Workbook on Digital Private Papers > How-Tos
How-Tos
Securing and signing documents using GNU Privacy Guard (GnuPG) command-line tool GPG
GPG is a command-line tool that enables documents to be secured for exchange with other users, as well as verification of the source of a document that has been signed or encrypted. GPG can:
- encrypt files so that only the intended recipient may read the contents of the file;
- sign files, so that recipients of the file will be able to verify the actual sender;
- decrypt and verify files that have been received from others;
- manage and maintain keypairs.
Generating a key pair
To utilise GPG's functions, requires that a pair of public and private GPG keys be created. When gpg is first run from the command line it will automatically create some configuration files:
janette> gpg --gen-key
gpg (GnuPG) 1.4.2; Copyright (C) 2005 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details.
gpg: directory `/home/janette/.gnupg' created
gpg: new configuration file `/home/janette/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/janette/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/janette/.gnupg/secring.gpg' created
gpg: keyring `/home/janette/.gnupg/pubring.gpg' created
and then it prompts with a number of questions, which we'll go through individually:
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 1
Select the default (1). The DSA key is used to sign documents and the ElGamal key will be used for encryption.
Then, the encryption key size is requested:
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)2048
Requested keysize is 2048 bits
Keeping with the default keysize of 2048 bits is recommended unless security is the overriding concern. The longer the key size the greater the strength of the encryption, but there is corresponding decline in performance with a longer key length.
The period for the key's validity is then queried:
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)0
It is recommended that 0 be selected here. In almost all cases, allowing a key to expire creates more issues than it solves (for example: how to manage documents which have been signed by an expired key, management of certificate revocation lists). Confirmation of the choice is then requested:
Key does not expire at all
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: janette
Email address: janette@paradigm.ac.uk
Comment: Archivist
You selected this USER-ID:
"janette (Archivist) <janette@paradigm.ac.uk>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
Some information about the user needs to be entered, which will be stored in the key:
The user name, an email address and a comment (such as a role) are requested.
A prompt to allow the information to be modified is given; if the information is correct, choose "o" for "Okay."
Finally the passphrase to protect the private key is requested:
You need a Passphrase to protect your secret key.
Enter passphrase:
A memorable but hard to guess passphrase needs to be chosen. The passphrase should have a mix of upper- and lowercase letters, numbers and preferably one or more non-alphanumeric characters. It is allowed to contain spaces and multiple words, but should not be either a dictionary word or even a grammatically correct sentence. The passphrase must not be forgotten or disclosed! If the private key is somehow compromised, the passphrase is the only line of security that prevents a malicious user from posing as the key owner or decrypting files meant only for that user.
On entry of the passphrase, random typing is requested to help the random number generator operate. GPG will exit, after few seconds having created and signed the keys:
gpg: /home/janette/.gnupg/trustdb.gpg: trustdb created
gpg: key 8EE248DD marked as ultimately trusted
public and secret key created and signed.
An optional step is to immediately create a revocation certificate in case the passphrase is forgotten or the private key has been compromised or lost. In which case the certificate may be published to notify others that public key is no longer valid for use.
janette_a.gpg --export janette
Will output the public key for janette to the file janette_a.gpg. This file can now be given to anyone with whom an exchange of signed or encrypted files is intended.
To verify files received from other users, as well as to encrypt files for sending to those users, their keys will need to be imported. Once their public key has been received, gpg will need to be run with the --import option:
janette> gpg --import kathy.gpg
gpg: key 0173616E: public key "kathy (Cataloger)
gpg: Total number processed: 1
gpg: imported: 1
Before using someone else's public key, the key should be verified to make sure that it has indeed come from that person. To do this, requires the key's fingerprint to be found. gpg is invoked with the --edit-key option (the key may be identified by either the real name or the email address of the key's owner):
janette> gpg --edit-key kathy@paradigm.ac.uk
pub 1024D/0173616E created: 2007-02-14 expires: never usage: CSA
trust: unknown validity: unknown
sub 1024g/C3542424 created: 2007-02-14 expires: never usage: E
[ unknown] (1). kathy (Cataloger) <kathy@paradigm.ac.uk>
Command>
At this prompt, enter "fpr" to see the key's fingerprint:
Command> fpr
pub 1024D/0173616E 2007-02-14 kathy (Cataloger) <kathy@paradigm.ac.uk>
Primary key fingerprint: D18B E7C8 ADF9 7B38 11A7 342C D532 CA21 0173 616E
Command> sign
pub 1024D/0173616E created: 2007-02-14 expires: never usage: CSA
trust: unknown validity: unknown
Primary key fingerprint: D18B E7C8 ADF9 7B38 11A7 342C D532 CA21 0173 616E
kathy (Cataloger) <kathy@paradigm.ac.uk>
Are you sure that you want to sign this key with your
key "janette (Archivist) <janette@paradigm.ac.uk>" (8EE248DD)
Really sign? (y/N) y
You need a passphrase to unlock the secret key for
user: "janette (Archivist) <janette@paradigm.ac.uk>"
1024-bit DSA key, ID 8EE248DD, created 2007-02-14
Once the fingerprint has been established the owner of the key should be contacted, preferably by phone or in person. Check that the fingerprint of the owner's key matches the one received. If it does, then the key should be signed in order to use it:
GPG will ask for confirmation, answer "y" here, then the signing key's passphrase is requested. Imported and signed keys can be checked to list the signatures on them. The user id on the key will have one or more self-signatures as well as signatures from those users who have validated the key.
