Preparing for the ALE Key-Signing Party

A keystroke-by-keystroke guide

Charles Shapiro
Gracious Assistance by Judy Thompson
[ed Aaron Ruscetta]
28 Nov 2011

There are two kinds of cryptography in this world:
cryptography that will stop your kid sister from reading your files,
and cryptography that will stop major governments from reading your files.

Bruce Schneier, _Applied_Cryptography_

Introduction

Modern cryptography involves codes which have separate encryption and decryption keys. The mathematics involved ensures that it's difficult or impossible to guess one key from the other. Because the two keys are separate, it's possible to let any stranger send you a message which only you can read, or to identify a message's only possible originator as you. Both of these can be very useful on the internet, where the face-to-face interaction we are used to using to verify to whom we're talking is missing.

This guide will give you step-by-step instructions on how to create and use a two-part key with gpg (a free and open program), and how to prepare for the ALE key-signing party on Thursday the 19th of November 2009. Key-signing parties are important because they provide the crucial face-to-face interaction you need to verify that a gpg key belongs to someone; after one meeting, you can be sure that anything using that key had to come from them.

Tasks for the Key-Signing Party, in order

Before the Party

After the Party

First, Catch Your Chicken

In order to make your gpg key, you will need to have the Gnu Privacy Guard program loaded on your machine. This guide assumes that you already have this step done. Most modern linux distributions ship with gpg as part of the base operating system set. If gpg isn't on your system, you can use your package manager to load it, or download and build the latest and greatest version from the Gnu Privacy Guard website ( http://www.gnupg.org/ ). I also assume that you can get to a bash command prompt; this guide will tell you how to generate and publish your gpg key from the command line. I am also assuming that you're a version or so back from the most current version of gpg, which is 1.4.10. This seems to be the norm on the machines which I control. If you're using windows, you are pretty much on your own; I know that gpg exists for those machines, but I've no idea how (or if) it works.

To determine if gpg is properly installed and up-to-date on your machine, get to a command-line prompt and type in:
gpg --version

Also check if you have gpg2 installed by typing: 

gpg2 --version

and press <enter> . gpg should respond with something like:

gpg (GnuPG) 1.4.9
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2
Be sure that the "version" is at least 1.4; if not, you may wish to update your copy of gpg or use a machine with a more up-to-date copy.
If you DO have gpg2 installed, be sure to replace "gpg" with "gpg2" in all the instructions below.

Steps to make your gpg key

From the command prompt, type the following:


gpg --gen-key
gpg will respond with:

!:/home/devel/projects/ksdb> gpg --gen-key
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? 

Select "RSA (sign only)" (here by pressing "5" and "enter").

Note that IF you have installed the latest & greatest gpg (gpg2), you can chose the default of generating an RSA/RSA key pair (a public key and sub-key for encryption)  and you won't need to go through some of the extra steps below -- depending on platform, upgrading to gpg2 may be a simpler option.

gpg will next say:

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 

You can take the default by pressing >enter< here.

Next, gpg will say:


Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) 

You probably want to make a permanent key, unless (a) you're very paranoid or (b) you're making a key for some special purpose which will expire. To make a permanent key, just press <enter>.

gpg will next give you a chance to go over these steps:


Key does not expire at all
Is this correct? (y/N) 

Press "y" and <enter> here.

gpg will respond with:


You need a user ID to identify your key; the software constructs the
user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) "

Real name:

This is slightly confusing. You need to type **only** your real name here; in the example I'll use the name "Millicent Arondofique":

gpg then says:


Real name: Millicent Arondofique
Email address: 

After you enter an email address, it then asks for a comment:


Real name: Millicent Arondofique
Email address: millicent.arondofique@tomshiro.org
Comment: 

After you enter a comment, gpg then responds with:


You selected this USER-ID:
    "Millicent Arondofique (Example gpg key)
    <millicent.arondofique@tomshiro.org>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? 

