Secure Storage and Email - PGP, OpenPGP, GNUGP and Truecrypt

Home

Pauline's Pages

Howto Articles

Uniquely NZ

Small Firms

Secure Storage and Email

PGP, OpenPGP, GNUGP and Truecrypt

Introduction

I have always been concerned about security of data. One aspect which affects many people is having to memorise a large number of pins and passwords with all the new opportunities for Internet transactions, we have over 50 such pins and passwords. It is all very well keeping things at the bank and having sophisticated alarms but if you have to still keep complex passwords on scraps of paper or lock up your hard disk when you leave the house it does not help. It gets even worse when one thinks about the risks to a laptop as have been brought out in the last issue of Secure Computing.

PGP (Pretty Good Privacy)

The first and still one of the best encryption tools is PGP. Pretty Good Privacy (PGP) is an application for secure e-mail and file encryption developed by Phil R. Zimmermann which was originally published as Freeware and the source code has always been available for public scrutiny. PGP uses a variety of algorithms, like IDEA, RSA, DSA, MD5, SHA-1 for providing encryption, authentication, message integrity, and key management. There were many problems with the USA government over the strong encryption employed and Phil was nearly locked up. For many years it was illegal to export the electonic code and the source was printed and then scanned in in other countries. Some of the history is still at . It now even has its own official protocol (RFC 1991).

As time has gone on PGP and regulation have been relaxed PGP has become more commercialised but a deal was done by Paul that a free version of the basic program would always remain available and that is still certainly true with version 8 which I am using and 9 which I have downloaded but not needed to install. For a period it was owned by NAI and was in the McAfee stable. and the free versions disappeared but they are once more accessible - look for Downloads - PGP Product Trial and read the print carefully and you will find it is still Freeware. This is the solution for email under Windows but for PGPDisk you are looking at about £63.

Secure Storage: PGP was initially written for secure communications, however my interest has always been more in securing files. Fortunately the versions from 1998 have not only gives high quality encryption for email but now also allows you to "mount" a completely secure virtual drive with strong encryption using a passphrase (a passphrase is groups of words which are used in stead of a password for additional security). The extension is called PGPdisk. It can be set to demount if the machine is unused for a given number of minutes (typically 15 minutes) and when you turn off. Once the drive is mounted it seems indistinguishable from a normal drive (I have it set to Z:), you even have to format it before you can use it! You can have several secure virtual drives (called volumes) which can be individually mounted with different passphrases and several passphrases can be allocated to each drive. This gives total security against not only thieves but also the kids, the partner or, in the case of firms, staff accessing confidential information. The last version which was free with PGPdisk was 6.02i where the disk package accidently leaked and I used that for many years until I changed to Windows XP which PGPdisk could not use. I have therefore bought a desktop licence for PGP 8.02 to maintain access to my files and use the Free PGP 8.02 on my other Windows machines .

Secure email: PGP use up to keys of up to 4096 bits and 128 bit strong encryption in various international standards. This level of encryption can not be broken even by a security agency and should be secure for several decades. There have been a lot of problems with this level of encryption being exported from the USA and eventually a loophole was found and each update has all the source code printed, carried out to Europe and scanned, all 6000 pages of it. The first time a team of 250 volunteers were used, it is now much more automatic. PGP was bought by Network Associates (who also own McAfee) but they still support free use of the "International" versions which was up to 6.02i when I installed. They then sold it and it is run by the PGP Corporation. PGP is integrated seamlessly into the clipboard and most standard email packages (other than Netscape) and operating systems. There is a new icon in the tooltray so you can also work on files or the clipboard (encrypt/decrypt and sign/verify and work with keys etc). There are also buttons on the Windows Explorer toolbars and entries on the drop down menus - they can also be added to most standard email packages and the clipboard can also be used. The interface is probably the most comprehensive of all the encryption packages I know and will cover here.

What are Public and Private Keys? Secure email needs cooperation between the parties and the information needed to encode and decode are called Keys - the longer the keys the higher the security - PGP can use keys of up to 4096 bits. When you want to be able to receive secure email you give people copies of your Public Key which anybody sending email to you can use to encrypt it. The key does not enable anyone to decode it - only you have the Private Key used for decryption. When you want to send email you first have to get a copy of the recipients Public Key which he can email to you or may well have on his web site or a Key Server where you can search by name or email address. When you have collected it you can add it to your Key Ring and associate it with his email address. We have not added our Public Key to a Key Server yet - we will probably eventually add it to the PGP Key Server when we are sure we are stable. Creating the keys was easy and we have made a backup to a floppy which will live in the Bank strong box. When I exported my Public Key it looked just like an ascii file full of random characters and has a .asc file type which is now associated with PGP - a recipient running PGP just clicks on it and it asks which Key Ring to add it to.

