Cryptography 3: Using Your GnuPG Key
Feb 8th
Bonjour tout le monde, et bienvenue a la troisiemme ‘post in this series’. I can’t really speak French. This week it’s time to engage in some actual encryption, although only to ourselves at this point.
Encrypting a Message Symmetrically
GnuPG can also be used to do standard symmetric encryption. This is simply standard encryption with no use of public keys, you type a passphrase in when you encrypt the file, and anyone who knows (or can guess) that passphrase can use it to decrypt the message. To do this in GnuPG simply execute (in a terminal):
gpg -c {FILENAME}
It is worth noting that it is possible to encrypt a message using GnuPG so that it can be decrypted with multiple private keys, and or a symmetric passphrase. To do this, simply add the -c option in with the other options for the other commands to indicate that you want the message to include symmetric encryption.
Encrypting a Message Asymmetrically
Much like the -c switch, to specify that you want a message encrypted asymmetrically (public key encryption) you simply have to add a short switch, in this case -e. The trick with encrypting a message asymmetrically though is specifying the recipient. This can be done in two ways. Firstly, if you do not otherwise supply any recipients, GnuPG will prompt you for them when you run the command. The second option is to specify each recipient on the command line, using the -r switch.
So, to encrypt a message and be prompted for recipients execute (in a terminal):
gpg -s -e {FILENAME}
N.B. I’ve added in the -s switch here because you really should use it – see the signing section below.
If you would rather specify each recipient on the command line you can, for example:
gpg -s -e -r hello@darkotter.com -r test@example.com
Note that, provided you added all the configuration to your gpg.conf file as discussed in the last post, whenever you use the -e switch you will be added as an extra recipient in addition to those you specify for the message, so you will be able to read any messages you send (handy for e-mail so you can still read them in your sent items folder), and if you should wish to encrypt something to yourself you need not specify yourself as a recipient (simply hit enter when GnuPG prompts you without entering any recipients).
Signing a Message
The other major operation that you can perform with GnuPG is signing a message. This uses your private key to sign a cryptographic digest (much like a fingerprint of the message) so that anyone who has a copy of your public key can verify that you made the message in question, and it has not been modified since you made it. The switch to indicate the message should be signed is -s, and it can of course be mixed with the other operations witches discussed (and usually is, it is considered usual to always sign any message that you are encrypting asymmetrically using -e, so much so that these options are usually supplied together as -se). You can also use it on its own:
gpg -s {FILENAME}
This might be useful if for example you wanted to make a public message, but show that you made it, much like your real signature on a public document. However, there is a problems with doing this, namely, people can only easily read the file this creates using GnuPG. Although they do not even need your public key to read the message (although it’s publicly available anyway of course, so they can easily acquire it to also be able to validate your signature), they do need GnuPG to process it as the file created is in the OpenPGP binary file format, and not everybody has GnuPG installed.
There is however a way round this, namely clear-signing. Unlike the other operations discussed so far, clear-signing can only be performed on it’s own as a single operation. It also modifies the file you give it directly, so be sure to try it out on something not too valuable first. Clear-signing adds a GnuPG/PGP signature to a file which can be verified using GPG or other PGP software, but it does it in such a way that the original content of the file is human readable. For example:
gpg -o- --clearsign msg.txt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
hello world, this is Matthew Gadd speaking.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBCgAGBQJLbvTmAAoJEEN0HODG5Tot/YUQALOOsR6GrAXFBDn+X5Zi+zv/
+gcihRcKr8gqmUOCvvTd6vmLKWijM+XRIqRnGWST7H97UkC11eh4VmiHjfaGRWED
DzSvIPqvd3L7rzSvwqb/6Ir/dm6ylG2EbRjp+enZMbIhNiphXiC/B5OfsdoSLjNz
FEh5hckE/p/ad1rdaY70GyJn4gHn3YCYrGldBBK/qWh28QAlngzR7XfH27k3HJBY
lzAX8xowG38YzMaXQf3N2ptm/GE6Ewcug9MIz7Ccep4JtuKvaZXNKiXnzONl1jOK
rjSAUBOM2tkk8Gl4tDOJIddh5gTXCU0oCk9/WI2DV2YHG5qU+U6nn5OIlonBUJ6a
1+DsK2n5US7a9+rB2+xlV/fm+yPS4YDFvtd0tpmydHn0ciSS/Nrv7bjvZcr3Mh8R
bE8dM1GXVVlGivQCssVuexacgGq0r6FNbaU903+bnOM1h6aAr0MRFtsXQtYLeKpN
LcbTv3JaEML9Lo91JeimzjOi9QlbUeGjgeHbgiesUy9oay/zkufcy5s/VlI4d/2T
pHFwuAb9pNONet+iVF/cAxhJ0LR97CLQM1T4o3FkWgs+fdUUsyfgAL3r9SZd3g8T
iwtc0WV8YsHiSAr6WoagyGNxhJ8anOOj4SVWbOtbx8UHXNlc+AaobBOLOqz6GilZ
tVyWa7BU8UOE0XWTGsaL
=74RL
-----END PGP SIGNATURE-----
This ensures that the message can be verified, and the message is still readable. This is commonly used in e-mails to mailing lists, so those with GnuPG can verify the sender of the messages, but other people on the mailing list who may not have it can still easily read the message.