Command> check
uid kathy (Cataloger) <kathy@paradigm.ac.uk>
sig!3 0173616E 2007-02-14 [self-signature]
sig! 8EE248DD 2007-02-23 janette (Archivist) <janette@paradigm.ac.uk>
Command> quit
Save changes? (y/N) y
Finally, type "quit" at the next prompt to exit GPG (answer "y" when asked to save changes).
Encrypting and decrypting files using keys
Now that Janette has a validated the public key for Kathy, she can use it to encrypt her communications with Kathy and likewise Kathy can use Janette's exported public key to encrypt messages back to Janette. Both Janette and Kathy will need to use their own private keys to decrypt the encrypted messages they receive from each other.
If Janette wishes to encrypt a file janettes.doc so that it can only be read by Kathy, the --encrypt option is used:
janette> gpg --output janettes-doc.gpg --encrypt --recipient kathy janettes-doc
This option generates an encrypted file called janettes-doc.gpg that can be decrypted only by the use of Kathy's private key. Use of this command requires that the receiver's public key has already been imported.
To decrypt a file kathys-doc that has been encrypted with Janette's public key so that it can only be read by Janette, the --decrypt option is used:
janette> gpg --output kathys-doc --decrypt kathys-doc.gpg
You need a passphrase to unlock the secret key for
user: "janette (Archivist) <janette@paradigm.ac.uk>"
1024-bit DSA key, ID 8EE248DD, created 2007-02-14
Enter passphrase:
After entering the passphrase, this will decrypt the encrypted file kathys-doc.gpg and output it to kathys-doc.
Signing and verifying files without encryption
Clear-signing a file is a method of assuring the receiver that the file has come from the sender, but without encrypting the file. It has the advantage that the receivers may read the file without having to decrypt it with their key or a passphrase, so any user who has access to the public key may read the file, as well as verifying its authenticity. This is useful when publishing from a webpage or other shared space, but is not suitable for sensitive material that should not be publicly accessible.
To sign the file janettes-doc, gpg is used with the --clearsign option:
janette> gpg --clearsign janettes-doc
You need a passphrase to unlock the secret key for
user: "janette (Archivist) <janette@paradigm.ac.uk>"
1024-bit ELG-E key, ID D2AB6E6A, created 2002-06-17 (main key ID 249DB93F)
Enter passphrase:
This produces the file janettes-doc.asc,a clearsigned file in the following format:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The quick brown fox jumps over a lazy dog.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFGCmQBYSPkqI7iSN0RAskoAJsGSabT7JH566RTSE4eMgDsQx0K/QCdEKQL
tHx3C56kwXH9qlJ5ShoZ/oo==Zenw
-----END PGP SIGNATURE-----
The file contents appear between "Hash: SHA1" and "-----BEGIN PGP SIGNATURE-----" lines. To verify a signed file that has been received, the gpg --verify option is used:
janette> gpg --verify kathys-doc.asc
gpg: Signature made Wed 28 Mar 2007 13:51:14 BST using DSA key ID 0173616E
gpg: Good signature from "kathy (Cataloger) <kathy@paradigm.ac.uk>"
GPG can be used with the --decrypt option on the signed document file to recover the original.
janette> gpg --output kathys-doc --decrypt kathys-doc.asc
gpg: Signature made Wed 28 Mar 2007 13:51:14 BST using DSA key ID 0173616E
gpg: Good signature from "kathy (Cataloger) <kathy@paradigm.ac.uk>"
More information is available from the GPG homepage and the GPG manual.