PGP Documentation and Installation: This can only be an overview of a very powerful utility which seems to have been thought through. There are many additional things you can do including deleting files so they can not be recovered and clearing all the unused disk space of fragments of information. I do not have the time to cover all these or go into the background so it is well worth having a look at PGP Corporation where there are series of manuals and background documentation.

Impressions: I have been using it now for over 7 years on many of my machines primarily for the secure drive facility (PGPdisk) and my impressions are very favourable. It is very quick to "mount" the secure drive after which you can work as normal on the Z or whatever you have chosen drive. If you set up short cuts to your files or whatever you quickly get reminded when the programs can not find the file or drive. It only took 25 seconds to mount my secure drive when I just tried it, most of which was entering my long passphrase.

I have experimented with email and again it was all fairly obvious - once the buttons have been clicked they remain down until you send and then you are asked to select the recipients public key from your keyring and the message is encrypted and signed by you entering your passphrase. Decrypting is a single click and passphrase entry and the message is in clear. You can save the changes or just close it and leave it encrypted. Sending or receiving an encrypted message probably takes an extra minute which seems quite acceptable.

OpenPGP

Since the sections above were written a lot has happened over and above what I have edited in. PGP in its initial form was completely open and the PGP Corporation which took over from NAI once more respect its background and provide source code for inspection. The Open Source movement also became involvedand the OpenPGP Alliance was formed to protect PGP when it fell into the hands of NAI. The result is that OpenPGP is now the most widely used email encryption standard in the world. It is defined by the OpenPGP Working Group of the Internet Engineering Task Force (IETF) Proposed Standard RFC 2440. The OpenPGP standard was originally derived from PGP (Pretty Good Privacy), first created by Phil Zimmermann in 1991.

Encryption on Linux machines - GNUGP

As those who have come to the page from my Fun with Ubuntu Linux pages will know I have seen the light and am escaping from the security nightmare of Microsoft Windows and am shifting to Ubuntu Linux for all mobile activities and most serious work at home. An early priority was to investigate encryption under [Ubuntu] Linux. In tthe same way that OpenPGP use on Windows machines is still dominated by the original PGP now provided in Free and paid versions by PGP Corporation Linux has GNUGP. The GNU Privacy Guard is fully OpenPGP compliant, supports most of the optional features and provides some extra features. GNUPG is used as the standard encryption and signing tool included in all significant GNU/Linux distributions and offers a superset of the usual PGP standard but with defaults are compatible with the encryption levels available in PGP 8 which we are using. GNUPG is in fact not only freely available for GNU/Linux, nearly all other Unix systems but also Microsoft Windows and some other operating systems. As a GNU program it can be used commercially or non-commercially without any costs.

The basic access is through the gpg program which operates in terminal mode. To show that terminal access is not that bad I have included some examples. The following encrypts and decrypts files on the desktop in a way compatible with pgp ie the .pgp extension - the default extension and action gives a file with a .gpg extension added.

gpg --encrypt ~/Desktop/homewine.htm --output ~/Desktop/homewine.htm.pgp

gpg --decrypt ~/Desktop/homewine.htm.pgp --output ~/Desktop/homewine.htm

The above - for clarity - used the long format for the commands and, for example, the encryption can done with just

gpg -e ~/Desktop/homewine.htm  -o ~/Desktop/homewine.htm.pgp

or even

gpg -e ~/Desktop/homewine.htm

with encrypt into homewine.htm.gpg on the desktop

Most Windows users feel that even simple Command line operations are a retrograde step whilst forgetting they are still integral in Windows for any system work. Linux users tend to like command line operation in many cases and even converts from Windows like myself have to admit it often makes things quicker and more flexible. For those who wwant to avoid using a terminal then a GUI interface to gpg has been writen called Seahorse (which can be installed by Add/Remove on Ubuntu) which certainly handles the creation and management of keys much easier tha using gpg directly. It also adds facilities into the text editor and file browser. One only has to right click on a file to get to an encryption option and there are encryption/decryption in the text editor which work fine as does the GUI programme to create and manage keys. Double clicking on a .gpg file brings up the screens to open it but there seems to be a problem in Seahorse 8.1 or Ubuntu Dapper Drake which prevent the same for .pgp files although they were equally acceptable elsewhere. After a bit of searching and playing about I realised that if worked when the .gpg extension was used it was a simple job to add the same program as an option for opening .pgp files namely seahorse --decrypt using the right click menu on a .pgp file -> Open with other application -> Use a Custom Command and filling in the box with seahorse --decrypt .

