Slide 1

Slide 1 text

The Care and Training of a PGP or: PGP and You

Slide 2

Slide 2 text

` thoughtbot Keep Ruby Weird Pretty Good Weekly (calebthompson.io/pretty-good)

Slide 3

Slide 3 text

What is PGP

Slide 4

Slide 4 text

StreetPass for nerds

Slide 5

Slide 5 text

• Pretty Good Privacy (OpenPGP) is a standard that enables encrypted communication between individuals.

Slide 6

Slide 6 text

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ! You may have received an email with a "NONAME" or "signature.asc" attachment and wondered what it was, or you might have seen an "armored" email wrapped in something like this. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 ! iQEcBAEBCAAGBQJUqFYaAAoJEBYhrcKgrOcK1PwIAKmBHbUwz8jC0vMWwMi5dOQc ZSYCAy0D5r6xRinItelIx0cHFkys3kVIYpEyXRlfHz6EwRJsJcIohcqAMK+xmxtD ZwWjv0QkY0upDBZOnG0Zm4D13hTFLP19RSi5nYMH0ozNVsOCwiizIOYeAvcnzUaC mXLK9eY5lsFUmDVtc7sU9N1pAHoR/yXrGYVLm8Q4W3NMIjrWMfg4SuMKDcg7wapR wYNI97EYeYVG7n3DTvATtWgWpLnLpsHYcAe4dA7qLvOiz4x4eyz02Z7jNjXXyF0c kQAA1BHcYeCjn01QeRkNkM+8t/GmydTJ5Ui81kEHrtFWkaqqI7LK6jBMhMz/yt4= =bJzJ -----END PGP SIGNATURE-----

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

Okay, Thanks for Coming.

Slide 9

Slide 9 text

• This is a PGP-signed message, and it is cryptographically verifiable as having been signed by a specific key and representing a specific message.

Slide 10

Slide 10 text

• PGP also allows you to encrypt messages, so that only intended recipients who control their secret keys can read them.

Slide 11

Slide 11 text

• Messages might be actual messages, but they can also be things like hashes of software packages, which means you can be sure that a package came from a specific key.

Slide 12

Slide 12 text

• Debian, RVM, Apache, Kernel.org, Aptitude, and others use this to help increase security pretty much for free (from the end-user perspective).

Slide 13

Slide 13 text

• how to generate keys

Slide 14

Slide 14 text

• how to send and receive encrypted messages

Slide 15

Slide 15 text

• how to sign other people’s keys

Slide 16

Slide 16 text

• how to trust other people’s keys

Slide 17

Slide 17 text

• but not only how

Slide 18

Slide 18 text

• what all of that means

Slide 19

Slide 19 text

• why we would ever want to do it

Slide 20

Slide 20 text

Let’s install the thing

Slide 21

Slide 21 text

• OpenPGP is a standard (RFC 4880)

Slide 22

Slide 22 text

• pgp is a implementation owned by Symantec

Slide 23

Slide 23 text

• GnuPG, or GNU Privacy Guard (or GPG), is a FOSS implementation of OpenPGP

Slide 24

Slide 24 text

• gpg, gpg2, gpg21

Slide 25

Slide 25 text

• classic, stable, modern

Slide 26

Slide 26 text

brew install gnupg2

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

brew uninstall gnupg2 gpg-agent dirmngr

Slide 29

Slide 29 text

brew tap homebrew/versions brew update brew install gnupg21

Slide 30

Slide 30 text

cp ~/.gnupg ~/.gnupg.stable

Slide 31

Slide 31 text

Generating a key

Slide 32

Slide 32 text

• To get anywhere with PGP, you'll need to have a keypair.

Slide 33

Slide 33 text

A keypair is composed of two parts

Slide 34

Slide 34 text

• A public key, which you'll publish, allows others to encrypt messages to you and verify messages from you.

