srm terminal command on Mac OS X. Linux users can use shred -r, and Windows users should use a tool like Eraser.

Strong Passwords

XKCD has a great comic about password strength. It makes a great case for strong passwords that are easy enough for humans to remember, but hard (long) enough for computer algorithms. I found a password strength meter and a site that estimates the time it would take to crack a password.

I wouldn't enter a real password into these sites, but you can play around with them to understand how to make a stronger password. For example, onebuttontwobutton is a weak password even though its 18 characters long, but Onebutton2button! is significantly stronger.

At some point in my reading I came across an interesting way to generate long, random passwords called Diceware. In short, you roll 5 dice a bunch of times and use the numbers that come up as an index into a word list. I wrote a python script to generate a random "diceware" word list file complete with instructions. Here's an example file.

Leftover Risks

Even with all of the above technology there are still risks. Allowing physical or remote access to a trusted machine will most likely compromise your private keys. Use strong passwords on your home computer and make sure you have a firewall running on your computer. Stolen devices are also a risk. Make sure you can remote wipe the device if necessary.

Messaging Applications

There's also some risk associated with the various messaging apps out there. The Electronic Frontier Foundation (EFF) released a Scorecard that rated several apps on security and privacy. You can check your favorite app on that list. The first four columns are very important; the remaining three are also significant but maybe not critical depending on your trust of the app's author. I use the Signal app for secure messaging on my iPhone. I've tried Cryptocat before and like it as a web-based solution.