Public Key Encryption

Purpose:

The GNU Privacy Guard (GPG) logo.

The GNU Privacy Guard (GPG) logo.

Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG) are both public key encryption cryptographic software used to authenticate the identity of people sending messages and to encrypt and decrypt email messages and documents. The key difference between the two is that PGP is paid-license software owned by Symantec. Whereas GPG uses a GNU General Public License, meaning that the code can be modified, used and distributed free of charge. PGP and GPG are both OpenPGP compliant [OPP01] implementing the Internet Engineering Task Force (IETF) approved standard for encryption technologies [IET01] thus ensuring that they are interoperable with each other so that a message sent by one can be read by the other.

Another implementation for email encryption includes S/MIME (Secure/Multipurpose Internet Mail Extensions). It is an alternative to PGP/GPG used mostly by businesses that use large corporate computing infrastructures such as IBM, Microsoft and other vendors that offer commercial email packages and web browser software. It differs from PGP/GPG in that it does not exchange personal keys but relies upon the use of a common certifier that they both use [DFB01].

The aim of all of these is to enhance privacy by enabling people to sign, encrypt and decrypt electronic data, protecting the content of emails to ensure that third parties cannot read email communications.

Software applications

Software that utilise public key encryption include:

  • TrueCrypt – a discontinued freeware utility used to create a hidden encrypted virtual disk within an operating system such as Windows, Mac OS, and Linux. In this way it is not a protocol for sending secure email over the network, rather, it is a method for encrypting documents on a computer that remain there or are then sent through email. It uses on-the-fly encryption (OTFE) where data is automatically encrypted as it is saved on a hard drive.
  • LEAP – a free, open source email encryption system that works by providing a local proxy that a standard email client connects to [FPF01]. Rather than people maintaining the own encryption keys, a proxy service provider automatically encrypts email sent through it. In addition, if people do have their own public keys these will automatically be discovered and validated so that only that person will be able to read the email [LAP01]. It is less secure than having one’s own key as the service provider has access to both the metadata and forwarding information [FPF01]. The system is meant to be usable, hence, with usability, comes a certain amount of insecurity in this case by allowing for encryption access in a ‘user-friendly’ manner using a BitMask application [LAP01]. It has created new protocols [LAP02]: Soledad (server daemon), Bonafide (secure user registration, authentication, and provider discovery), and Key Management (new rules for validation) [LAP03].
  • Mailpile – a front-end email client that uses a webmail interface to provide encryption by default [MPE01]. It downloads all email from an email server onto the computer with an option to run it on a cloud service. Even if the email server used is a commercial product like Gmail or Yahoo the contents of emails would still be stored there, however, it would be encrypted [MPE01].
  • Enigmail – an extension used in the email client Mozilla Thunderbird and SeaMonkey that uses OpenPGP public key e-mail encryption and digital signatures. It requires users to first set up their own GPG or PGP keys. After installation Enigmail integrates digital signing and encryption of email directly from the Thunderbird email client in a user-friendly manner.

Capabilities:

  • Public-key cryptography – used in PGP/GPG and S/MIME and is an asymmetric cryptographic protocol that requires two separate keys, one private for decrypting emails and one public used for encrypting or digitally signing messages.
  • Digital certificate – used by S/MIME these are issued to organisations and individuals by trusted certificate authorities. These are downloaded and then added to an email client. The certificate is then used to make secure connections [TRP01].
  • Digital signature – used by PGP/GPG it serves as a digital signature that authenticates the signer of a message as actually being that person or entity [GLO01].

Surveillance mitigation:

  • Privacy – enables private digital communications so that messages cannot be read by third parties. The difference between plaintext and ciphertext has been compared to the postcard and the letter, where plaintext is more like a postcard that anyone can read and ciphertext is akin to placing a message in a sealed envelope. This has been called the ‘analog gap’ [MPE02].

Vulnerabilities:

  • Usability – PGP/GPG has been criticized for its lack of general usability [CEB01] however there are tools currently available and under development (described above) that seek to address this issue.
  • Security – Public keys may be decoded allowing access to messages. For example, the GCHQ/NSA programme BULLRUN that aims to break encryption tools.
  • Attribution – a digital signature provides proof of authorship, which may be used to provide legal proof of a person’s communications and activities.

Layer of interaction:

Background:

Cryptography in its early days were managed and researched within government’s departments of defence in order to protect state secrets and to ensure secure communication across international borders. A non-secret technology known as public key encryption appeared in the 1970s using RSA [CAC01] and resulted in the emergence of the CryptoWars, an attempt by the U.S. government to limit the public and foreign countries from accessing cryptography strong enough to resist decryption by U.S. national intelligence agencies [OPN01].