Slide 35

Slide 35 text

• A private key, which you'll keep secret and safe, allows you to decrypt the messages encrypted to your public key and to sign messages so that others can verify they are from you.

Slide 36

Slide 36 text

• Algorithms which separate keys into public/private pairs are more secure for several reasons, including that the private key should never be on the Internet.

Slide 37

Slide 37 text

$ gpg --full-gen-key

Slide 38

Slide 38 text

Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1

Slide 39

Slide 39 text

RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits

Slide 40

Slide 40 text

Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) 1y Key expires at Tue Dec 22 17:53:00 2015 CST Is this correct? (y/N) y =

Slide 41

Slide 41 text

• This step allows you to limit the length of time your keys will be valid for. • It's possible to refresh the key before it expires so you're not losing a key if it runs out of time and you still have access to it. • If you lose your secret key, it will automatically invalidate when it expires. • I didn't want to bother with refreshing my key regularly, so mine never expires. Several others at thoughtbot have an expiration for 1 year after the key was generated. • It’s best to have one, just remember to refresh your key at whatever interval you define.

Slide 42

Slide 42 text

GnuPG needs to construct a user ID to identify your key. ! Real name: Caleb Thompson Email address: [email protected] Comment: You selected this USER-ID: "Caleb Thompson " ! Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

Slide 43

Slide 43 text

• Enter a passphrase. • It’s like a password, but longer and more secure • It’s the weakest part of this whole system, so make it as strong as you can • Make sure nobody’s watching you set it

Slide 44

Slide 44 text

gpg: key D658D2CC marked as ultimately trusted public and secret key created and signed. ! pub rsa4096/D658D2CC 2014-12-22 [expires: 2015-12-22] Key fingerprint = 7CCF 75EC 8930 D351 3A35 D4AF 78DA E141 D658 D2CC uid [ultimate] Caleb Thompson sub rsa4096/11597F23 2014-12-22 [expires: 2015-12-22]

Slide 45

Slide 45 text

$ gpg --send-keys D658D2CC # <- your new key id

Slide 46

Slide 46 text

But I have more than one email address

Slide 47

Slide 47 text

$ gpg --edit-key [email protected]

Slide 48

Slide 48 text

Secret key is available. ! pub rsa4096/D658D2CC created: 2014-12-22 expires: 2015-12-22 usage: SC trust: ultimate validity: ultimate sub rsa4096/11597F23 created: 2014-12-22 expires: 2015-12-22 usage: E [ultimate] (1). Caleb Thompson

Slide 49

Slide 49 text

gpg> adduid Real name: Caleb Thompson Email address: [email protected] Comment: You selected this USER-ID: "Caleb Thompson " ! Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o

Slide 50

Slide 50 text

pub rsa4096/D658D2CC created: 2014-12-22 expires: 2015-12-22 usage: SC trust: ultimate validity: ultimate sub rsa4096/11597F23 created: 2014-12-22 expires: 2015-12-22 usage: E [ultimate] (1) Caleb Thompson [ unknown] (2). Caleb Thompson ! gpg> save

Slide 51

Slide 51 text

$ gpg --list-keys […] pub rsa4096/D658D2CC 2014-12-22 [expires: 2015-12-22] uid [ultimate] Caleb Thompson uid [ultimate] Caleb Thompson sub rsa4096/11597F23 2014-12-22 [expires: 2015-12-22]

