Linux.Desktop.Hacks [Electronic resources] نسخه متنی

Hack 57. Encrypt Your Email

Because you have a right to privacy.

We all seem to take email
for
granted these days. Although we are using it for more and more
things, we rarely stop to think about its security, and regularly
include telephone numbers, home addresses, and even credit card
details inside email without a second thought. So,
it's worth reminding ourselves that email is sent in
plain text and that anyone between you and the recipient can read
this directly off the network very easily.

Two main methods are available for encrypting your email. One uses
certificates and the other uses
Pretty Good Privacy (PGP) or GNU Privacy Guard (GPG). This hack is
about the latter. It assumes you are using a graphical mail client,
such as Thunderbird, Mozilla Mail, or Evolution, but the concepts
apply equally to text-based email clients that support encryption,
such as Mutt.

GPG uses public/private key technology to secure communications. This
dual-key approach could use a quick explanation. You might want to
read this bit through a couple of times if public/private key
technology is new to you.

One of the first things you will do is generate a keypair that is
unique to yourself. As the name suggests, two keys will be generated.
One (the public one) will be distributed to all your friends, and the
other (the private one) you must keep safe. Anything that is
encrypted with your public key (the one you distribute) can be
decrypted only by your private key (the one you have for
safekeeping).

Here's how the system works. When someone sends you
an email message, she encrypts it with your public key. When you
receive the message, you decrypt it with your private key. If anyone
along the way intercepts the encrypted email, they
won't be able to read it, because they
don't have your private key. Likewise, when you send
email to your friends, you should encrypt the message with their
public key. This is why it is important that you share your public
key with as many people as possible so that they can send you
encrypted email. You can also upload your public key to a key server.
These servers host public keys and give them to users who request
them so that they can send you a message.

In case you are wondering, by the way, the public and private keys
are mathematically related, but having one doesn't
mean you can reverse-engineer it to become the other. This fact is
mathematically proven and is the heart of any public/private key
system. You can, and should, give everyone your public key and even
put it on a public key server. The only thing people can do with this
key is encrypt stuff for you. So long as you keep your private key
secret, you will be secure.

8.4.1. What You Need

Email clients require the first of the following two items to encrypt
email; Thunderbird also requires the second item.

GPG

The GNU Privacy Guard, which performs the encryption/signing of your
messages. It is available at http://www.gnupg.org/download/.

Enigmail

A nice plug-in for Mozilla-based mail clients such as Thunderbird. It
is available at http://enigmail.mozdev.org/downloadl.

8.4.2. Creating Your Keypair

As I stated earlier, most distributions come
complete with GPG these days, so your first step is probably to
create a keypair for each email account that you want to use. The
process is quite straightforward, and although the Enigmail plug-in
can do some of this for you, I think it's prudent to
be able to configure GPG from the console.

To begin, you need to run the gpg command with the
--gen-key switch to generate a key:

foo@bar:~$ gpg --gen-key
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) RSA (sign only)

You are asked which type of key you want to generate. The default is
DSA and ElGamal, and that is a good choice as the other two options
allow for only signing, not encrypting and signing.

DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
minimum keysize is  768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
What keysize do you want? (1024)

Next, you are asked what size you want the keys to be. Your answer
really depends on your level of paranoia. The default of 1024 is
fine, but it doesn't hurt to use 2048.

Please specify how long the key should be valid.
0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)

Now you are asked how long you want this key to be valid. Here I
suggest you don't accept the default (which is that
it doesn't expire). It is best practice to change
keys occasionally, so I suggest you choose either one or two years.
To do this you simply type:

Key is valid for? (0) 2y

This sets the key lifetime to two years. After two years you will
need to generate a new set of keys.

You need a User-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: Joe Blogs
Email address: joe.blogs@foobar.com
Comment: 
optional comment

Once you have confirmed the key lifetime you are asked for your name
and email address. Note that the output of the program is somewhat
confusing here. It states that you need to enter the information in a
specific way, all on one line. This is not true; you need to enter
this information on three separate lines, and press Enter after you
enter each value. The comment field is optional.

You selected this USER-ID:
"Joe Blogs <joe.blogs@foobar.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit?

Here you are asked if you want to edit any of the fields, or type
O to continue or Q to quit.

Enter passphrase:
Repeat your passphrase:

Finally, you are asked to type in a passphrase to protect your secret
key. The thing to remember here is that it is a
passphrase, not a password.
A passphrase typically consists of a sentence such as
"I love eating cheese," and the
longer the passphrase, the better. When you have added it, you are
asked to confirm it by typing it twice. Then your keys are created
and saved in your GPG keyrings that are located in
.gnupg in your home directory. You have two
keyrings, because one contains only other people's
public keys and one contains only your private key.
It's a good idea to back up your secret keyring
(.gnupg/secring.gpg) to a safe place because if
you lose your private key, you can't re-create it
and you will not be able to access encrypted messages that have been
sent to you.

It's critical that you choose a very strong passphrase: using a key with a high level of encryption with a short passphrase is like building a bank vault but securing the door with only a piece of string. If your passphrase is weak, you leave your private key vulnerable to brute-force dictionary attacks if it ever falls into the wrong hands.

8.4.3. Publish Your Key to a Server

Now that you have your key, it's a good idea to
send it to a public key server. A key server
is a public resource that will provide a means for you to distribute
your public key to those who need it to encrypt email to you. It is
also a place where you can download their public keys, should you
need to encrypt email to them. You have to upload it to only one key
server, because the key servers replicate with each other. Here is
the command to upload your key:

 foo@bar:~$ gpg --keyserver  --send-key joe.blogs@foobar.com

To save some typing, store values for options such as the key server name in ~/.gnupg/options.

Enigmail supports a number
of key servers by default:

8.4.4. Installing Enigmail in Thunderbird

Download copies of the Enigmail and Enigmime
modules, for your version of Thunderbird, from http://enigmail.mozdev.org/downloadl.
Enigmail handles the basic encryption and decryption while the
Enigmime enables PGP/MIME-formatted email. (Later versions of the
Enigmail plug-in for Thunderbird move all this into one module.)

From within Thunderbird, select ToolsExtensions and click
Install. Now browse to the Enigmail and Enigmime modules and select
them.

You need to close and reopen Thunderbird before Enigmail will work.

8.4.5. Configuring Enigmail

Now that you have Enigmail
installed, you just need to configure it. Inside Thunderbird, select
ToolsAccount Settings and then select OpenPGP Security
under each account for which you have a key. Then check
"Enable OpenPGP support (Enigmail) for this
identity." You don't need to change
anything else (unless you want to); the defaults are fine.

Now you can sign your own emails, which is how you can start
distributing your public key to people you correspond with.

To send an encrypted email to someone, that person will need to have
her own keypair, and you will need a copy of her public key. You can
ask her to either put it on a key server or send you a signed email
(which includes her public key).

To receive encrypted email, people will need your public key
firstagain, they can get this off the key server or you can
sign an email to them.

8.4.6. Configuring Evolution

Evolution has support for
GPG built in: once you install GPG and have created a key for
yourself, you can select ToolsAccountsYour
default accountSecurity, where you will see options that
allow you to tell Evolution to do things, such as always sign
messages by default.

You will also see a field where you can enter your PGP/GPG key ID.
Type in the email address associated with your key so that Evolution
knows which key to use.

8.4.7. Keysignings

You can do many more interesting things with GPG, such as determine
if a person you never met is really who she says she is. To learn
more about keysignings and other GPG-related events, browse to
http://www.keysigning.org.

Adrian Bradshaw