Encryption
In this assignment you will learn how to hide your words and
files, in the form of packets, from those prying eyes and ears of
Eve. To do this you will be using pretty good privacy (PGP) to encrypt and sign
email correspondences with
your instructor or grader, using the email address you were given by
them.
As discussed in the textbook,
Introduction to Computer
Security, encryption is the process of
securing communication and doing so involves just a few easy steps.
Instructions
The first step is to determine the
operating system (OS) that you will be using.
Once you've completed that difficult task, it's on to using
Thunderbird to encrypt your emails. You can of course use other
clients to encrypt your mail, in which case, you may ignore the steps
described below. The steps below assume that you are using Thunderbird.
Thunderbird
Thunderbird will
allow you (with a bit of
tinkering) to "securely" send emails, through the use of an
encryption algorithm, to your friend "Bob." For this assignment,
your instructor or grader
will be the recipient, of course.
- Step 1: Download Thunderbird and install it.
To configure Thunderbird for your email service,
follow the appropriate instructions (or use those for your
email provider), such as the following:
- Step 2: Download a PGP program.
- Step 3:
- Windows Users: Follow the on screen instructions for
installing Gpg4win. When the "Choose Components" box shows up, all
you need to select is GnuPG and GPA. Optionally, you
can select the manuals at the bottom if you want to read more about
encryption or keep them for future reference. Remember the location
you install GPG in as you will need it shortly.
- Mac Users: Install Mac GPG.
- Step 4: Download the Enigmail extension for Thunderbird and save it
somewhere.
- Step 5: Once you've downloaded Enigmail, in
Thunderbird open Tools -> Add-ons -> Install, and then choose
the Enigmail extension file.
- Step 6: When you've restarted Thunderbird with
Enigmail installed, you will see an OpenPGP menu item. Open it and go
to Preferences. There you'll find a dialog to point to your GnuPGP
binary. Click Browse. On a typical Windows machine, GPG is
installed under Program
Files\GNU\GnuPG\gpg2.exe. For Mac, it's most likely in
/usr/local/bin/gpg. In order for other people to send you encrypted
messages, they will need your public key. There are a number of keyservers which host such public keys, but for
our purposes we will be using pgp.mit.edu. Go to the
Keyserver tab and make sure pgp.mit.edu is listed in the
dialogue box. If you don't see a Keyserver tab, click on
Expert Settings.
(Note: your instructor or grader will have by now published his or
her public key in the pgp.mit.edu keyserver.)
- Step 7: Now you'll need to generate your
public/private key pair. From the OpenPGP menu item, choose Key
Management. From the Generate menu, choose New Key Pair. Choose the
email address you want to create a key for, and set a passphrase. You
can set the expiration term for your key or set it to never expire,
it's your choice. Hit the "Generate Key" button, and relax - it can
take a few minutes.
- Step 8: When it's done, you have the chance to
generate a "revocation certificate." This certificate can invalidate
your public key just in case your private key is ever compromised. Go
ahead and get your revocation certificate and save it.
- Step 9: Publish your key by selecting it in the key
management window, clicking the Keyserver tab and selecting
Upload Public Keys.
Sending Encrypted/Signed Emails
Now that you've followed these instructions,
it's time to let your instructor or grader
know that you are capable of sending encrypted messages.
Of course, this process should be done from your email account
for which the public key is published.
- Step 1: Before you can send an encrypted message to
your instructor or grader,
you must obtain his or her public key. To get this, open the Key
Management window, click Keyserver, and select Search for
Keys. Type in his or her email address
(exactly as given to you) and then click search.
You will find the public key there,
import it.
You may also be able to find a PGP public key from
the personal web site for your instructor or grader.
- Step 2: Compose an email. Just to avoid confusion,
here is the format of the email you will have to make.
- Make the title as "Homework for Chapter 1"
- For the content, please wish
your instructor or grader your best wishes for the rest of the course,
and include your name and student ID as it appears in the class roster.
- Step 3: Click the OpenPGP tab, and select both
Encrypt and Sign message.
- Step 4: Click Send. You will then be prompted to
select the recipient's key. Do so, and click OK. You may be prompted
with questions about sending in plaintext or HTML, choose plaintext.
- Step 5: You're done!
Now you know how to send encrypted messages.
This page is derived from an assignment by Chris Bronk at Rice
University.