Protecting

Your Sensitive
Information with
Encryption

an Security eBook
Contents…
Protecting Your Sensitive Information with Encryption

This content was adapted from Internet.com’s Enterprise IT Planet and Enterprise
Networking Planet Web sites. Contributors: Drew Robb and Paul Rubens.

2
2 E-Mail Encryption: Lots of Choices, Plenty of Tradeoffs

4 Public Key Crypto for Enterprise Users

4 6
7 Understanding Public Key Infrastructure

9 PGP’s Universal Server Provides Unobtrusive Encryption

8 10
11 Encrypt Your E-Mail with GPG and Thunderbird

1 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption

E-Mail Encryption: Lots of

Choices, Plenty of Tradeoffs
By Drew Robb

C
orporate espionage is big business these days. on the endpoint that integrates with the client e-mail reader
So it makes sense to deploy some kind of encryp- software.
tion system to ensure that prying eyes can’t deci-
pher anything garnered from intercepted messag- Gateway-to-Endpoint is one way to simplify things. It pro-
es or from stolen computers. Whether it is customer data, vides full encryption from a gateway system within the
employee data, intellectual property, or confidential financial sender’s network to the recipient’s endpoint. In this scenario,
information, losing anything can be seriously detrimental. the message leaves the sender’s desktop in plaintext and is
encrypted by a gateway located within relative proximity to
“Lost or stolen data can cripple a the e-mail server. This mode elimi-
business’s reputation and financial nates the need for any encryption
standing,” says Than Tran, product software or user interaction on the
marketing manager at PGP Corp. sender’s side.
of Palo Alto, Calif. “A business
must ensure e-mails containing “Another variation on this is
sensitive information are kept Gateway-to-Gateway,” says Tran.
secure and that they comply with “It is like Gateway-to-Endpoint, but
privacy laws to assure safe trans- adds an encryption gateway on the
actions for their customers and the recipient’s side, thus eliminating
privacy of their employees.” desktop software and administra-
tive costs on that end as well.”
Encryption Systems
Tran explains that there are several Finally, there is Gateway-to-Web,
different methods of e-mail en- which provides access to sensitive
cryption. Endpoint-to-Endpoint data via a Web server, possibly
represents full encryption from the co-located on the gateway itself.
originating device to the recipient The data is typically protected via
device. This method provides the transport layer encryption, such as
highest level of security by allow- Secure Sockets Layer (SSL). This
ing no intervening points at which plaintext data can be read allows secure communication to occur with any recipient,
by anyone but the intended parties. The drawback is that regardless of its architecture or level of sophistication.
this mode also creates the greatest amount of complexity
from an implementation, administration, and management “In this scenario, a standard message is sent to the recipi-
perspective. This complexity mainly results from the fact ent, advising that a secure message is waiting at the gate-
that encryption software must be installed and maintained way,” says Tran. “The recipient retrieves this message via a

Whether it is customer data, employee data,

“ intellectual property, or confidential financial information,

losing anything can be seriously detrimental. ”
2 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption

secure connection, which may also require authentication then upgrade to PGP Universal Series, a robust and scal-
with credentials delivered by an out-of-band mechanism.” able e-mail encryption platform.”

PGP Encryption A perpetual license for PGP Desktop Email costs $164.
PGP offers several solutions to ensure

secure and simple e-mail encryp-
tion. PGP Universal Server enables
organizations to control deployment,
automate user and key manage-
ment, enforce policy, and centralize
reporting for one or more encryption
applications. The company can start
with a single encryption applica-
tion, growing a deployment across
the enterprise and out to customers
and partners. The application scales
well as new systems are added
and integrates easily with the exist-
ing infrastructure. PGP Universal
Server automates the creation of
user accounts, management of user
keys, delivery of policy updates to
applications, installation of software
updates, and also does logging and
monitoring.
“
Choose Wisely
Tran offers some advice for business-
es with regard to e-mail encryption.
The challenge for
e-mail encryption is to “The challenge for e-mail encryption
is to select a solution that will sup-
select a solution that port the growth and changes within
the business’s e-mail architecture
will support the growth and will also be leveraged by non-e-
and changes within mail applications requiring encryption
services,” he says. “It is absolutely
the business’s e-mail vital for a company to encrypt not
just e-mails but also files that contain
architecture and will sensitive information with the highest
also be leveraged by level of protection. It can be a costly
and devastating set back to a busi-
non-e-mail applications ness, if sensitive data is exposed to
unintended personnel.”
requiring encryption
services Reason? According to Gartner, 84
percent of high-cost security inci-