However, this signature has still modified the file which poses a problem. For instance, what if you wanted to distribute an announcement as a pdf file, and wanted to sign it but have it readable by everyone. Clear-signing it would corrupt the pdf file, and signing it normally would mean that only those with GnuPG or other PGP software could read the (un-corrupted) announcement. However, there is a third option:
gpg -b {FILENAME}
The -b option is the short option for the detached-sign operation. This creates an additional file (by default named the same as the input file, but with .sig as a suffix) which contains the signature. This means that you have to distribute two files if you want the signature to be available. However, the original file is unmodified (so anyone can still read it easily, and binary files will remain uncorrupted, source files can still be compiled etc.), and anyone with PGP software can run it on the additional file containing the signature. GnuPG will then search for the file that has been signed (according to the filename stored in the signature, and it will prompt you for the files location if it cannot find it) and then check the signature against the data in the file. This form of signing is commonly used to verify the integrity of tarballs available for download - the signature file is also made available for download, and users who wish to verify the download can obtain this in addition to the tarball in order to verify it.
Mixing Operations
The first three operations we have discussed (symmetric and asymmetric encryptions, and signing) can all be mixed for the same message simply by adding the options together. For instance:
gpg -c -s -e {FILENAME}
Will produce a message that can be decrypted with the passphrase you specify, or it can be decrypted by any of the recipients you supply using their private keys, and once decrypted by either message it can be verified that you were the author of the message.
Clear signing and detached signing cannot be mixed with any other operations however - this is simply due to the nature of what they do and trying to use a method of signing designed to keep a message easy to read in addition to encryption would of course not make sense.
The PGP format
All of these operations (including clear signing and detached signing) create files which are in the OpenPGP format. Excepting clear-signing they all create files in the binary format by default (for detached signing, the signature file is binary although the source file may not be). However, there is also an ASCII variant of the OpenPGP format (which basically consists of the binary data encoded in base64 and wrapped in headers to indicate that it is an OpenPGP message).
In order to create a file in the ASCII format, simply add the Whereas normally GPG creates files with the In general I choose which format to use based on the following rules. If it's for an e-mail, always ASCII (although like most Linux e-mail software, my e-mail client handles the encryption and this choice for me anyway). If it's not for e-mail and it's a large-ish file (more than about one megabyte) then use the binary format. Otherwise, always use the ASCII format (just in case). It's worth noting, that while using GPG from the command line is very versatile, for many people it's not the easiest option. Fortunately there are many frontends for GnuPG and PGP that integrate it into various pieces of software. Most Linux e-mail clients (including Evolution which I use) support GPG natively - once you've set up your key, you simply tell the e-mail client which key to use for your e-mail account, and then you can choose to encrypt a message, and it will handle constructing the encrypted e-mail for you (PGP has it's own PGP/MIME extension to e-mail formats which can be used, similar to S/MIME for X.509 security), and will supply GPG the recipients of the message from the e-mail recipients you entered. Clear-signing is also supported by most, and is often enabled as the default for all messages by some people. I note (mainly because of its popularity) that Thunderbird does not support GPG itself, although this may be because excellent support for GPG can be added to Thunderbird by installing the EnigMail extension. IIRC, EnigMail also supports helping a user to generate a private key without using the command line (although I recommend using the command line as described so we can set our own security options). As for encrypting or signing files, there are many graphical frontends available for GPG to do this. My favourite, which is available for the GNOME desktop, is Seahorse (which you may recall me instructing you to install earlier). Seahorse provides a nice GUI for managing your keys, as well as a passphrase caching agent. For file encryption it integrates with Nautilus (GNOME's default file manager) so that you can right click on any file and select to encrypt or sign it (or decrypt if it's already encrypted). Seahorse provides graphical prompts for recipients and other details so that the command line need not be used at all for most encryption tasks. Seahorse also provides a plugin to GEdit (GNOME's default text editor) which allows you to encrypt, sign, or decrypt ASCII format PGP messages simply by selecting them in GEdit and clicking the appropriate button. That concludes today's post, I hope you found it interesting, and possibly even useful. In the next post I plan to cover how to obtain other people's public keys (as well as how to tell whether you can trust them) so that you can use these techniques to send messages to other people. DO out.-a switch in addition to other options, for example:
gpg -a -s -e {FILENAME}</code
.gpg or .pgp extension, when the ASCII format is used the generated files will have the .asc extension. The main advantage of the ASCII format is of course that it can be safely transmitted over mediums which only support the transfer of ASCII data (for example e-mail - your e-mail client encodes binary data in base64 for you when you send attachments to work around this). However the disadvantage of it is that any message will be longer in the ASCII format as the base64 encoding increases the length of data it encodes.Ease of Use
Next Time
UPDATE: WordPress Bug 2.9.1 – Title BruteForce
Feb 7th
So last night I received a call from ethicalhack3r saying that bug I had found should work in any blog because the Permalinks are still available even if you chose a different one. So what we were searching for was ?p= and then a random page number that had a post on it that wasn’t published.
He then wrote a script which would brute force the page numbers so that we could find them in any site. Not only did this show up all the drafts that I had at the moment, but also the posts that I had though I had deleted. The posts that had been deleted and never shown i.e. drafts, could be seen by a member on the forum. However future posts could not be, but the title could be seen.
We started to run this script against other people’s blogs to see if it worked for them, and it didn’t. So we came to the conclusion that it was my blog that had something wrong. I removed all my plug-ins and got ethicalhack3r to try again and it still worked. So I was getting really frustrated that it was something that I had done.
I then checked my theme and realised that there was an update. So I updated and it still worked! Ethicalhack3r then made a test blog using the scripts available through our host and installed the latest version of my theme. It wasn’t working now. We came to the conclusion that it must be the theme, but why did it work on my site and not on the test?
We compared source code and found the following -
<title><?php if (is_home () ) { bloginfo('name'); echo " - "; bloginfo('description');
} elseif (is_category() ) {single_cat_title(); echo " - "; bloginfo('name');
} elseif (is_single() || is_page() ) {single_post_title(); echo " - "; bloginfo('name');
} elseif (is_search() ) {bloginfo('name'); echo " search results: "; echo wp_specialchars($s);
} else { wp_title('',true); }?></title>
More specifically we were looking for this -
else { wp_title('',true);
All this is doing is telling the page to replicate the title of the post inside the title tags. This can found in the header.php
We then went to the website that the theme came from looking for a change log but couldn’t find one and we found that he hadn’t kept one. So all I know is that I was running > version 1.9.9.
A clean install of the theme would fix this, but the update doesn’t change this part of the code. After a few Google searches we found that a lot of people were using the old version of the theme and were vulnerable to the attack that I had found.
Another interesting thing is that you can post a comment to the future post, I currently have two comments schdualed for 01/01/2011 – the first one is from ethicalhack3r saying “Muhahahaha” & and the second one from Tom Sellers, someone who works on Nmap, said “Test post to Marty McFly.”
This is how it is done -
Open any of your blog posts. Save a copy of the HTML document to local disk. Open that file with an editor and replace all instances of the post id (mine was copied from post 122, http://tmacuk.co.uk/?p=122) with the post id of the future post, in your case 153. It shows up in a few formats (p=122, value="122, value='122) so just find and replace the number. Save the document and then open it. Enter a comment and post it. It should show up on your future post, McFlyThe captcha is a full link to the captcha service so its live and works, BONUS!
So if you wanted to know why I have changed my theme there you go. I am guessing that you can still comment to that post now, however you wouldn’t be able to find it because that bug isn’t available on my site no more.
So the bug went a lot deeper than I first thought. I must thank ethicalhack3r and Tom Sellers for giving me some help last night, if it wasn’t for them this post would have probably taken a week to bring out and I probably would be using the same buggy theme.
