Pretty Good Privacy Encryption

using GNUPG

Presented By
M.Mary Benisha Keerthana(111312)
R.Moulin Rahini(111314)

Guided By
J.S.Simi Mole
AP/CSE
 Abstract
• We recently noted that PGP and other e- mail
encryption protocols are, in theory, highly
vulnerable to chosen-ciphertext attacks in
which the recipient of the e-mail acts as an
unwitting “decryption oracle”.
• We argued further that such attacks are quite
feasible and therefore represent a
serious concern.
• Here, we investigate these claims in more detail by attempting to implement
the suggested attacks.On one hand, we are able to successfully implement the
described attacks against PGP and GnuPG (two widely used software packages) in
a number of different settings.
On the other hand, we show that the attacks largely fail when data is
Compressed before encryption.

Introduction
PGP (“Pretty Good Privacy”)
• Developed in 1991 by Phil Zimmerman

• Based on public/private key pair cryptography principle developed by Whitfield Diffie

• Provides highly secure, portable encryption and signature for any digital data - including e-
mail

• Includes secure wipe utility conforming to DoD 5220.22-M standards (3 passes or

more)

• Available for all versions of Windows and Mac OS

• Freeware unix/linux equivalent GPG (“GNU Privacy Guard”) available

PGP_GNUPG: How Does It Work?

Some Quick Definitions
• Cryptography: the art and science of encrypting and decrypting secure messages
• Cryptanalysis: the art and science of breaking cryptography
• Cryptology: the mathematics of cryptography and cryptanalysis
• Algorithm: a mathematical function/process used for encryption, decryption and verification
• Key: a string (or number) used for character-by-character encryption and decryption
PGP_GNUPG
• PGP is an open-source freely available software package for e-mail security. It provides
authentication; confidentiality; compression; e-mail compatibility; and segmentation and reassembly.

Existing System
With the advancement of cryptography, parts of PGP have been criticized for being dated:
The lack of forward secrecy
The long length of PGP public keys
Difficulty for the users to comprehend and poor usability

Limitations
Lack of ubiquity
A vulnerability in Symantec Encryption Desktop re-enables access to the system for users
whose access was previously revoked

Proposed System- GNUPG

A variant of the chosen-cipher text attack
Is partially successful against GnuPG,
although the effectiveness of the attack is
mitigated by the presence of an integrity
check on the data.
GnuPG uses slightly longer headers on compressed data, and these headers are predictable.
When the data is decrypted, the algorithm
will not attempt to decompress the result
because the compressed packet headers
have been changed to literal packet
headers.
The decrypted chosen cipher text
Will thus be the compressed version of the
original message.

Advantage
GNUPG was meant for Security
It works well for that and plug-in are
available for various emailing software.
The sure point of secure emails
(encryption and/or signatures) is about
making sure that you know the correct
public key for any correspondent.

Hardware Used

System : Core i3.

Hard Disk : 40 GB.
Floppy Drive : 1.44 Mb.
Monitor : 15 VGA Colour.
Mouse : Logitech.
Ram : 2 GB.

Algorithm Used
Deflate algorithm

Symmetric-key encryption algorithm

Literature Survey

NO NAME OF THE JOURNAL DETAILS

1 https://www.gnupg.org/documentation/ The Pinentry may now show the new passphrase

entry and the passphrase confirmation entry in one
dialog. - There is no more need to manually start
the gpg-agent. It is now started by any part of
GnuPGasneeded.
2 Werner Koch (2017-1-06). "[Announce] GnuPG "modern" (2.1) is the latest development with
GnuPG 2.1.0 "modern" released". a lot of new features.
gnupg.org. Retrieved 2014-11-06 This announcement is about the first
release of this version.

3 "FireGPG's developers blog". - The file "secring.gpg" is not anymore used to store the
Retrieved July 24, 2013 secret keys. Merging of secretkeys
isnowsupported.
- All support for PGP-2 keys has been removed
forsecurityreasons.