”
It is supplemented at the desktop
level by PGP Desktop Email, which is
managed by PGP Universal, to secure
e-mail, data stored on disk, and AIM traffic. It also provides
digital signature capability.
“PGP Whole Disk Encryption technology is used for full
disk encryption, securing all date including often overlooked
temporary, swap, and hibernation files that include copies of
sensitive data, files and e-mails,” says Tran. “As a business
grows and requires more bandwidth/security it is best to
dents occur when insiders send con-
fidential data outside the company
without properly securing the data.
“Different companies have different needs and should as-
sess its own risk before deciding to implement a security
solution,” says Tran. “Furthermore, it is critical that a busi-
ness conducts frequent audit of its security procedures,
processes and technologies in order to comply with ever
changing regulations.”. n

3 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption

Public Key Crypto

for Enterprise Users
By Paul Rubens

P
ublic key cryptography is one of the fundamental doesn’t rely on the cipher itself being secret. The only thing
technologies used for exchanging information on that needs to be kept secret is the key. (In fact you could
the Internet securely. It’s used by Web browsers argue that the more widely known and understood a cipher
to create secure connections to Web sites, and by is, the more you can trust it to be effective—proprietary algo-
e-mail security gateways and applications to encrypt mes- rithms that aren’t open to public inspection by independent
sages. Its strength lies in the fact that it can be used to ex- experts could have secret “backdoors” built in that allow
change encrypted information between two parties that have anyone in the know to decrypt messages without the key.)
never communicated together before and have therefore
never agreed on a secure way of exchanging messages. One problem with symmetric systems is that to send some-
one a message securely you
To understand how public key have to be able to give them the
cryptography works, let’s con- secret key first without anyone
sider secure communications in else seeing it. Why is that a
general. One way to send a confi- problem? Imagine a situation in
dential message to someone is to which you were traveling abroad
agree on an obfuscation system and had to e-mail some valuable
in advance—like substituting each corporate information back to a
letter in the message with the colleague without the authorities
next one in the alphabet. in the country you are in getting
their hands on it. If you hadn’t
A more sophisticated method already agreed on a key before
would be to use encryption soft- you went traveling then you’d
ware, which uses an encryption be stuck: you couldn’t send an
algorithm known as a cipher. The encrypted message without
message (known as plaintext) first supplying a key, and you’d
is entered and passed to the have no way of e-mailing a key
algorithm along with a key—a string of characters that you securely. Of course you could make a phone call to tell your
supply—comes out in encrypted form (known as ciphertext). colleague the key you intend to use, but what if the conversa-
This unintelligible jumble of characters can only be con- tion is overheard or the phone line is tapped?
verted back to the original plaintext by passing the message
through the same cipher and supplying the same key. This is How Public Key Cryptography Works
known as a symmetric encryption system. The solution is to use an ingenious cryptographic system
called public key cryptography (PKC). The fundamental part
An interesting thing about this system is that its security of PKC is that the encryption key is split into two separate

