Pretty Good E-mail Encryption – The Snowden Way


GPG-LOCKGNUPG-BLUE

Just about a year ago, a video was posted on the Vimeo website, with the intention of demonstrating encryption for journalists, by one “anon108”.   The video was for Glenn Greenwald, the reporter who subsequently broke the NSA mass surveillance stories; he watched it, didn’t really understand it, and didn’t bother to take it any further.   As Greenwald says in his new book, “No Place to Hide”, “That’s how close I came to blowing off one of the largest and most consequential national security leaks in US history”.    “anon108” turned out to be Edward Snowden.   He was trying to teach Greenwald exactly what we are going to do now – encrypt messages the Snowden Way.

This is a simple way of using PGP (Pretty Good Privacy) encryption, which has the advantage of showing you what is going on, graphically.  Also, you can use it in any e-mail client, or even just to encrypt documents.  Once you understand the basic ideas, you’ll see that the technique is really quite easy.

Just one thing: it will help if you have already read my article on encryption here:  https://davescomputertips.com/e-mail-encryption-encryption-encryption/ .   It explains some of the basics of e-mail encryption with diagrams of the encryption process.

Let’s make this more real.  You are John Smith, a freelance reporter, and you want to send an urgent message to Sabira Durani, who is an undercover human rights activist in an unnamed foreign country.  She will only talk to you via anonymous e-mail addresses and encrypted messages.  Messages to Sabira are regularly recorded and scanned by the unpleasant government in her country, but they are always encrypted, and she uses a variety of methods to obscure their destination.  Fortunately you have a file containing her public key which you downloaded from a public PGP key-server (e.g. http://pgp.mit.edu/).  You always knew you should learn encryption; now you have to – fast. Read on…

The Tools

gpg4win-logo-bigYou need the GNU Privacy Guard (GPG) for Windows, Gpg4win.  Go to http://www.gpg4win.org/ to get it; just download the installer (version 2.2.1 at the time of writing) and install it as directed.  When you get to the dialog box allowing you to select components to install, select them all.  We are going to use GPA, the GNU Privacy Assistant, but you may find it interesting to have a look at Claws Mail (which is similar to Thunderbird) and Kleopatra, which is one of the tools for managing encryption keys.  There is also GPGex, a tool worth investigating which lets you encrypt files with a right-click, and GpgOL, which makes it easy to handle PGP messages in Outlook.

Now start GPA.  First time in, the Key Manager will ask you if you want to create a new private key certificate (also known as a secret key).  You can omit this step, or create a dummy one now for a fictitious e-mail address if you want to – it’s a simple step-by-step process that only involves you specifying your name, your e-mail address, and a good password or passphrase for accessing your secret key or key-pair (public plus secret keys).  We will create a serious one in a moment, using a method that allows us to look at the key in detail.  When you get to the GPA window, no keys will show up unless you just created one.


OpenPGP (or just PGP) certificates differ from those I talked about in my last article on encryption.  Here you create your own certificate, or key-pair.  From this certificate you can extract your public key, which you can then give to other people and, if you wish, upload to a public key-server like the one at MIT mentioned above.  Let’s create a serious key for you, which hopefully will last you a long time.

Creating an OpenPGP key

Creating an OpenPGP key

First choose Edit | Preferences, and check the “Use advanced mode” box . Now, from the main menu, select Keys | New Key…   You will get a dialog box as shown above.  This shows the default asymmetric encryption algorithm as RSA, which is fine.  The key size is 2048 bits, which will be good until around the year 2020, but if you are paranoid you can select 3072 bits.  Enter your full name (this will be used to search for you on the public key-servers), your e-mail address, and maybe a short comment (optional) which will appear in brackets after your name in the key manager.  You can also specify an expiry date – this is up to you, but you can change it later anyway.  Press OK.

A window will come up for you to enter a passphrase.  It needs to be a good one – you can’t change it later.  Say 12 characters, mixed upper and lower case and special characters, no recognisable words.  Something like 4gt*&PD{@#?} will do fine.  If you can make it significant to you in some way, so you can remember it, so much the better.  Otherwise write it down and store it somewhere secure. You can change it using Keys | Edit Private Key… in GPA, but only if you know what it is currently. Lose or forget it, and you have forever lost access to anything encrypted with that key-pair.