List of Modules
1.Sender Node
2.Encrypter-by Public Key Rings
3.Compressor With GNUPG
4.Decryptor-by Private Key Rings
5.Receiver Node

PGP_GNUPG
PGP_GNUPG use:
public keys for encrypting session keys / verifying signatures.
private keys for decrypting session keys / creating signatures.

Module 1:Sender Node

Alice wants to send confidential e-mail, m, to Bob.
 KS

m K (.)
KS(m KS(m
KS( )
.
S ) )
+ Internet - KS

KS
+.
K ()
B + + KB( )
- .
KB(KS ) KB(KS )
+ -
KB
KB

Alice:
-generates random symmetric private key, KS.
- encrypts message with KS (for efficiency)
- also encrypts KS with Bob’s public key.
-sends both KS(m) and KB(KS) to Bob.
Bob:
-uses his private key to decrypt and recover KS
-uses KS to decrypt KS(m) to recover m

Module 2:Encrypter-by Public Key Rings

Alice wants to provide sender authentication message integrity.

- KA
+
KA
- -
m .
H( ) .
-
K ()
A
KA(H(m)) KA(H(m)) +
KA( )
. H

+ Internet - compa

m H( ). H
m
-Alice digitally signs message.
- sends both message (in the clear) and digital signature.

Module 3: Compressor With GNUPG

PGP Key Rings
PGP supports multiple public/private keys pairs per sender/recipient.
Keys stored locally in a PGP Key Ring – essentially a database of keys.
Private keys stored in encrypted form; decryption key determined by user- entered
pass-phrase.

Module 4: Decryptor-by Private Key

Rings
The sending PGP entity performs the following steps:
Signs the message:
PGP gets sender’s private key from key ring using its user id as an index.
PGP prompts user for passphrase to decrypt private key.
PGP constructs the signature component of the message.
Encrypts the message:
PGP generates a session key and encrypts the message.
PGP retrieves the receiver public key from the key ring using its user id as an index.
PGP constructs session component of message

Module 5: Receiver Node

 The receiving PGP entity performs the following steps:
Decrypting the message:
PGP get private key from private-key ring using Key ID field in session key component of
message as an index.
PGP prompts user for passphrase to decrypt private key.
PGP recovers the session key and decrypts the message.
Authenticating the message:
PGP retrieves the sender’s public key from the public-key ring using the Key ID field in the
signature key component as index.
PGP recovers the transmitted message digest.
PGP computes the message for the received message and compares it to the transmitted
version for authentication.

Key Management for PGP

Public keys for encrypting session keys / verifying signatures.
Private keys for decrypting session keys / creating signatures.
Where do these keys come from and on what basis can they be trusted?

PGP adopts a trust model called the web of trust.

No centralised authority
Individuals sign one another’s public keys, these “certificates” are stored along with keys in
key rings.
PGP computes a trust level for each public key in key ring.
Users interpret trust level for themselves.
Conclusion
Security of PGP With GNUPG
-There are many known attacks against PGP.
-Attacks against cryptoalgorithms are not the main threat
-IDEA is considered strong, and while cryptoanalysis advances, it should be strong still for some
time.
-RSA may or may not be strong. There are recent rumors of possible fast factorization
algorithms..
-The main threats are much more simple.
An attacker may socially engineer himself into a web of trust, or some trustable person may change. Then he
could falsify public keys. This breaks most of the security.
-PGP binaries can be corrupted when they are obtained.
-The PGP binaries can be modified in the computer.
-The passphrase can be obtained by a Trojan. Weak passphrases can be cracked.
-On multiuser system, access to the secret key can be obtained.
 Resources
-www.gnupg.org
-William Stallings,” Cryptography and Network Security Principles and Practices”, Fourth
Edition ” Prentice Hall , 2005
-GITA ” Encryption Technologies ”, Standard P800-S850 V2.0, April 5, 2004
-Sieuwert van Otterloo ” A security analysis of Pretty Good Privacy ”, September 7, 2001
-Amr el-kadi” what is computer security”2005