Press "O" and hit <enter> here.

gpg will then ask for a passphrase:


Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

Enter passphrase: 

The gpg passphrases have no length limit. I tend to rely on length more than Caps and 9umbers, although your mileage may vary here. A phrase or bit of poetry can work well here. If you lose or forget your passphrase, you will lose the ability to revoke the key as well as the ability to use it, so it's important to be able to keep this safe.

Next gpg will ask you to repeat it:

Repeat passphrase:
After this, gpg will actually generate the key:
We need to generate a lot of random bytes. It is a good idea to
perform some other action (type on the keyboard, move the mouse,
utilize the disks) during the prime generation; this gives the
random number generator a better chance to gain enough entropy.
......+++++
..+++++
gpg: key D5884111 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model
gpg: depth: 0 valid: 4 signed: 20 trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: depth: 1 valid: 20 signed: 3 trust: 20-, 0q, 0n, 0m, 0f, 0u
pub 2048R/D5884111 2009-11-15
Key fingerprint = E8ED 6BCB 08FA EDAD 4DB0 CD11 6D73 AA10 D588 4111
uid Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>

Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.

On the latest and greatest versions of gpg, you won't see the last couple of lines here; on versions before 1.4.10, you will need to generate a sub-key of this key to use for encryption.

The key is actually generated inside a pair of files located in your ${HOME} directory called ".gnupg". If you look inside that directory, you'll find a "pubring.gpg" and a "secring.gpg" file; these files are where the keys you created actually reside. You'll use gpg to manage and export them from here. Make sure to keep these files backed up or distributed; if you lose your "secring.gpg" file, you're basically in the same boat as you are if you forget your passphrase. The "pubring.gpg" file contains the parts of the key which you'll publish, so it is marginally less critical -- but you probably want to keep it backed up as well, because that's where all your friends' public keys go, and it'll be painful to reconstruct should you lose it.

Generating an encryption sub-key

Assuming you're using gpg 1.4.9 or earlier, you need to generate an encryption sub-key for your main RSA key. Start by re-invoking gpg:

gpg --edit-key "Millicent Arondofique"
(You will of course, use your own name rather than Millicent's). gpg will respond with something like:
gpg (GnuPG) 1.4.9; Copyright (C) 2008 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub 2048R/D5884111 created: 2009-11-15 expires: never usage: SC
trust: ultimate validity: ultimate
[ultimate] (1). Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>

Command>

At gpg's command prompt, type "addkey":

gpg will respond with:

Key is protected.

You need a passphrase to unlock the secret key for
user: "Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>"
2048-bit RSA key, ID D5884111, created 2009-11-15

Enter passphrase:

After you enter the passphrase for your key, you should see:

Please select what kind of key you want:
(2) DSA (sign only)
(4) Elgamal (encrypt only)
(5) RSA (sign only)
(6) RSA (encrypt only)
Your selection?

You want an "RSA (encrypt only)" key, so enter "6":

Next, select the length of the RSA key:

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)

The default is fine here. Next, select the expiration date for the key. This should match the expiration date for the primary key.

Please specify how long the key should be valid.
0 = key does not expire
= key expires in n days
w = key expires in n weeks
m = key expires in n months
y = key expires in n years
Key is valid for? (0)

After making your choice here and pressing <enter>, you should see a "correct" dialogue:

Is this correct? (y/N) 

Press "y" and <enter> here. You'll see another question:

Really create? (y/N) 

Press "y" and <enter> here to generate the key.

gpg will grind for a while and then respond with:
We need to generate a lot of random bytes. It is a good idea to
perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
...............+++++
.........+++++

pub 2048R/D5884111 created: 2009-11-15 expires: never usage: SC
trust: ultimate validity: ultimate
sub 2048R/A1187D79 created: 2009-11-15 expires: never usage: E
[ultimate] (1). Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>

Command>
Press <ctrl>-D to exit and say "y" to the "Save changes? (y/N)" prompt.