Here is a link to the theme – http://wordpress.org/extend/themes/pixel. Remember a clean install will not produce the bug, so if you want to try it out, you need to edit the code to what I have talked about today.
tmacuk
Found a Bug in Wordpress 2.9.1
Feb 6th
I found this after I published a post for the future.
I don’t know how much you guys know about Wordpress, the main thing I want you to know is that PlayStation and Ebay use it.
Imagine if you could find out something that PlayStation was going to release before they announced it? Lets take the example of Apple annoucing the Ipad. It would make alot of sense for them to write the article first and have it so that it publishes itself when they are giving the talk at whatever conference they did. What if you could see the title of this document before hand.
Using simple URL bruteforcing you can. There are a number of different options in Wordpress that you can use for your URL “Permalinks” I just use ?p=153 meaning I guess post=(number). You can however use variations of dates, numbers or create you own.
I have just created a post which isn’t going to be released until next year take a look at http://tmacuk.co.uk/?p=153 – Look at the top of your browser and you can see the title of the post that I have made 
Imagine finding out about the PlayStation 4 :S
tmacuk
Cryptography 2: Your Own GnuPG Key
Feb 5th
Hello again all, I’m here for the second instalment of this series on cryptography. In this post I will attempt to show you how to generate your own keypair with GnuPG. I’ll be covering how to use it in following posts.
Installing GnuPG
GnuPG is widely available on almost all linux distributions, and it has been packaged for windows as well. I suggest you install it from your package manager, otherwise various versions can be found at the GnuPG website. If you download from here please note I will be using the 1.x series.
Those of you lucky enough to be on Ubuntu with a GNOME desktop will get additional ease-of-use because of seahorse. I will explain a little bit of this later, and seahorse is almost certainly available for other distros (it’s just that I use Ubuntu so I’m no expert on how to get it). To make sure you’ve got everything ready, Ubuntu users run the following command:
sudo apt-get install gnupg seahorse seahorse-plugins
Preparing to Generate a Key
Now, there are a few things you need to have ready. Firstly, be ready to make a note or two, don’t worry, we won’t be making notes of anything secret. Secondly, we are going to be using a terminal, so open one up now. If you don’t know how to use a terminal, don’t worry, you can get by just typing the commands I say, but (and this is talking only to any white-hats in the audience) if you don’t know the terminal yet, it’s time you learn, NOW.
For the final preparation we are going to configure GnuPG a little bit. While GnuPG is quite secure by default, it’s not as secure as it can be by default, so we’re going to beef things up a little bit with the configuration file. By default all the GnuPG files (configuration, secret keyring, public keyring, and trust database) live in ‘${HOME}/.gnupg’, and this is known as the GnuPG home directory. As we have to run a GPG command to ensure everything is generated for us to start with, you may as well run the following command so you can check you’ve got the right place.
gpg --version
gpg (GnuPG) 1.4.9
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cypher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
You can see where the GnuPG home directory is in there, yes, it's the path after 'Home:' in case you hadn't guessed. Not also the list of supported algorithms.
A short technical explanation here. The 'Pubkey' algorithms are asymmetric ciphers, we will be choosing between these when we generate the key. The 'Cypher' algorithms are symmetric ciphers, different one's of these may be used for different messages, but we will be setting a preference in the config file, and our key will contain a list for other people of which ones we like to receive best. The 'Hash' algorithms are just that, hash algorithms also known as digest algorithms, these produce a sort of fingerprint for a file, which is used for signing, we will also be setting a preferred list of these. Finally, it lists the available compression methods.
So, having checked the location of our .gnupg folder, we're going to edit the config file. So open up ~/.gnupg/gpg.conf in your favourite text editor (it might not exist yet). We're going to add several lines to this file, and you're free to add comments with them as much or little as you like (comments in this file start with a #).
The first option we're going to add is just to stop an annoying function of GnuPG
no-greeting
This simply disables a copyright notice on startup. Note that it's because of copyright law that it has to be shown by default, so no blaming GnuPG 
.
Next up, just to make things as easy as possible:
use-agent
This tells GnuPG to use a secure password caching agent if there is one availbable, so that you don't have to type in your passphrase as many times. Those of you who installed seahorse earlier, it should provide one with a nice GNOME interface for you.