One problem with symmetric systems is that to send

“ someone a message securely you have to be able to give

them the secret key first without anyone else seeing it. ”
4 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption
keys—let’s call them key A and key B. If you encrypt some
plaintext with key A, you can’t decrypt the resulting cipher-
text with key A to get back to your original plaintext. To de-
crypt ciphertext produced using key A, you need to use key
B. In fact—and this turns out to be very useful—the reverse is
also true: if you encrypt some plaintext with key B, you can’t
decrypt it again with that key. You can only decrypt it with
key A. If you encrypt a message with one key in the key pair,
you can only decrypt it with the other one.
If you want to be able to receive encrypted messages from
anyone who wants to contact you, you first need to generate
a key pair (using suitable PKC software.) One of these you
“
designate your private key, which you
keep secret. But here’s the clever bit:
the other key you designate as your
public key, and this doesn’t have to be
kept secret. In fact the reverse is true:
If you want to be
it should be distributed as widely as able to receive
possible so that anyone who wants it
can easily get it.
encrypted messages
To send that message to a colleague
from anyone who
now, all you need is their public key. wants to contact you,
There are a number of ways that you
might get might get hold it, which we
you first need to
will look at later. The important thing
is that this public key doesn’t have to
generate a key pair
be kept secret, so even if you called (using suitable PKC
your colleague and the phone line
was being tapped it wouldn’t matter.
software.)
”
Anyone overhearing the conversa-
tion and writing down the public key
couldn’t use it to decrypt the message
that you encrypt with it.
Now remember how we mentioned earlier that your pri-
vate key can also be used to encrypt a message that can
only be decrypted using your public key. You may well ask
what would be the point of encrypting a message if the key
needed to decrypt it is publicly available.
The answer is quite surprising. Let’s imagine you receive
a message from your colleague, and you believe that it is
encrypted with his private key. If you use their public key to
decrypt the message successfully then that means that the
message must indeed have been encrypted using your col-
league’s private key (which only your colleague has access
to). No other key could have been used to encrypt the mes-
sage. So encrypting a message with a private key acts as a
digital signature: If you can decrypt a message with John’s
public key, it must have been encrypted using John’s private
5 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
key, so it must have been written by John.
Using double encryption, it’s possible to send an encrypted,
digitally signed message to anyone who has made their pub-
lic key available. Here’s how:
Imagine you want to send a message to your colleague Bob
at head office. First you write your message (the plaintext)
and encrypt it with your private key to produce the cipher-
text—a message that is effectively digitally signed as coming
from you and no one else. You then encrypt this ciphertext
a second time using Bob’s public key. Finally, you e-mail the
resulting gobbledegook to Bob.
When Bob receives this message
he decrypts it using his private key
to get the ciphertext message that
you encrypted with your private
key. Bob then decrypts this using
your public key. If he gets a mes-
sage (rather than gobbledegook) he
knows that the message definitely
came from you (because otherwise
he couldn’t have decrypted it with
your public key) and he knows that
no one else could have read the
message, because no one else has
his private key.
PKE Has Its Limits
Are there any limitations to the PKE
approach? The answer to this ques-
tion is yes.
First, any encrypted message is only as strong as the cipher
that is used to encrypt it. If a weakness is discovered in the
cipher such that you no longer need a key to decrypt the
message or it becomes possible to work out the key (directly
or indirectly) from the contents of the ciphertext then clearly
the system is not secure.
Another caveat is that any key-based encryption system is
susceptible to a brute force attack—methodically trying every
possible key until the correct one is found. Modern encryp-
tion techniques rely on the fact that if there is a sufficiently
large keyspace (meaning there are a sufficiently large num-
ber of possible keys) it is likely to take hundreds of millions
of years to find a key by brute force using the computers that
are currently available. But as computers become more pow-
erful, the length of the keys typically used may need to be
increased to ensure that the chances of successfully brute
forcing a key remain tiny.
 Protecting Your Sensitive Information with Encryption

It’s important to remember that any encrypted message is
never completely safe from a brute force attack: someone
might guess the correct key with their very first guess. It’s
just that with a strong cipher and a long key the probability of
that happening—or that they hit upon the correct key within a
thousand years—is vanishingly small.
The final problem that’s worth mentioning is the problem of
key management: how do you get hold of someone’s public
keys, and how can you be sure that it is the public key be-
longing to the person you think it belongs to? If you send a
message to Bob using the public key that you think belongs
to Bob but actually belongs to Carol, then Bob won’t be
able to read it. More worryingly, if Carol manages to get
her hands on the message she will be able to read it, even
though you intended it for Bob’s eyes only.
Despite these potential problems, it’s fair to say that PKE
has revolutionized the way that secure communications are
carried out. In the next piece, we’ll be looking at key manage-
ment and how PKE is used in the real world to provide com-
mercial and open-source secure e-mail systems. n

