tmacuk

Hello again all, I’m here for the second instalment of this series on cryptography. In this post I will attempt to show you how to generate your own keypair with GnuPG. I’ll be covering how to use it in following posts.

Installing GnuPG

GnuPG is widely available on almost all linux distributions, and it has been packaged for windows as well. I suggest you install it from your package manager, otherwise various versions can be found at the GnuPG website. If you download from here please note I will be using the 1.x series.

Those of you lucky enough to be on Ubuntu with a GNOME desktop will get additional ease-of-use because of seahorse. I will explain a little bit of this later, and seahorse is almost certainly available for other distros (it’s just that I use Ubuntu so I’m no expert on how to get it). To make sure you’ve got everything ready, Ubuntu users run the following command:

sudo apt-get install gnupg seahorse seahorse-plugins

Preparing to Generate a Key

Now, there are a few things you need to have ready. Firstly, be ready to make a note or two, don’t worry, we won’t be making notes of anything secret. Secondly, we are going to be using a terminal, so open one up now. If you don’t know how to use a terminal, don’t worry, you can get by just typing the commands I say, but (and this is talking only to any white-hats in the audience) if you don’t know the terminal yet, it’s time you learn, NOW.

For the final preparation we are going to configure GnuPG a little bit. While GnuPG is quite secure by default, it’s not as secure as it can be by default, so we’re going to beef things up a little bit with the configuration file. By default all the GnuPG files (configuration, secret keyring, public keyring, and trust database) live in ‘${HOME}/.gnupg’, and this is known as the GnuPG home directory. As we have to run a GPG command to ensure everything is generated for us to start with, you may as well run the following command so you can check you’ve got the right place.

gpg --version

gpg (GnuPG) 1.4.9
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cypher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

You can see where the GnuPG home directory is in there, yes, it's the path after 'Home:' in case you hadn't guessed. Not also the list of supported algorithms.

A short technical explanation here. The 'Pubkey' algorithms are asymmetric ciphers, we will be choosing between these when we generate the key. The 'Cypher' algorithms are symmetric ciphers, different one's of these may be used for different messages, but we will be setting a preference in the config file, and our key will contain a list for other people of which ones we like to receive best. The 'Hash' algorithms are just that, hash algorithms also known as digest algorithms, these produce a sort of fingerprint for a file, which is used for signing, we will also be setting a preferred list of these. Finally, it lists the available compression methods.

So, having checked the location of our .gnupg folder, we're going to edit the config file. So open up ~/.gnupg/gpg.conf in your favourite text editor (it might not exist yet). We're going to add several lines to this file, and you're free to add comments with them as much or little as you like (comments in this file start with a #).

The first option we're going to add is just to stop an annoying function of GnuPG

no-greeting

This simply disables a copyright notice on startup. Note that it's because of copyright law that it has to be shown by default, so no blaming GnuPG .

Next up, just to make things as easy as possible:

use-agent

This tells GnuPG to use a secure password caching agent if there is one availbable, so that you don't have to type in your passphrase as many times. Those of you who installed seahorse earlier, it should provide one with a nice GNOME interface for you.

Now we get into the meaty bits:

personal-cipher-preferences AES256 AES192 TWOFISH AES BLOWFISH CAST5
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5
personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed

These lines set the default choices of algorithms, our 'preferences'. If we are sending a message to someone else then their preferences will also be taken into account, but when we're generating our key it's only us, so the algorithms used will be AES256, SHA512 and ZLIB compression.

And finally:

default-preference-list SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5 AES256 AES192 TWOFISH AES BLOWFISH CAST5 ZLIB BZIP2 ZIP Uncompressed

This does essentially the same thing as the last set of options, except that this tells GnuPG it should put this list of preferences in your public key for other people to use.

Generating a key

The next step is generating a key, for which we are going to use a long command line. The many options in this command line are used to control how GPG implements 's2k' to generate the key used to protect our private key (I know, complicated isn't it?) from our passphrase. I'm not going to explain them here (in the later post on password strength I'll explain about what they control), but you can always look them up elsewhere if you want, suffice to say these settings should beef up the default security. So, type into your terminal (be sure to scroll all the way to the right to get the whole command):

gpg --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 --s2k-mode 3 --s2k-count 131072 --cert-digest-algo SHA512 --gen-key

gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? 5
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and E-mail Address in this form:
    "Heinrich Heine (Der Dichter) "

Real name: Test User
E-mail address: test@example.com
Comment: Do Not Use
You selected this USER-ID:
    "Test User (Do Not Use) "

Change (N)ame, (C)omment, (E)-mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, use the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy!  (Need 244 more bytes)
+++++

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy!  (Need 32 more bytes)
+++++
gpg: key A0503C60 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   4096R/A0503C60 2010-02-02
      Key fingerprint = DB0A 6208 7277 4505 69F3  2DDE 7F5F C5A5 A050 3C60
uid                  Test User (Do Not Use) 

Note that this key cannot be used for encryption.  You may want to use
the command "--edit-key" to generate a subkey for this purpose.