Repeat the password entry when prompted, and press OK as required.  GPA will now start to generate the keys.  It uses a special random number generator, which needs a little time to do its job.  Your new key should now appear in the Key Manager window.  Select Detailed from the toolbar to see all the key details.  Note that your key has automatically been declared Fully Valid, and that your trust in the Owner is Ultimate (because the owner is you).  If your key doesn’t appear, press Refresh on the toolbar.

John Smith's Secret Key(pair)

John Smith’s Secret Key(pair)

There’s a couple of GPA bugs to look out for here.  If you enter a password that GPA considers weak, it will warn you.  The trouble is that the warning may appear behind the GPA windows, so that you won’t see it, and GPA will appear to have stopped.  If that happens, you will need to move or minimise the GPA windows.  The same may happen with the password confirmation entry window where you repeat the password entry.  Also, if you want to set an expiry date, you must click on an actual day in the calendar window, not just change the year or month, or GPA will appear to hang.


Now you must back up the key.  Highlight the key details and select Keys | Backup… (not Export, that only backs up the public key).  A filename will be suggested containing the digital key ID; change it if you wish, but make it clear that it’s the secret keyfile, and it’s probably a good idea to keep the key ID in it.   Save it in a special folder marked e.g. Secret Key, and make sure you copy it somewhere – a USB drive or another PC – so that you can restore it if your PC becomes unusable.   If your messages are really important, you could lodge a copy with someone you trust outside your house, or your lawyer.   Don’t store anything but secret keys in the folder.  Later you will be saving public keys; store them separately and label the folder as public.  If you don’t do this, you may inadvertently send someone your full certificate file, with both keys, which would be a disaster (it has happened).   The backup option (also obtainable by right-clicking on the key) is the only way of exporting the secret key.  This is to help prevent you from accidentally sending the key to someone else.

Of course, you don’t really have Sabira’s public key, so we will have to make one up.  Create another private key, this time in Sabira’s name and using a fictitious e-mail address.  Back it up to your secret key folder.  Now export her public key to your public key folder.  Now you need to make sure that you don’t have her secret key, so delete it from the Key Manager window (you will get a warning, but do it anyway).  Now close GPA, and start it again.  This is necessary because of a bug that retains the private key even though it is supposed to have been deleted.  Now you can use Import to import her public key from where you stored it.  Sorry this is a bit fiddly, I suppose I should report the bug to the Gpg4win team.   The Key Manager should now look as below, with a yellow two-key symbol for your private key, and a single grey key for Sabira’s public key.

John's secret key(pair) and Sabira's public key

John’s secret key(pair) and Sabira’s public key

The Method

Time to send the message!   Your message to Sabira is an important statement by Senator Frank Church, quoted below in tiny print.  Just copy and paste it in into a plain-text editor like Notepad, or my favourite, Notepad++ (http://notepad-plus-plus.org/).   Don’t use a word processor like Word, because its hidden automatic formatting characters will give you problems.

Copy and Paste Message Text:
“In the need to develop a capacity to know what potential enemies are doing, the United States government has perfected a technological capability that enables us to monitor the messages that go through the air.  Now, that is necessary and important to the United States as we look abroad at enemies or potential enemies.  We must know, at the same time, that capability at any time could be turned around on the American people, and no American would have any privacy left such is the capability to monitor everything — telephone conversations, telegrams, it doesn’t matter.   There would be no place to hide.
If this government ever became a tyrant, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know.  Such is the capability of this technology.
I don’t want to see this country ever go across the bridge.  I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision so that we never cross over that abyss.   That is the abyss from which there is no return.”
Senator Frank Church (August 17, 1975).        http://youtu.be/YAG1N4a84Dk

Select the Clipboard from the GPA toolbar.  This is a special clipboard separate from the normal Windows one.  Highlight (select) the whole cleartext message in your editor, then copy it into the Clipboard, as shown below.

Plaintext message

Plaintext message

Note that the Clipboard does not have word wrap; I had to terminate each line of the message with a return to get it all to show on the image.  Normally that doesn’t matter anyway; it will appear as a formatted block of ciphertext once encrypted.