The Snowden revelations have shown that the CryptoWars are not over [OPN01] in particular with the BULLRUN programme, which seeks to break encryption tools [EFF01].

Sources:

Codes and Ciphers (CAC)
1) http://www.codesandciphers.org.uk/heritage/ModSec.htm

Cryptographic Engineering blog (CEB)
1) http://blog.cryptographyengineering.com/2014/08/whats-matter-with-pgp.html

Differencebetween (DFB)
1) http://www.differencebetween.net/technology/software-technology/difference-between-pgp-and-smime

Electronic Frontier Foundation (EFF)
1) https://www.eff.org/document/crypto-wars-governments-working-undermine-encryption

Freedom of the Press Foundation (FPF)
1) https://freedom.press/organization/leap-encryption-access-project

The Internet Engineering Task Force (IET)
1) http://www.ietf.org/rfc/rfc4880.txt

GPG Tools
1) https://gpgtools.org

LEAP (LAP)
1)  https://leap.se/en/services/email
2)  https://leap.se/en/docs/design
3)  https://leap.se/slides/#/

Mailpile (MPE)
1)  https://www.mailpile.is/faq/
2)  https://github.com/mailpile/Mailpile/wiki/FAQ-Encryption-&-Security

OpenPGP (OPP)
1) http://www.openpgp.org/about_openpgp/

Open Rights Group (OPN)
1) https://wiki.openrightsgroup.org/wiki/Crypto_Wars

Tech Republic (TRP)
1) http://www.techrepublic.com/blog/it-security/email-encryption-using-pgp-and-s-mime

TrueCrypt
1) http://truecrypt.sourceforge.net/

BULLRUN

BULLRUN, EFF document archive, slide #2.

BULLRUN, EFF document archive, slide #2.

Purpose:

BULLRUN is an NSA programme aimed at decrypting encrypted network traffic [GUA01]. Decryption capabilities include inserting vulnerabilities into commercial encryption tools and IT systems, collaboration with other intelligence agencies, and “advanced mathematical techniques” [NYT01, GUA02]. The programme has the ability to decrypt data flowing through major communications provides and peer-to-peer tools such as Skype [NYT02].

Encryption keys are harvested from servers and held in a Key Provisioning Service, which can automatically decrypt traffic if a key is available, or otherwise ask a Key Recovery Service to obtain the key [NYT02].

The programme also seeks to “influence policies, standards and specifications for commercial public key technologies” [NYT02]. The NSA is believed to have inserted a cryptographic backdoor into a standard published by the National Institute of Standards and Technology (NIST) and the International Organization for Standardization (ISO), and to have paid a U.S. software company to implement the flawed standard [REU01].

GCHQ has a similar programme named EDGEHILL [GUA01]. GCHQ has been working to develop methods to decrypt the traffic of Hotmail, Google, Yahoo and Facebook, and proposed a system to decrypt data from fibre-optic cable tapping programmes such as TEMPORA in “near-real time” [GUA01].

Capabilities:

  • Decryption of:
    • Transport Layer Security/Secure Sockets Layer (TLS/SSL)
    • Encrypted web traffic (HTTPS)
    • Secure Shell (SSH)
    • Virtual Private Networks (VPNs)
    • Voice over Internet Protocol (VoIP)
    • 4G mobile networks

Exploitation of:

  • Service provider internal networks and cloud storage
  • Commercial encryption software
  • Standards for encryption systems

Data extraction sources:

  • Fibre-optic cables
  • Commercial encryption software
  • Web services (e.g. Hotmail)

Combined with other state surveillance tools:

TEMPORAfibre-optic cable tapping

Layers of operation:

Background:

The BULLRUN programme partners with technology companies to insert vulnerabilities, and also uses covert activities to manipulate the development of international encryption standards [GUA01]. However, some companies state that they were coerced into handing over their master encryption keys or creating security holes [NYT01].

The programme can be compared with the Clipper Chip proposal of the 1990s, which aimed to mandate weakened encryption in order to facilitate surveillance [NYT02]. The EFF, U.S. congress and others thwarted that earlier proposal, arguing that it was against the 4th amendment of the U.S. constitution.

Company partners:

  • Unnamed commercial software companies
  • RSA encryption [REU01]
  • Standards organisations

Sources:

Electronic Frontier Foundation (EFF)
1) https://www.eff.org/document/20141228-spiegel-gchq-presentation-bullrun-programs-decryption-capabilities

Electrospaces (ELE)
1) http://electrospaces.blogspot.co.uk/search?q=bullrun

Guardian (GUA)
1)     http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
2)     http://www.theguardian.com/world/interactive/2013/sep/05/nsa-project-bullrun-classification-guide

New York Times (NYT)
1) http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html
2) http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html

Reuters (REU)
1) http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C220131220