Now we get into the meaty bits:
personal-cipher-preferences AES256 AES192 TWOFISH AES BLOWFISH CAST5
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5
personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
These lines set the default choices of algorithms, our 'preferences'. If we are sending a message to someone else then their preferences will also be taken into account, but when we're generating our key it's only us, so the algorithms used will be AES256, SHA512 and ZLIB compression.
And finally:
default-preference-list SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5 AES256 AES192 TWOFISH AES BLOWFISH CAST5 ZLIB BZIP2 ZIP Uncompressed
This does essentially the same thing as the last set of options, except that this tells GnuPG it should put this list of preferences in your public key for other people to use.
Generating a key
The next step is generating a key, for which we are going to use a long command line. The many options in this command line are used to control how GPG implements 's2k' to generate the key used to protect our private key (I know, complicated isn't it?) from our passphrase. I'm not going to explain them here (in the later post on password strength I'll explain about what they control), but you can always look them up elsewhere if you want, suffice to say these settings should beef up the default security. So, type into your terminal (be sure to scroll all the way to the right to get the whole command):
gpg --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 --s2k-mode 3 --s2k-count 131072 --cert-digest-algo SHA512 --gen-key
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) DSA and Elgamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection? 5
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and E-mail Address in this form:
"Heinrich Heine (Der Dichter) "
Real name: Test User
E-mail address: test@example.com
Comment: Do Not Use
You selected this USER-ID:
"Test User (Do Not Use) "
Change (N)ame, (C)omment, (E)-mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, use the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 244 more bytes)
+++++
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 32 more bytes)
+++++
gpg: key A0503C60 marked as ultimately trusted
public and secret key created and signed.
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 4096R/A0503C60 2010-02-02
Key fingerprint = DB0A 6208 7277 4505 69F3 2DDE 7F5F C5A5 A050 3C60
uid Test User (Do Not Use)
Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.
You'll need to answer several questions along the way - there are examples of answers for all of them above, but the only one where you must choose the same as shown is for the type of cipher to use, you must select option 5 (RSA sign only). GnuPG is quite right that we can only sign with this key - we'll be adding encrypt capabilities later. While it is not essential that you choose these options, I do strongly recommend that you choose 4096 bits for the key length, and that you choose 0 as the expiry so that your key will last as long as you like (you can manually revoke it later).
Next, just as GnuPG suggests, we're going to use --edit-key to add a subkey for encryption. First however, make a note of the key ID that GnuPG gave you, as you'll need to use this to refer to your key for these commands. In the above example the key id is the characters after '4096R/', in this case 'A0503C60'. Make a note of this, you'll be using it a lot in the rest of these steps.
gpg --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 --s2k-mode 3 --s2k-count 131072 --cert-digest-algo SHA512 --edit-key A0503C60
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Secret key is available.
pub 4096R/A0503C60 created: 2010-02-02 expires: never usage: SC
trust: ultimate validity: ultimate
[ultimate] (1). Test User (Do Not Use)
Command> addkey
Key is protected.
You need a passphrase to unlock the secret key for
user: "Test User (Do Not Use) "
4096-bit RSA key, ID A0503C60, created 2010-02-02
Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, use the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
............+++++
..+++++
pub 4096R/A0503C60 created: 2010-02-02 expires: never usage: SC
trust: ultimate validity: ultimate
sub 4096R/9875F234 created: 2010-02-02 expires: never usage: E
[ultimate] (1). Test User (Do Not Use)
Command> save
Again, you must pick the same key type, and I strongly suggest you pick the same key size and expiry. The initial --edit-key command brings up a sort of shell used for editing a key, the addkey command which you will type in tells it to add a subkey. You can also use the --edit-key command to add extra UIDs, usually used by people who have more than one e-mail address. To do this, start the edit key command, then type adduid and follow the steps to add each uid. After adding all of them type 'save', then run the edit key command again (you should notice the UIDs will have been marked as ultimate when you restart it), type 'uid', followed by the number (preceded by a space, e.g. uid 1) of the uid which you wish to make the primary uid. This will select it, then type primary to mark it as the primary uid. Then type save once again.
Configuring for Use
Having done all the above you've finished generating your key, however there are a few additional steps I would suggest to make using it easier. First up are two configuration tweaks now we have a key, so open up your GnuPG configuration file (~/.gnupg/gpg.conf by default), and first add the following line:
default-key A0503C60
This does what it says on the tin, sets the default key to GPG to your key (remember to replace my key id with yours). This means you won't have to tell it which key to use for signing every time.