6 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption

Understanding Public
Key Infrastructure
By Paul Rubens

I
n the last piece we took a look at how public key encryp- Of course you would realize something was up when you
tion systems work, and how anyone can send you an en- discovered that using your private key you couldn’t decrypt
crypted message—which only you can read—if they have and read the messages you received (because they have
access to your public key. It turns out that the process been encrypted with Mallory’s public key, not your public
of getting your public key to people who need to use it is a key). But if Mallory were smart he would re-encrypt the mes-
complex task that involves a combination of trust, third par- sages intended for you after he had read them with your real
ties, and various other factors which together are known as public key and send them on. In that case you wouldn’t know
public key infrastructure. that anything was amiss. Mallory would have carried out a
“man in the middle” attack.
On the face of it, giving people
access to your public key So how can this problem
shouldn’t be much of a prob- be overcome? How can you
lem. You could make it available distribute your public key to
for download on your Web someone in such a way that
site, you could distribute it on anyone who receives it can be
a memory stick, or you could sure that it really is your key,
simply e-mail it to people. and not, for example, Mal-
lory’s? And how can you be
But in practice there is a big sure that any public keys you
problem with that: if someone get hold of really do belong to
wants to send a message that the people that you think that
only you can read, they need to they do? The answer is to get
use your public key to encrypt any public key vouched for by
their message. But if they use a trusted third party, and that’s
a key that they think belongs to where PKI comes in.
you but actually belongs to someone else (call them Mallory)
then you won’t be able to read the message, and Mallory will. Imagine that there’s someone in the community—call him
So if Mallory wants to read confidential messages intended Solomon—that everyone trusts as an upstanding and trust-
for you, all he has to do is replace your public key with his on worthy citizen. You take your public key in person to Solo-
your Web site, or on a memory stick you’ve distributed, or in mon, who checks who you say you are (perhaps by checking
e-mails that he sends out purporting to come from you, and if your drivers’ license or passport). He then signs a certificate
he can then intercept any messages bound for your encrypt- that he attaches to the key that says that he, Solomon, can
ed with this bogus key he will be able to read them. personally vouch for the fact that the attached key belongs
to you.