Slide 52

Slide 52 text

$ gpg --send-keys YOURKEYID

Slide 53

Slide 53 text

Signing and Encrypting Messages

Slide 54

Slide 54 text

• Signing a message is a verifiable way of proving that you wrote it

Slide 55

Slide 55 text

• Signing does not prevent anyone from reading a message

Slide 56

Slide 56 text

• Many ways to sign, we’ll look at two common ones

Slide 57

Slide 57 text

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ! Clearsigning -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 ! iQEcBAEBCAAGBQJUqDw2AAoJEBYhrcKgrOcKrfMH/joZohSt43Ro30wEphI19UOD IIuFHs+AAdfWSYgTJXZ8yNDrTjiOCe7pLRGguu0ALCq7PXoS+H4kAvohXGLzobyu 3oIyN1KyMT5a9Tj8r8Q6xHf8V6anaafhiZ8MIOD/aZpGOvJRMM5lCF+tiVS6hJz5 mRaKCWQu6+sdbz+Ndo8H0cpfIsVgH+ZkKoHYmRLlALATYwTK6Gh42AcvZ2OYErs2 GQbu16FK4kT8TWxvsAFQSa/8t8MgFNYQgh4JRxSqCFv5UDZiIqldWQWEz7pobYzA ornulaninwi2ZuVqjD+9sQqqoNSbytvzkd2fbcZs+v0w0WWnezUoHjyfN6jnMp0= =keqq -----END PGP SIGNATURE-----

Slide 58

Slide 58 text

$ gpg --clearsign - [your message here] ^D [ascii-armored message and signature output]

Slide 59

Slide 59 text

Detached binary signature

Slide 60

Slide 60 text

$ cat "Hi how are you" > innocent-msg $ gpg --detach-sign --output innocent-msg.sig innocent-msg

Slide 61

Slide 61 text

• Verifying signatures

Slide 62

Slide 62 text

$ # For a clearsigned message (or other signatures that include the message): $ gpg --decrypt msg.sig

Slide 63

Slide 63 text

Hi gpg: Signature made Sat Jan 3 13:12:21 2015 CST using RSA key ID A0ACE70A gpg: Good signature from "Caleb Thompson " [full] gpg: aka "Caleb Thompson " [full] gpg: aka "Caleb Thompson " [full]

Slide 64

Slide 64 text

$ # For a detached signature: $ gpg --verify innocent-msg.sig innocent-msg

Slide 65

Slide 65 text

gpg: Signature made Sat Jan 3 13:12:21 2015 CST using RSA key ID A0ACE70A gpg: Good signature from "Caleb Thompson " [full] gpg: aka "Caleb Thompson " [full] gpg: aka "Caleb Thompson " [full]

Slide 66

Slide 66 text

Signing a key: what and how?

Slide 67

Slide 67 text

• Signing a key uses the same (or similar) mechanics internally as signing a message

Slide 68

Slide 68 text

• Has different semantic meaning:

Slide 69

Slide 69 text

• Assert that you’ve verified identity (driver’s licence, passport, etc.)

Slide 70

Slide 70 text

• Assert that you’ve verified that you have the right key

Slide 71

Slide 71 text

• Assert that you’ve verified ownership (can use private key)

Slide 72

Slide 72 text

• Assert that you’ve verified ownership (can use private key) • (It’s less common to actually do this step)

Slide 73

Slide 73 text

• Announces to the world that if they trust you to verify these things, they can trust that the keys of people you have signed are more likely to represent the people they want to communicate with.

Slide 74

Slide 74 text

• Fundamental to the Web of Trust

Slide 75

Slide 75 text

No content

Slide 76

Slide 76 text

$ gpg --sign-key --ask-cert-level Terence

Slide 77

Slide 77 text

pub rsa2048/5BE915C7 created: 2013-11-27 expires: 2016-11-26 usage: SC trust: marginal validity: full sub rsa2048/1B1DAFC7 created: 2013-11-27 expires: 2016-11-26 usage: E [ full ] (1). Terence Lee ! ! pub rsa2048/5BE915C7 created: 2013-11-27 expires: 2016-11-26 usage: SC trust: marginal validity: full Primary key fingerprint: 43C9 BCC5 3DE7 C6D8 DD79 D42E FB54 F2C6 5BE9 15C7 ! Terence Lee ! This key is due to expire on 2016-11-26.