Secondly, add this line:
hidden-encrypt-to A0503C60
This line (remember to substitute your key id) tells GnuPG to always add you as an extra recipient to all messages. The hidden part tells it to add you as a hidden recipient so your key id won't be shown to others who have the file, but you'll still be able; to use your key to open it. Why do we add this? So that if you send and encrypted e-mail to someone, you can read the copy in your sent mail folder .
Next, if you are an avid user of BASH, I suggest adding this to your bashrc (ignore this if you don't know what I'm talking about):
export GPGKEY=A0503C60
I like to have this so that I can always specify my GPG key using $GPGKEY, I don't have to remember the ID. That said, most of the time you don't need to specify an ID anyway.
The final step we are going to take is another terminal command. As I mentioned in my previous post, because this does not harm the security of GPG, it's generally preferable to distribute your public key very widely, so that as many people as possible can use it. This is very simple to do thanks to keyservers. I'll explain about keyservers and how to use them in a later post, but for now we'll just get your key onto the network:
gpg --keyserver keyserver.ubuntu.com --send-keys A0503C60
Remember to replace my key id with yours, and that should send your public key (don't worry it won't send a private key) off into the network where it can be accessed by anyone (I'll show you how to access keyservers in a later post).
Next Time
That concludes the second in this series of articles on encryption. Now we've generated our GPG key, in the next post I'll attempt to show you how to use it (although only encrypting to yourself in that post, getting other peoples keys so we can make messages to them will come in the 4th post). I hope you found this interesting, stay tuned for the next post.
DO out.
Cryptography 1: An Introduction to GnuPG
Feb 2nd
A Quick Intro
Hello everyone, my name is Matthew and as you might have guessed I’m here to provide a guest series on cryptography. If any of you should feel the strange desire to check me out, you might want to start at my technical blog here.
I’m afraid I must also make a short disclaimer. Although I like to think I know plenty about it, I’m not an expert in cryptography (or at least not yet). But I do know more than Tmacuk does, so that’s alright I guess.
The Current State of Cryptography
In the next few posts I’m going to be introducing you to a particular set of cryptographic software, namely GnuPG/PGP. I’ve chosen to show you this software, partly because I use it and it’s very useful, but also because it makes use of many of the most modern algorithms, so it’s a good chance for you all to see the state of cryptography in the present day.
Historically there has been a long ongoing battle between cryptographers trying to send secure messages, and cryptanalysists trying to read them. At various points through history the balance of power has shifted between one and the other, but at the moment the boot is firmly on the foot of the cryptographer. If you use the systems I describe here, then (excepting some caveats) it is thought (by some people) that cracking one of your encrypted messages would take longer than the age of the known universe. Not that I’m being at all sensationalist of course.
PGP, OpenPGP and GnuPG
The standard of encryption we are going to be using is called OpenPGP, and it is an open standard implemented by many pieces of free and non-free software. It’s based on (and very similar to) the original PGP file format (PGP was the first cryptography software for ordinary desktop users), and allows many different applications to interoperate so people using different software can easily send each other encrypted messages.
GnuPG (shortened to GPG) is the Gnu Privacy Guard, GNU’s open source implementation of the OpenPGP standard. As well as the required elements it supports many extra ciphers and algorithms for extra security, most of which are supported by most other implementations anyway. This is the software I will be using for this guide, as it is the easiest to use for most GNU/Linux users (myself included). It should be noted that, while we will be configuring it to allow you to send messages to people using other software, you may not be able to export your key and import it into other software because we will be using some extra protections for it. However, we shan’t be generating a key until next post folks.
How GPG works
GPG combines two different encryption technologies to provide an easy way to securely send a message to another. The first of these is asymmetric encryption, also known as `public key’ encryption. This form of encryption allows a message to be sent without having to exchange any secret information prior to sending. Each GPG user generates their own private key, which they keep secret. However, in doing so, they also generate a public key, and this should be distributed as widely as possible. If somebody wishes to send a message, they first look up the recipients public key.
Usually this is done using a keyserver which stores public keys that are uploaded to it – there exists a large network of these servers, and they all share keys with each other so that the keys are as widely available as possible. Once you have the recipients public key, this can be used to encrypt a message to them. Anyone can encrypt a message using the public key, but these messages can only be decrypted using the private key, which only the recipient has a copy of.