You'll need to answer several questions along the way - there are examples of answers for all of them above, but the only one where you must choose the same as shown is for the type of cipher to use, you must select option 5 (RSA sign only). GnuPG is quite right that we can only sign with this key - we'll be adding encrypt capabilities later. While it is not essential that you choose these options, I do strongly recommend that you choose 4096 bits for the key length, and that you choose 0 as the expiry so that your key will last as long as you like (you can manually revoke it later).

Next, just as GnuPG suggests, we're going to use --edit-key to add a subkey for encryption. First however, make a note of the key ID that GnuPG gave you, as you'll need to use this to refer to your key for these commands. In the above example the key id is the characters after '4096R/', in this case 'A0503C60'. Make a note of this, you'll be using it a lot in the rest of these steps.

gpg --s2k-cipher-algo AES256 --s2k-digest-algo SHA512 --s2k-mode 3 --s2k-count 131072 --cert-digest-algo SHA512 --edit-key A0503C60

gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/A0503C60  created: 2010-02-02  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
[ultimate] (1). Test User (Do Not Use) 

Command> addkey
Key is protected.

You need a passphrase to unlock the secret key for
user: "Test User (Do Not Use) "
4096-bit RSA key, ID A0503C60, created 2010-02-02

Please select what kind of key you want:
   (2) DSA (sign only)
   (4) Elgamal (encrypt only)
   (5) RSA (sign only)
   (6) RSA (encrypt only)
Your selection? 6
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
         0 = key does not expire
        = key expires in n days
      w = key expires in n weeks
      m = key expires in n months
      y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, use the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
............+++++
..+++++

pub  4096R/A0503C60  created: 2010-02-02  expires: never       usage: SC
                     trust: ultimate      validity: ultimate
sub  4096R/9875F234  created: 2010-02-02  expires: never       usage: E
[ultimate] (1). Test User (Do Not Use) 

Command> save

Again, you must pick the same key type, and I strongly suggest you pick the same key size and expiry. The initial --edit-key command brings up a sort of shell used for editing a key, the addkey command which you will type in tells it to add a subkey. You can also use the --edit-key command to add extra UIDs, usually used by people who have more than one e-mail address. To do this, start the edit key command, then type adduid and follow the steps to add each uid. After adding all of them type 'save', then run the edit key command again (you should notice the UIDs will have been marked as ultimate when you restart it), type 'uid', followed by the number (preceded by a space, e.g. uid 1) of the uid which you wish to make the primary uid. This will select it, then type primary to mark it as the primary uid. Then type save once again.

Configuring for Use

Having done all the above you've finished generating your key, however there are a few additional steps I would suggest to make using it easier. First up are two configuration tweaks now we have a key, so open up your GnuPG configuration file (~/.gnupg/gpg.conf by default), and first add the following line:

default-key A0503C60

This does what it says on the tin, sets the default key to GPG to your key (remember to replace my key id with yours). This means you won't have to tell it which key to use for signing every time.

Secondly, add this line:

hidden-encrypt-to A0503C60

This line (remember to substitute your key id) tells GnuPG to always add you as an extra recipient to all messages. The hidden part tells it to add you as a hidden recipient so your key id won't be shown to others who have the file, but you'll still be able; to use your key to open it. Why do we add this? So that if you send and encrypted e-mail to someone, you can read the copy in your sent mail folder .

Next, if you are an avid user of BASH, I suggest adding this to your bashrc (ignore this if you don't know what I'm talking about):

export GPGKEY=A0503C60

I like to have this so that I can always specify my GPG key using $GPGKEY, I don't have to remember the ID. That said, most of the time you don't need to specify an ID anyway.

The final step we are going to take is another terminal command. As I mentioned in my previous post, because this does not harm the security of GPG, it's generally preferable to distribute your public key very widely, so that as many people as possible can use it. This is very simple to do thanks to keyservers. I'll explain about keyservers and how to use them in a later post, but for now we'll just get your key onto the network:

gpg --keyserver keyserver.ubuntu.com --send-keys A0503C60

Remember to replace my key id with yours, and that should send your public key (don't worry it won't send a private key) off into the network where it can be accessed by anyone (I'll show you how to access keyservers in a later post).

Next Time

That concludes the second in this series of articles on encryption. Now we've generated our GPG key, in the next post I'll attempt to show you how to use it (although only encrypting to yourself in that post, getting other peoples keys so we can make messages to them will come in the 4th post). I hope you found this interesting, stay tuned for the next post.

DO out.