It turns out that the process of getting your public key to people who need

“ to use it is a complex task that involves a combination of trust, third parties, and
various other factors which together are known as public key infrastructure. ”
7 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption
In the digital world Solomon would effectively encrypt your
public key along with a certificate saying “I certify that this
public key belongs to X” using his private key. Anyone receiv-
ing this could only decrypt it using Solomon’s public key, and
what they would find is your key, plus the message saying
that it is indeed your key. Since only Solomon could have
created the message, and since the message and the key
could not have been altered in any way (because they were
“
both encrypted and thus tamper-
proof) then the they could be sure
that the key was indeed your key
– as long as they trusted Solomon
to tell the truth, and as long as they
If the root certificate
could be sure that the key that they was included with a
believe to be Solomon’s public
key is in fact his. (In practice the software package,
procedure is slightly different in that
it uses something called a hashing
then you have to
function, but the principal is exactly decide whether you
the same.)
trust the maker of the
But surely this just pushes the prob-
lem back one stage? The person
software to have
receiving your key can be sure that included a genuine
it is genuinely yours only if they can
be sure that the copy of Solomon’s root certificate or not.
”
public key that they have is genuine.
But how can they know that it is?
One answer in the real world is to have a limited number of
trusted third parties (or Solomons), known as certification
authorities or “CAs,” who issue certificates, and for the pub-
lic keys for these CAs, known as root certificates, to be pre-
installed in software packages (such as Microsoft’s Internet
Explorer.) This means that as long as a public key that you
receive is signed by a CA that you have a root certificate for,
then you can be sure that the public key belongs to the per-
son it says that it does—if you are sure that the pre-installed
root certificate you have is genuine and you deem the CA to
be trustworthy.
If the root certificate was included with a software package,
then you have to decide whether you trust the maker of the
software to have included a genuine root certificate or not.
Likewise, you can look at the details of any CA and decide
whether you trust them. Microsoft includes root certificates
for CAs as diverse as commercial U.S. entities such as
Visa and RSA (which you may well know and trust), as well
as more obscure overseas ones such as the Uruguayan
Administracion National de Correos and the Government of
Slovenia’s General Certification Authority (which you may
well know nothing about and therefore have no reason to
8 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
trust beyond the fact that they sound vaguely official—which
is a tenuous reason to trust any organization). Ultimately it’s
up to you which software makers and CAs you chose to trust
and which you don’t.
There’s another way that you can get reassurance that a
public key you get hold of is genuine without having to place
your trust in certificate authorities and root certificates, and
that’s known as a web of trust. In this
model, you meet face to face with
people you know, and get them to
sign your public key with their private
key confirming that your public key
is really yours. The more people you
can get to sign your key the better,
so this is often done at a “signing
party” where a number of people
meet face to face.
The principle then is this: imagine
that you get a public key that you
think belongs to Carol, but you can’t
be sure because you didn’t get it di-
rectly from her. When you get it, you
might see that it has been signed as
genuine by Bill. If you know Bill and
have a copy of his public key that you
got from him when you met him face
to face, you can easily decide that the
key does belong to Carol, because Bill says so and you trust
him. Of course the filament of trust could be longer: Carol’s
key could have been signed by Ben, who you don’t know,
but Ben’s key could have been confirmed by Bill, who you do
know. The more people you trust who confirm that the key
is genuine, either directly or indirectly, the better. Webs of
trust are good for small networks of people who mostly know
each other, but aren’t suitable for very large groups with a
high proportion of people you don’t know.
The important point to remember in the end is that although
public key ciphers are extremely secure —as far as we know—
public key infrastructure relies on an element of trust: You
can only use a public key belonging to someone you don’t
know if you can trust that it belongs to the person that you
think it does. This means thinking carefully about the CAs or
web of trust members that you deal with, and seeking n
 Protecting Your Sensitive Information with Encryption
PGP’s Universal Server Provides
Unobtrusive Encryption
By Paul Rubens
A
t this point, we’ve looked at the theory behind pub-
lic key encryption and public key infrastructure. But
how is all of this pulled together into a product that
enables you to send or receive encrypted e-mail
messages?
If you need encryption in an enterprise
environment then the ideal solution is as
transparent to those using it as possible.
That’s because any specific steps that
users have to take to encrypt their mes-
sages are likely to be forgotten, ignored,
or carried our incorrectly.
For that reason, many organizations
choose to install an encryption gate-
way appliance that encrypts messages
after they have been sent by users from
standard e-mail clients like Microsoft
Outlook, and which decrypts incoming
messages before passing them on to
their destinations.
One of the earliest public key encryp-
tion applications was called Pretty Good
Privacy (PGP), written in 1991 by Phil
Zimmermann. PGP, Inc. was bought by
Network Associates in 1997, but fol-
lowing a management buyout in 2002 PGP morphed into
PGP Corp., which today is one of the best known vendors of
corporate encryption solutions. The company’s offerings are
based around a set of encryption applications—for e-mail and
other targets such as mobile devices or storage disks ––
that use a common encryption platform, plus a management
If you need encryption in an enterprise
“ environment then the ideal solution is as transparent
to those using it as possible.
9 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
server called PGP Universal Server that oversees them all.
PGP’s Universal Gateway E-Mail
PGP’s Universal Gateway Email is the company’s gateway
encryption (and decryption) application. To build a transpar-
ent secure e-mail system an organiza-
tion runs a virtual appliance made up
of PGP Universal Server and Universal
Gateway Email. This can run on a hard-
ened version of Linux on one of several
specific server hardware configurations
from vendors including Dell, HP, and
IBM, or it can take the form of a virtual
machine running on VMware ESX.
The appliance is connected between
the corporate mail server and the
corporate firewall, and when it receives
outgoing e-mail messages from the
mail server it kicks into action. The first
things the encryption application has to
do is decide which messages to encrypt
and find the public keys belonging to the
recipients of those messages that need
to be encrypted. This information is
provided by the PGP Universal Server.
Its role is to manage and apply rules and
policies for encryption, based on factors
including the destination, the sender, or even the contents
of the message. Account creation, group management, and
policy enforcement can be automated by integrating Active
Directory, Lotus Notes/Domino directories, or other LDAP
directories with the Universal Server.
”
 Protecting Your Sensitive Information with Encryption
Let’s imagine that you want to send an e-mail to someone at
another organization, and the Universal Server determines,
by looking at the rules and policies that it has to apply, that
your message should be encrypted—perhaps because you
are working in a confidential new product group. To encrypt
the message the encryption software first needs the intend-
ed recipient’s public key. So how does it get that?
Universal Server Key Management
Key management is a key role (if you’ll pardon the pun) that
the Universal Server carries out for the encryption software.
One place it can look for a key is PGP’s Global Directory.
(Whenever PGP products generate keys anywhere in the
word, the public keys are sent automatically to this Global
“
Directory. Key owners are e-mailed
every six months to confirm that the
keys should remain in the directory,
which may not be the case if, for A gateway
example, the matching private key has
been lost or compromised.) It can
encryption product
also search for a key by looking for may make e-mail
a corporate keyserver at the mes-
sage’s destination domain, or it could encryption totally
have already received it “out of band”
– perhaps manually delivered on a
transparent to users,
memory stick. but there are a
What happens if policy dictates that a number of reasons
message you want to send should be
encrypted, but no public key for the
why it may not be
recipient can be found, perhaps be- suitable in all cases.
cause the intended recipient or their
”
organization doesn’t use encryption
software and therefore has no key?
In this situation you can’t use public key encryption, but you
can use a compromise. Universal Gateway Email provides
two alternatives: PGP Universal Web Messenger and PDF
Messenger. The first of these sends an unencrypted e-mail
to your intended recipient informing them that they have
been sent a message, and that they can view it by visiting
a secure Web site and entering a password that could be
delivered separately—perhaps by SMS. The second encrypts
the message as a PDF, which is sent to the recipient, who
can then decrypt and view it using standard Adobe Acrobat
Reader software once they have the password.
10 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
When Does Gateway Encryption Fail?
A gateway encryption product may make e-mail encryp-
tion totally transparent to users, but there are a number of
reasons why it may not be suitable in all cases. For example,
an e-mail must be digitally signed (using a private key) at
the point it was created to provide non-repudiation for some
legal purposes—otherwise the sender could disown the
message on the grounds that it could have been tampered
with after it left their computer but before it was encrypted
at a gateway, or even that they did not originate it in the first
place. A gateway encryption product may also not be practi-
cal when mobile users need to send e-mail from outside the
corporate network.
To cater to these and other circum-
stances PGP also offers its Desktop
e-mail application. This runs as a local
desktop mail proxy service that works
with all e-mail clients (not as a plug-
in for specific e-mail applications.)
Key and policy management can be
carried out by the application, or by
the corporate Universal Server. The
machine’s private key can be stored
on the machine itself – protected by
a passphrase and, optionally, some
second factor authentication system
such as a GemPlus, Alladin, or Axalto
(Schlumberger) smart card. It can
also be stored within the Trusted
Platform Module (TPM) of suitably
equipped laptops – or on a Universal
Server, or synchronized between the
two. When the software is managed by a Universal Server
separate policies can be enforced on the computer when
the Universal Server is unreachable.
For smaller organizations or individuals, a full blown encryp-
tion platform such as this may seem like overkill, and in many
ways it probably is. In the next piece I’ll be taking a look at
low-cost or free open source encryption solutions that use
the same public key encryption technology. n
 Protecting Your Sensitive Information with Encryption