Slide 78

Slide 78 text

How carefully have you verified the key you are about to sign actually belongs to the person named above? If you don't know what to answer, enter "0". ! (0) I will not answer. (default) (1) I have not checked at all. (2) I have done casual checking. (3) I have done very careful checking. ! Your selection? (enter '?' for more information):

Slide 79

Slide 79 text

(1) I have not checked at all.

Slide 80

Slide 80 text

(2) I have done casual checking.

Slide 81

Slide 81 text

(3) I have done very careful checking.

Slide 82

Slide 82 text

Are you sure that you want to sign this key with your key "Caleb Thompson " (D658D2CC) ! I have checked this key casually. ! Really sign? (y/N) y

Slide 83

Slide 83 text

• Somehow get the key to Terence

Slide 84

Slide 84 text

Be Pragmatic $ gpg --send-keys 5BE915C7

Slide 85

Slide 85 text

Be really safe • Sign each UID separately • Export UIDs to separate files • Encrypt each UID and email to the associated email address • Include instructions for importing encrypted keys and pushing to a keyserver

Slide 86

Slide 86 text

Get my key $ gpg --recv-keys A0ACE70A

Slide 87

Slide 87 text

Sign my key $ gpg --fingerprint [email protected] pub rsa2048/A0ACE70A 2013-08-12 Key fingerprint = B432 C068 2FD1 C2D0 6A8B 3951 1621 ADC2 A0AC E70A uid [ full ] Caleb Thompson uid [ full ] Caleb Thompson uid [ full ] Caleb Thompson sub rsa2048/545CA4DF 2013-08-12

Slide 88

Slide 88 text

Trusting a key: Should I do it?

Slide 89

Slide 89 text

• First of all, trust is private and local

Slide 90

Slide 90 text

• Unlike keysigning, it is never broadcast • So you can be honest about it.

Slide 91

Slide 91 text

• Having trusted keys makes the Web of Trust more useful to you

Slide 92

Slide 92 text

• Marking a key as trusted means that keys that key has signed are implicitly trusted at a higher level

Slide 93

Slide 93 text

• Not “would this person take a bullet for me”

Slide 94

Slide 94 text

• How much do you trust them to verify identities (as we did in the key signing section)

Slide 95

Slide 95 text

$ gpg --edit-key [email protected]

Slide 96

Slide 96 text

gpg> trust pub rsa4096/D658D2CC created: 2014-12-22 expires: 2015-12-22 usage: SC trust: ultimate validity: ultimate sub rsa4096/11597F23 created: 2014-12-22 expires: 2015-12-22 usage: E [ultimate] (1). Caleb Thompson [ultimate] (2) Caleb Thompson ! Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) ! 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu ! Your decision? 4

Slide 97

Slide 97 text

1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu

Slide 98

Slide 98 text

gpg> save Key not changed so no update needed.

Slide 99

Slide 99 text

Sending encrypted mail

Slide 100

Slide 100 text

Signing Git commits & tags

Slide 101

Slide 101 text

Signing software releases

Slide 102

Slide 102 text

PGP and You http://robots.thoughtbot.com/pgp-and-you

Slide 103

Slide 103 text

Keysigning Party !!1!

Slide 104

Slide 104 text

• You should have a key now • You know how to verify and sign a key

Slide 105

Slide 105 text

• Come up to the podium with your laptop • Share your name and key id • Wait for us to get your key • Confirm your fingerprint • Show us your ID

Slide 106

Slide 106 text

$ gpg --recv-keys [the key id]

Slide 107

Slide 107 text

Bibliography • Color scheme: http://www.colourlovers.com/palette/482774/ dream_magnet • Speaker image credit: Terence Lee (@hone02) • https://www.gnupg.org/gph/en/manual/x135.html • http://www.chaosreigns.com/code/sig2dot/ • https://gnupg.org/faq/whats-new-in-2.1.html • http://jetsetnick.wordpress.com/2011/03/26/london-3ds- streetpass-event-27th-march-2011/