In the same way as Outlook has options built into it by PGP, Evolution has built in encryption and signing for emails using keys created in terminal mode or managed by Seahorse. Full details of how to set it up and use it are in the Evolution help files. Regretably, there is currently no support in Thunderbird under Windoz or Linux

Linux - Secure deletion of data - shred

The other feature which is required for looking after data securely is a way to erase files without traces. It is no good being able to encrypt a file if you can not delete the original or working copies. PGP under Windows offers a Secure Delete option. Linux has a built in command shred which does a multiple pass write of data selected to make a read based on residual information at the edges of the magnetic tracks almost impossible before the file is deleted. This is not foolproof for all file systems and programs as temporary copies made be made and modern file systems do not always write data in the same place however on an ext2 or ext3 system with the default settings in Ubuntu Linux it is acceptable. Do a man shred to find out more.

Secure Delete - a Linux Scripting Example

This section originated on my Fun with Ubuntu Linux pages and has been lifted and dropped here for completeness - it should work on all Linux distributions as it is actually all very basic stuff when you look closely although it is very useful.

There is no GUI interface for shred so I used this as an excuse to write a simple script. This took a few evenings to get up the learning curve of programming in the scripting language called bash and learn more of how the system was set up which will pay off handsomely in the future. A good place to start on scripting is LinuxCommand.org: Learning the shell. The important piece of information is that the addition of a path to a /bin directory is set in ubuntu linux in .bashrc not .bash_profile as is described in some places. Also note that files starting with a . are hidden - use View -> Hidden Files in the File browser to find them. The lines I added were:

# Additions to the standard ~/.bashrc file to set up path to
# /bin directory in home folder
PATH=$PATH:~/bin

I then had a folder in which to put script files which could be accessed from any directory. My first script to shred a file follows - if you want to follow it in detail remember that man any_command gives a summary of what it does and its options:

#!/bin/bash
#
# script to shred a file ~/bin/Shredfile
# echo "This will Shred - overwrite many times - and"
echo "delete a file in a secure manner"
echo "The filename should include the path"
echo "from your home directory"
echo "eg /Desktop/filetoshred.doc or /Safe/filetoshred)"
echo -n "Enter Filename to Shred ? "
read filename
temp=/home/pcurtis$filename
if [ -f ~/$filename ]
then
    echo "File $temp will be deleted"
else
    echo "File $temp does not exist"
    echo "Hit Enter to exit ? "
    read
    exit
fi
echo "About to Shred" $temp "!!!"
echo -n "This is irrevocable - y to continue or n to Abort ? "
read t1
if [ "$t1" = "y" ]
then
    shred -n 50 -u -z -v $temp
else
    echo -n "Aborted- hit any key to exit ? "
    read
    exit
fi
echo -n "File shredded - hit any key to exit ? "
read
exit

The reads at the end of each part are necessary to prevent the Terminal Window closing before you have seen what happens.

The script files must be given the correct permissions by

chmod 755 scriptname

The last step is to create a launcher on the desktop which can also be dragged onto the bars. Right click anywhere on the desktop -> Create Launcher Fill in a name; browse to the ~/bin directory and script name; tick run in terminal; add an icon if required and that is it. The Launcher can also be dragged onto the panel.

It all sounds very simple but it took me a while to get scripting together the first time despite having done some programming in my time.

Truecrypt for Windows and Linux

What you will have noticed is that neither the freeware PGP or GNUPG offer the encryption of whole directories or provide virtual drives - a feature which I make more extensive use of than encrypted email - although in most cases a single encrypted file surfices. Whilst I was initially looking into encryption for Linux I came across some references to TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows XP/2000 and Linux which attracted me because it does almost exactly what I wanted, namely it:

Creates a virtual encrypted disk within a file and mounts it as a real disk.
Encrypts an entire hard disk partition or a storage device such as a USB drive
Encrypts automatically, real-time (on-the-fly) and transparently.
Uses the best of strong encryption algorithms.
Provides two levels of plausibility deniability, in case an adversary forces you to reveal the password:
Conceived in 2003 - now on Version 4.2a with a strong support team
Supported by Steve Gibson, a security guru who led me to ZoneAlarm