You have now created your gpg key on your local machine. You can test it with the following commands:

gpg --list-key "Millicent Arondofique" should list the key:
!:/tmp> gpg --list-key "Millicent Arondofique"
pub 2048R/D5884111 2009-11-15
uid Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>
sub 2048R/A1187D79 2009-11-15

Note in this listing the 2 numbers separated by a slash ("/") character. The left number is the size and type of the key. The right number ("D5884111" in this case, although yours will be different) is its key ID, which is the common un-ambiguous way to refer to a gpg key. This is what you would print on your business card so that other people can look your key up on a public key server. It is part of the "key fingerprint", which is what we will use in the formal setting of the keysigning party to verify that this is your key. You can see your key fingerprint with the list-key command, using your ID rather than Millicent's:

gpg --list-key --fingerprint D5884111

pub 2048R/D5884111 2009-11-15
Key fingerprint = E8ED 6BCB 08FA EDAD 4DB0 CD11 6D73 AA10 D588 4111
uid Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>
sub 2048R/A1187D79 2009-11-15

To encrypt a file, use the "encrypt" command on it. If you need to send it through email, the "--armor" option will convert the encrypted file to an all-ASCII representation. This is slightly bigger but guaranteed not to be corrupted in transit:

gpg -r D5884111 --armor --encrypt gorey.txt

You can, of course, also use the name:

gpg -r "Millicent Arondofique" --armor --encrypt gorey.txt

This will get you a file with ".asc" appended to its name ("gorey.txt.asc" in the example). The contents should be encrypted; if you cat(1) it out to the screen, it should look something like this:

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.9 (GNU/Linux)

hQEMAyH27YShGH15AQf/dT515stF4o4+HOfRCDyKTVyKOKhpPt8BjrMa3076fHzH
jrvRZz2kmzIiJRXmp16SKu4dbtZqdMzF71pDIkE1+PNTTciGLjqWlVnQGnP0qiXy
B0FjW3fdc0P9nFBCKktHMCC5POH7+UE70OE7ko8c7bb0Ac9Z7i9+28kfCFxcQeK7
YuEEy9Twkp8X4yIXzX6JhkfLTsus1Rna9d2r1h2MN1W9DXhA1wmwcwek8SR/yNLR
foY8pjfgraepLG12ZS9MY2uvXoI0hXFL6XgXmBH5SSxvJ9fenqptvbzYqFtzTWOs
/j2axn/9n4jr4fSAtvjCjvExlykNicBAvXQ2HOfCb9LpAbRoSunv8y5cpbQZjQKS
Uqk51FAnwpJ0H1h6uZEO/uZiYtR/Hhg3gpMoy3ITayob6+JW7d7NBTNa0B7Ut+WU
/3FzB0BdUJltIoUOBeeF2STCsPsNVOf4nAx3mgxGo2K/pKKXpOSjeZQbm8WodJa7
+rGPltt2Pegdutvtv3mAXk3QmlbMqm7tZQ1I5MI0KlKe9h0/RhNQjW2Jdp7cz92/
GJHkwSWwOl8Ql9ticf5xK1kN0zfX45hsbK57PMwJmStqbdYSAov8pCUr0OEj5UCs
ZB9zExKEP41p1n3RLdjF2BCi3i6q6nJMdO8mjA9tDGy8cbg/OjA/K00QJXLWvtnT
5Q9dEZaxyzL8TkpGHHFPlT4BXPTc090nnZMpFGLEQ6Y8/z+YBVlPGsty8gBaAWWg
dZb8vJ8C29ycqY++GJ1jkZGs2BuxBti7Stz+ALXg8DlQ0ZAJcfr/MEqAaBCKA25T
BGexkWQ6RaBUKE/DTaNjx2la1+ahleDZUEvZEa/ebs6Jel6MM101MiWzEuRG+3vA
FfY3CVnkNnXLjofJS/KNnl92HZbBFf6s2orVRDeppOaUN5Fyo/d6ZKGmcRxFa/kf
IQXPqIWfRBTPBGqjWvBnKyIc82ay2KZ+CSAcAOTZ4AVQsaYuKGwrxrSKpJ1mYcZ/
ZgbhL/DQ2GisE7fFeBCc4ioziH6M1/390e28cTSY4pFg8yKv4GbYb+X8e8s3DuWH
cYPqLKxV7AvuuWMhSX9QcvQCBW08
=9lFc
-----END PGP MESSAGE-----