Encrypt Your E-Mail with

GPG and Thunderbird
By Paul Rubens

P
ublic key encryption isn’t just the preserve of large features, but GPG offers solid public key encryption and key
organizations. That’s because there are open management features as an alternative to a system such as
source PKE solutions that enable smaller compa- that offered by PGP Corp., on a number of platforms includ-
nies and individuals to use the technology at no ing Windows, Linux, UNIX, and OS X.
cost—most commonly to encrypt and digitally sign e-mail
messages. To illustrate GPG’s use I’ll concentrate on the Windows plat-
form for the simple reason that 90 percent of all desktops
Earlier we looked at PGP and laptops run Windows — if
Corp.’s public key encryption you use another platform then
platform, and what’s interesting the general information will still
about this commercial plat- apply even of the details are
form is that it adheres to the slightly different.
OpenPGP standard – an e-mail
encryption standard defined by GPG is actually a command
the OpenPGP Working Group line tool, but thanks to some
of the Internet Engineering handy plug-ins to popular e-
Task Force (IETF) Proposed mail clients you shouldn’t ever
Standard RFC 4880. Open- have to learn any of the com-
PGP was actually derived from mands. (But like most com-
PGP, the pioneering public key mand line tools, if you do take
encryption program created by the time to master the com-
Phil Zimmerman back in 1991, mands you’ll find GPG much
which is the basis for PGP easier to control directly than
Corp.’s platform. through a front end.)