In other words it does very much what PGPDisk does - it creates a Virtual Disk with the contents encrypted into a single file or onto a disk parttition or removable media such as a USB stick. In fact it does it rather better than PGPDisk in many ways and in the Windows version it has all the same automatic demount etc options. The encryption is all on the fly so you have a file, you mount it as a disk and from then on it is used just like a real disk and everything is decrypted and re-encrypted invisibly in real time. The virtual Drive is unmounted automatically at close down and one should have closed all the open documents using the Virtual Drive by that point just like when you shut down normally. The advantage is that you never have the files copied onto a real disk so there are no shadows or temporary files left behind and one does not have to do a secure delete. I have loaded it onto two of my Windows systems and will probably replace PGP or add it on the other machines following some negotiation with management. The Windows version is extremely versatile and can be run from memory sticks etc.

Truecrypt obviously installs deep into the operating system in order to encrypt decrypt invisibly on the fly. This has meant in the past that it was specific to a Linux Kernel and had to be recompiled/installed every time a Kernel was updated. In fact the early versions demanded a rebuild of the Kernel itself which was beyond what I wanted to do. A procedure has now been developed which makes the installation much easier which is fully described at Installing Truecrypt 4.2 on Ubuntu 6.06 - Ubuntu Forums One needs to check carefully in the forums and have the latest version of the Kernel but for me it only involved:

Downloading the TrueCrypt 4.2a debian (.deb) installer from http://www.truecrypt.org/downloads.php to my home directory.
cd
#Assuming a 32-bit Kernal
tar -xvf truecrypt-4.2a-ubuntu-6.06-x86.tar.gz
cd truecrypt-4.2a
# Note instructions in the forum recipe are wrong and the -i below is needed
dpkg -i truecrypt_4.2a-0_i386.deb
# Set permissions for all users
sudo chmod u+s /usr/bin/truecrypt

And that is it for Ubuntu Linux, other Debian flavours ought to be easy as well. The command line interface is simplistic but if one cheats and builds a few encrypted files of different sizes on a Windows system then only two commands are essential

# Mount the cryptfile to mountpoint, a folder you have previously created
# The -u option is needed to set the permissions to the user otherwise you can not write back to the Virtual Disk
truecrypt -u containerfile mountpoint
# eg truecrypt -u ~/Safe/tc01092006.tc ~/Safe/vd where an empty vd directory exists under ~/Safe # Unmount all Virtual Disks
truecrypt -d
# If you want to create a container the following command takes you through the steps interactively
truecrypt -c

These are going to be much repeated commands and make an excellent example of the use of aliases which are added to the end of the ~.bashrc file

# Additions to the standard ~/.bashrc file to set up path to
# /bin directory in home folder to hold scripts
PATH=$PATH:~/bin
# Additions to the standard ~/.bashrc file to set up aliases
alias openvault='truecrypt -u ~/.Vault.tc ~/Vault'
alias closevault='truecrypt -d'

In my case I have also created script files which are Launched from the desktop (Right Click -> Create Launcher).

#!/bin/bash
# Example script (stored in ~/bin) to open a truecrypt vault file and display the folder.
truecrypt -u ~/.Vault.tc ~/Vault
nautilus --no-desktop ~/Vault

Pocket PCs

The combination of techniques above keep my data and email communications secure on the desktop and whilst mobile under Windows and Linux. I have found a similar program to Truecrypt which runs on my XDA Exec Pocket PC called Cryptainer PPC LE, an Encryption program providing a virtual encrypted and compressed drive of up to 2 Mbytes in its free version for the Pocket PC. The matching free Windows version is limited to 25 Mbyte containers and it is not available for Linux hence my current choice of TrueCrypt. If you only have Windows and Pocket PCs then you should try both as it may be a better choice for you.

Securing Form Data handling using PHP scripts and GNUPG on Linux servers

This is an area currently being worked on and can be found at PHP Scripts and Ubuntu Linux Servers where there are test code fragments which are sufficient for an experienced programmed to write and read files using PHP and to encrypt and decrypt them to safely send the output of forms by email or to save them in a folder for downloading.

Copyright © Peter and Pauline Curtis
First written: 13^th July, 1999
PGP Content revised: 7^th September, 2001
Comprehensive update and Linux sections added: 13^th November, 2006