Now select Encrypt from the toolbar.  GPA will ask you to select which public key you want to use.

Select correct public key

Select correct public key

Select Sabira’s key.  Note that you can also digitally sign the message with your key; that is not necessary at this point.  We will look at digital signing later on.  Press OK.  You will get a result similar to that shown below, but not the same, since you will be using a different encryption key from me:

PGP-encrypted ciphertext

PGP-encrypted ciphertext

By default, this message is encrypted by IDEA, an encryption algorithm which, like AES, is as secure as it gets.  The randomly-selected IDEA key is encrypted by John’s RSA public key.  The whole thing has been rendered into the ASCII-armoured form, also known as Radix-64 Binary-to-Text encoding – this is so that the raw encoded bits and bytes of the message can be represented as text characters that can be sent as a normal e-mail.

It’s now almost ready to send.  Just highlight (select) the whole block, including the BEGIN and END lines, and copy and paste it into a new message window, like so:

Ciphertext message, ready to send from Windows Mail

Ciphertext message, ready to send from Windows Mail

Now, if we weren’t just pretending, you could send the message as normal.   When Sabira receives it, she of course immediately recognises it as encrypted, and starts up the GPA Key Manager, and then the Clipboard.   Then she copies and pastes the entire PGP block in the message into the Clipboard, and presses Decrypt.    GPA automatically selects her private key, and prompts her to enter her passphrase.    When she does, the message miraculously appears on the Clipboard, and she can read it and copy and paste it elsewhere as required.   She also saves your attached public key somewhere convenient, and uses Import on the toolbar or Keys | Import Keys… to import it into her keyring so she can return an encrypted message to you.   (If you had uploaded it to a key-server, she could of course also get it from there).

One more thing – you probably want to keep a copy of your message, but because it’s secret you don’t want to leave the copy unencrypted.  It’s no good keeping a copy of the encrypted message to Sabira – only she has the private key that will decrypt it.  (Try pressing Decrypt in the Clipboard after you have encrypted a message using her public key).  So clear the Clipboard and paste in your message again, select your own key in the Key Manager, and press Encrypt.  (This time, when you press Decrypt, you should get the original message back).  Copy and paste the encrypted message to a text file, save it, and of course delete the original cleartext.  Actually you can encrypt the message to Sabira and to yourself at the same time – just select both Sabira’s key and yours at the same time, and you will find that you get longer PGP ciphertext which you can now decrypt.

When you get the ciphertext reply from Sabira, encrypted with your public key, copy and paste the block into the Clipboard and press Decrypt.  GPA will automatically use your secret key to produce the cleartext.

Basically, that’s it.  You can now encrypt your messages to Sabira, and decrypt her replies.

That’s my take on the subject; now for the celebrity version – PGP as taught by a master, in the video that helped make history, “GPG for Journalists: “gpg4win” edition”:

[vimeo]http://vimeo.com/56881481[/vimeo]

Although the voice-over is electronically garbled, you should be able to make sense of it now.   If you’ve heard any of his interviews, you’ll recognize the voice patterns after a few minutes.

Now you might want to get some practice, and maybe find out about digital signing and smoother, less awkward ways of encrypted communication.  There’s a young lady in Germany ready and waiting for your messages, and she’s a real cracker…   I would go on, but there is a circumstance beyond my control, my Editor, who insists that we try to inject an element of suspense into this tale of espionage, by holding over the sequel until next week.   So hasta la vista, and I’ll be back… don’t miss Adele!

*This is Part 1 of a 2 part series. Part II of this article shows you how to put email encryption into practice and, of course, introduces Adele… you can follow on to Part II here: Pretty Good E-mail II – Practice makes Private

 

About the Author

J Martin Ward

Erstwhile physicist, software engineer, and manager of projects from wind turbines to weather radar, Martin is now engaged in plundering the riches of the web’s store of free, not-so-free, and open source software, both Linux and Windows. As well as staggering slowly up the learning curves of C++ and Java, he takes an intense interest in the machinations of the NSA and GCHQ, and civil liberties generally, which leads naturally to dabbling in encryption and computer security; he hopes to share some of his more profitable experiences with you.