You can decrypt the file with the "--decrypt" command:

gpg --decrypt gorey.txt.asc

gpg will ask for your passphrase:

You need a passphrase to unlock the secret key for
user: "Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>"
2048-bit RSA key, ID A1187D79, created 2009-11-15 (main key ID
D5884111)

Enter passphrase:

And when it is correctly entered it will decrypt the file to stdout. You should see the original contents of your file on the screen.

Publishing your Key

In order for your friends to use your key to send you stuff, and in order for you to be able to prove that you sent something, you must publish the public part of your key to the world. You do this by using gpg to upload it to a key server. The interweb contains many key servers, and they communicate with each other, so it's only necessary to publish your key once; eventually all the key servers will know about it. We are using ubuntu's key server ("keyserver.ubuntu.com") for this party, but many other organizations run keyservers. One of the most famous is run by MIT ("gpg.mit.edu"). To publish your key, use gpg as follows (using your key ID instead of Millicent's, as explained earlier):
gpg --keyserver keyserver.ubuntu.com --send-keys D5884111
gpg will hold for a little while, then respond with:
gpg: sending key D5884111 to hkp server keyserver.ubuntu.com

At this point you should be able to see your key on the keyserver by pointing your browser at "http://keyserver.ubuntu.com:11371" and typing your name into the first box. The key ID search feature appears slightly broken on ubuntu's site, but usually you can search for a key by its ID as well by prefixing the ID with "0x".

*Sending your Key to the Partymaster


*Getting the keys of the other people in this key-signing party



*==>>  FOLLOW DIRECTIONS PROVIDED BY THE HOST FOR THIS PARTY AT
*==>>  <
http://ale.org/static_pages/keysign_party_111208.html >
*==>>  (Required process items 2 though 11)

Signing a Key

The "Web of Trust" works by having validated key-holders verify that other key-holders are valid and then signing their keys. You need to sign the key of everyone you saw with their key at the key-signing party. If you were there, they will do the same for you, and your key will also become more trustworthy. To sign a key on your keyring, use the "sign-key" command:

gpg --sign-key  D5884111

gpg will display the key you wish to sign and give an "Are you sure?" message:

pub  2048R/D5884111  created: 2009-11-15  expires: never       usage: SC  
trust: ultimate validity: ultimate
sub 2048R/A1187D79 created: 2009-11-15 expires: never usage: E
[ultimate] (1). Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>


pub 2048R/D5884111 created: 2009-11-15 expires: never usage: SC
trust: ultimate validity: ultimate
Primary key fingerprint: E8ED 6BCB 08FA EDAD 4DB0 CD11 6D73 AA10 D588 4111

Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>

Are you sure that you want to sign this key with your
key "Charles Shapiro (correct email address)
<charles.shapiro@tomshiro.org>" (8C387D47)

Really sign? (y/N)

You can verify the fingerprint of the key you're about to sign with the paper you brought back from the party. If they match,say "y" here, and gpg will ask for your passphrase:

You need a passphrase to unlock the secret key for
user: "Charles Shapiro (correct email address)
<charles.shapiro@tomshiro.org>"
1024-bit DSA key, ID 8C387D47, created 2003-01-30

Enter passphrase:

If you enter the correct passphrase, gpg will sign the key and exit.

You can now see the signature if you list the key with the "list-sigs" command:
gpg --list-sigs D5884111

pub 2048R/D5884111 2009-11-15
uid Millicent Arondofique (Example gpg key) <millicent.arondofique@tomshiro.org>
sig 3 D5884111 2009-11-15 Millicent Arondofique (Example gpg key) <millicent.arondofique@tomshiro.org>
sig 8C387D47 2009-11-15 Charles Shapiro (correct email address) <charles.shapiro@tomshiro.org>

To update the key server with your new key signature, simply send the signed key to it:

gpg --keyserver keyserver.ubuntu.com --send-keys D5884111

After a short time, you should be able to search the key server for the key you signed and see your signature on it.