However, asymmetric ciphers are notoriously slow, and if you were to encrypt an entire message with them it could take several minutes. So to provide speed, a symmetric cipher is used to encrypt the message body. Symmetric ciphers use the same key for encryption and decryption, so a new key is generate for each message, and this key is then encrypted using the public key of the recipient, and sent with the message (in a header).
This method provides speed and easy security. Anybody can easily send a message to the recipient using their public key, and only the recipient can use their private key to decrypt the key for the message body, and in turn decrypt and read the message. It is also possible to use the asymmetric cipher in reverse, to create data that only the owner of the private key can encode, and anyone else can decode. GPG also can do this, known as digitally signing, and this can be used by the recipient to verify that a message was sent by the owner of a particular public key (and has not been modified by anyone during transmission).
Cracking GPG
While GPG is relatively secure, it is of course not impossible to break it. There are two main cases for an attack on GPG, and fortunately both of them should be unreasonably difficult to crack, as will be discussed
below.
The first case is if an attacker were to intercept an encrypted message. There are currently no known shortcut attacks for either AES (the symmetric cipher we will choose to use), or RSA (the asymmetric cipher). This means that the attacker has three choices of how to proceed. Firstly, the attacker can try to brute force the AES encryption. Because the AES key is not generated from a password, this must be done directly and possibly weak passwords cannot be used as a shortcut. Assuming we use AES256 (a 256 bit key) this means the attacker must (according to probability) try 50% of the 2^256 possibilities (2^255 different keys) in order to find the correct one. To put this in perspective, the universe is estimated to be 13.7 billion years old, which is equivalent to a bit under 2^88.5 nanoseconds. So if we assume an attacker can check one possible key every nanosecond (which means they can check one billion keys per second) it would take them thousands of times longer than the universe has existed for. For this reason, 256 bit AES is generally considered to be too secure to effectively crack.
The second and third possible attacks are concerned with cracking the RSA key. The first of these possibilities is to simply try all the possible private keys, but as the RSA key is even longer than the AES key (4096 bits compared to 256 bits) this is generally considered to be impossible. The other possibility is to try and work out what the private key is from from the public key.
Fortunately this is also difficult. The private key consists of two very large prime numbers, which when multiplied together give us the public key, a number 4096 bits long (very very big). This means it is very easy to calculate the public key from a private key, but as much as it seems it would be easy to factorise the public key to find the private key, this is actually very hard to do. There are several known optimisations to factoring, but even with these optimisations the attacker still has to try almost every possible pair of factors in order to find the correct one, so this attack should still take a long time, and RSA is considered secure for the time being (see Quantum Attacks below).
The second case for an attack on GPG offers one other possible, much easier, method of attack. If an attacker has a copy of the file in which a user’s private key is stored (for example by having hacked into their computer) this allows an attack based on weak passwords. The private key is stored by GPG in a file which is symmetrically encrypted, but unlike the symmetric encryption in a message, this encryption is done using a key generated from the user’s passphrase. This means an attacker can try possibilities of the passphrase, in the hope that the user will have picked an easy to guess password. GPG employs several techniques to make this harder, including using a salt to prevent precomputed dictionary attacks (also known as rainbow tables) and using password strengthening in order to slow down a brute force attack. However, despite these measures, it is generally considered that if an attacker gets a copy of the file containing your private key, the security measures are there to buy you enough time to have your private key revoked, so that future messages will still be secure. However, providing you keep your computer secure (and in my case I keep my key on an encrypted partition as well) hopefully this should never be an issue.
Quantum Attacks
As mentioned earlier, the balance of power is currently firmly with the cryptographers rather than cryptanalysists. However, depending on how quickly quantum computing is developed this may change things. There is one particular algorithm for factorisation, which would only be possible to
implement on some very specialised quantum computers, and so is yet impossible to use. However, if it was to be implemented, it would make RSA useless, as it would allow public keys to be factorised (and thus RSA keys cracked) in the same amount of time it takes to use them. Fortunately however, it is unlikely that this will be possible for a long time, and so RSA is still considered secure for the time being.
Next Time
That concludes this lengthy articles on the methods behind, and the security of GPG. In my next article I plan to show you how to generate your own GPG key, and I will then attempt to demonstrate its use in the following articles. I hope you found this interesting, stay tuned for next time.
DO out.