The good news is that there’s The first step to running GPG
a completely free, open- is to run the Windows installer,
source implementation of the which you can download from
OpenPGP standard called GNU Privacy Guard (or, more GPG’s Web site (www.gnupg.org).
commonly, “GPG”). Since any OpenPGP compliant soft-
ware (should) work with any other, this means that GPG is GPG for Thunderbird
compatible with PGP. Like any open-source alternative to The next step is to find a GPG plug-in for the e-mail client
a commercial product there are differences between PGP you intend to use. In this article we’ll use the open-source
Corp.’s platform and GPG in terms of support and additional Thunderbird 2 e-mail client, although plug-ins of varying

GPG is actually a command line tool, but thanks to some

“ handy plug-ins to popular e-mail clients you shouldn’t ever

have to learn any of the commands. ”
11 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com
 Protecting Your Sensitive Information with Encryption

quality are available for many more clients including Eudora try and find it. Assuming you find the key you need, select
and Outlook Express on Windows, Thunderbird, KMail and it and download it to your key store, and send the message
Evolution on Linux, and Thunderbird and Mail.app on OS X. again.

The GPG plug-in for Thunderbird is called Enigmail, which
you can download from and then install into the e-mail client.
(Don’t skip the download stage and try to install it directly
if you are running Firefox or your browser will try to install
Enigmail into itself instead of Thunderbird.)
Once Thunderbird has been restarted you’ll see an “Open-
As you’ll recall, you can sign an e-mail with your private key
to prove that the e-mail really came from you. To do this, sim-
ply choose the “Sign Message” option instead of “Encrypt
Message.”
If you want to make it easy for others to find your public key
(especially if you don’t want to submit your key to a keyserv-

PGP” menu item, and clicking this
will bring you to the OpenPGP Key
Management window. It’s from here
that—by clicking the “Generate”
option—you can create your own
public and private keys. These can
be associated with a particular e-mail
address, or you can choose to use
this key pair with two or more e-mail
“
er—perhaps to avoid the risk of spam)
you can also send them an e-mail
One handy thing after selecting the “Attach My Public
Key” option in this menu. (Of course
about installing they should be aware that although
the e-mail might appear to come from
GPG is that it is you, it might have come from some-
available to any one else.)

addresses you might use. You’ll also

be asked for an optional passphrase
to protect your key. ( It’s a good idea
to use this feature—otherwise anyone
with access to your computer will be
able to sign messages in your name
and decrypt confidential incoming
messages.) There’s also a comment
box, where you can add a description
of yourself (such as “Managing Direc-
application that One handy thing about installing
GPG is that it is available to any
needs encryption application that needs encryption ca-
capabilities if a pabilities if a suitable plug-in for that
application has been written. That
suitable plug-in for means that as well as using GPG
through your e-mail client, you can
that application has also use it through a Web browser.
been written. After installing the FireGPG Add-on
into Firefox you can use Gmail to

”
tor of Rubens Inc.”), which makes it
much easier for anyone searching a
key server for your public key to identify
you correctly.
Once you click “Generate Key” a key pair is created, after
which you’ll be asked if you want to create and save a revo-
cation certificate that you can use to invalidate your key pair
at some future time if it becomes compromised. The final
step—if you want your public key to be widely available—is
to upload it to a key server by choosing the “Upload Public
Keys option.”
Sending Encrypted Messages
So how do you go about sending an encrypted message?
Simply write an e-mail message using the e-mail client in
the normal way, and then click on “Encrypt Message” in the
message’s OpenPGP menu. When you send the message,
the OpenPGP Key Selection window will pop up, allowing
you to select the recipient’s public key from your store of
keys. If you don’t have the recipient’s key you can click on
“Download missing keys” to carry out a keyserver search to
send and receive encrypted or signed
e-mails using the extra buttons that
appear on the Gmail Web interface.
(You can also encrypt, decrypt, sign, or verify the signature
of text in any Web page by right clicking in Firefox or select-
ing FireGPG from the Tools menu.) The FirePGP Add-on is
far from perfect—looking up keys from a key server doesn’t
seem to work properly, for example—but it’s certainly useful
and will likely improve in future versions.
Compared to commercially available solutions GPG does
have drawbacks. Unlike gateway solutions offered by the
likes of PGP Corp. GPG’s functionality isn’t transparent to
users, and can’t be relied to encrypt all messages as encryp-
tion can easily be switched off by the user. Key management
is also much more rudimentary, and if a user forgets their
private key passphrase then the key pair becomes unusable
as there is no way to retrieve it. But overall GPG is a useful
(and—let’s not forget—free) implementation of OpenPGP, and
it can be a very effective solution for individuals and small
businesses. n

12 Protecting Your Sensitive Information with Encryption, an Internet.com Security eBook. © 2009, Internet.com