Revoking a Key

You cannot remove a key from the network of key servers. Under some circumstances (for example, making an example key which will never be legitimate), you will want to mark your gpg key as unusable on the servers.

Start by using the "gen-revoke" command to make a "revocation certificate":

gpg --gen-revoke D5884111

sec 2048R/D5884111 2009-11-15 Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>

Create a revocation certificate for this key? (y/N)

Press "y", and gpg will respond with:

Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 3

Next, you will get a chance to enter a comment:

Enter an optional description; end it with an empty line:
> This is an example key with no legitimate use.
>

Next, you'll get a "go back" dialogue:

Reason for revocation: Key is no longer used
This is an example key with no legitimate use.
Is this okay? (y/N)

Press "y" and <enter> here, and gpg will prompt for the key's passphrase. Get that right and you'll see:

You need a passphrase to unlock the secret key for user:
"Millicent Arondofique (Example gpg key) <millicent.arondofique@tomshiro.org>"
2048-bit RSA key, ID D5884111, created 2009-11-15

ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable. But have some caution: The print
system of your machine might store the data and make it available
to others!

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: A revocation certificate should follow

iQFNBCABAgA3BQJLACoTMB0DVGhpcyBpcyBhbiBleGFtcGxlIGtleSB3aXRoIG5v
IGxlZ2l0aW1hdGUgdXNlLgAKCRBtc6oQ1YhBETpKCACMTiyCrLVg5igYC0462jvU
ET9lbzHyvy0NFF0JBsKGC9U4EPt/CNv5/hyHQKStJEjEARzZrC/n1qhGcrzxtdbz
FScyPbssvL5tc1iCPkHk9492iEK77AlYOQOxj707E71NUZfADT0lYasBz447ycpz
IFLsj2Yp+0QRPHdt3Qffym2aelRJbGuQbHR8lXhEsIRzMndK8kGxrr8e2bj7wP3r
qMT5KwmIZAvtgnneOsIoEdJKQuK1mgVO0viyanh3MmsHFAp9rW4EFAqOMok/iToD
mnQx9QwDzPY0OQBdMY4NecHTi1ht4kFUkfI9qfV0LgivYtq2Y26QUd34CcujsT9l
=4wK2
-----END PGP PUBLIC KEY BLOCK-----
!:/tmp>
Use <copy> to put this into a text file, beginning with the -----BEGIN and ending with the BLOCK-----

Import this revocation into your local keyring:

gpg --armor --import millicent.revoke

gpg: key D5884111: "Millicent Arondofique (Example gpg key)
<millicent.arondofique@tomshiro.org>" revocation certificate imported
gpg: Total number processed: 1
gpg: new key revocations: 1
gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model
gpg: depth: 0 valid: 4 signed: 20 trust: 0-, 0q, 0n, 0m, 0f, 4u
gpg: depth: 1 valid: 20 signed: 5 trust: 20-, 0q, 0n, 0m, 0f, 0u

If the import was successful, you can update your key server with the revoked key:

gpg --keyserver keyserver.ubuntu.com --send-key D5884111

If you search for the key, you should now see an indication that it has been revoked:

sig revok  D5884111 2009-11-15 __________ __________ [selfsig]

Chicken Soup for Your Security

As a group, most of the members of ALE would strongly agree that GPG is an extremely valuable resource for enhancing the security of your data, as well as protecting both your identity and your civil liberties in a world that is increasingly driven by computers and information technology.  We hope the detailed directions above have made it easier for you to understand the processes of generating, storing, signing, registering and using GPG keys, and have served to encourage you to create a personal GPG key and participate in the upcoming ALE Key Signing party by registering your key info at alekeyparty@wittsend.com and attending Thursday's meeting.  Full details for participating in the ALE Key Signing Party are posted at the ALE.org site.