Interview with the “Blackhat” – CC
Feb 1st
So finally the second interview has been recorded, editing and placed on the website.
After the success from my last interview, where I saw a record amount of hits/comment on the website, and a lot of replays on different security podcasts I have decided to look more in depth into the technical world of a hacker.
The interview can be found here LINK
The script that we talk about on the call can be found here LINK
Any question email me at tmac<----@---->tmacuk.co.uk
hopefully this will be uploaded on HPR very soon.
Another New Domain / IWABH Update
Jan 28th
Hey again. Just a quick update that you will now be able to access my website at http://www.tmacuk.com
All these extra domain names are just part of a bigger plan I am thinking of releasing next year with a friend from University. So a list of all current domain names are -
http://www.tmacuk.co.uk
http://www.tmacuk.com
http://www.thomasmackenzie.co.uk
I want to now try and get -
http://www.tmacuk.net
http://www.thomasmackenzie.com
http://www.thomasmackenzie.net
Two of these domain are already active so I am going to have to try and negotiate with the current owners to see if I can transfer them to myself.
News regarding Interview with a Blackhat has been non existant recently. I was supposed to do the next interview last Sunday but I was unable to get my lazy backside out of bed to meet the interviewee in town. I am currently negotiating trying to do the interview over the phone but struggling with how I am going to record it as Windows Mobile has turned off recording whilst in call, and I have lost my data cable to edit the registry to allow it. I will however figure it out, even if I need to buy the interviewee a headset to speak over Skype. So rest assured the interview will be available soon enough.
Thanks
tmacuk
PHP Calculator
Jan 22nd
So this evening I set myself a challenge to create a simple PHP calculator. With a little (actually a lot) help from a friend I managed to get the calculator working.
It contains the simple functions of +,/,*and – and also 3 memory slots to save the result which you are able to call back at anytime.
It contains JavaScript too. So allow your browsers to view it.
http://www.tmacuk.co.uk/php/calc/
I will be developing this more and more as I get time, just for practise purposes. I wanted to make the help box invisible until you click the button. I want to create a AC and/or DEL button to remove what is in the result/input boxes. Finally I want to make it look more pretty so at the same time practising my CSS and HTML.
Access to source code will be available eventually. At the moment the code is really messy and quite embarrasing to show.
Thanks
tmacuk
New Domain and PHP
Jan 20th
Earlier on I was meaning to go onto http://ethicalhack3r.co.uk when by accident I entered http://www.ryandewhurst.co.uk. I then realised my mistake and went onto the website looking for a tutorial for Boxee. After thinking about the mistake I made I thought it would be a sensible idea for myself. Today I bought http://www.thomasmackenzie.co.uk. For now it will just be directed to this website, but as time progresses and my knowledge expands I will be using it as my own personal website so that I can potentially sell services to my clients – no funny services before you all start flooding the comments!
On another note I started about and hour ago learning PHP and to be honest I feel like I have done very well. I have decided to write down my notes and copy the source code on the website. Starting NOW!
Just to note I am using this tutorial at the moment – PHP 101
here is the link http://tmacuk.co.uk/php/
Sabayon a fresh start
Jan 16th
So last night a friend and I spent our time trying to get Linux installed onto my laptop. I don’t know if any of you had seen on Twitter but I was having some problems getting Ubuntu installed.
I ended up settling for what he uses which is Sabayon. I had used this briefly a few years ago just as I was getting into the whole Linux scene, but at that time I really didn’t understand what Linux was.
At first glance Sabayon was brilliant. It looks smart and it runs with Gnome so what I have learnt with Ubuntu hadn’t been wasted. The problem came when I tried to get my wireless working. I was looking everywhere on the Internet for help with getting it installed and all I could find was the bloody Ubuntu forums, they were being too helpful for once. In the end I just followed one hoping that it would work. I used ndiswrapper again with the Win2k version of the driver and after some tinkering about I can now get the laptop running through my wireless. The only problem I have now is that I have to run sudo modprobe ndiswapper at boot through the terminal. I have added ndiswrapper to /etc/modules but it is still not running at boot. There must be something slightly different I have to do with Sabayon which I cannot figure out yet but no worries I don’t have Windows to keep me busy now.
The aim now is to get myself to grips with their package manager. I am loving my new found love for Linux, probably because when people see it they stop to say “hey what’s that” and it also stops my girlfriend trying to get on my PC/Laptop too 
