PGP 6.0 User’s Guide

PGP Windows 95, 98, and NT

User’s Guide

Version 6.0

PGP*, Version 6.0.2 11-98. Printed in the United States of America. PGP, Prett y Good, and Pretty Good Privacy are regi ster ed trademarks of Network Assoc iates,

Inc. and/or its Affiliated Companies in the US and other countries. All other registered and unregistered trademarks in this document are the sole property of their res pect ive owners .

Portions of this software may use public key algorithms described in U.S. Patent numbers 4,200,770, 4,218,582, 4,405,829, and 4,424,414, l ice n sed exc lusively by Public Key Partner s; the IDEA(tm) cryptograph ic ciph er described in U.S. patent number 5,214,703 , licensed from Ascom Tech AG; and the Northern Telecom Ltd., CAST Encryption Algorithm, licensed from Northern Telecom, Ltd. IDEA is a trademark of Ascom Tech AG. Network Associates Inc. may have patents and/or pending patent applications coverin g subject matter in this software or its documentation; the furnishing of this software or documentation does not give you any license to these patents. The compression code in PGP is by Mark Adler and Jean-Loup Gailly, used with permission from the free Info-ZIP implementation. LDAP software provided courtesy U niversity of Michigan at Ann Arbor, Copyright © 1992-1996 Regents of the University of Michigan. All rights reserved. This product includes software developed by the Apache Group for use in the Apache HTTP server project (http://www.apache.org/). Copyright © 1995-1997 The Apache Gr oup. All rights res erved. See text files incl uded with the software or the PGP web site for further information. This software is based in part on the work of the Independent JPEG Group. Soft TEMPEST font courtesy of Ross Anderson and Marcus Kuhn.

The software provided with this documentation is licensed to you for your individual use under the terms of the End User Licen se Agreement and Limit ed Warranty provi ded with the software. The information in this docume nt is subject to change without not ice. Network Associates Inc. does not warrant that the information meets you requirements or that the information is free of errors. The information may include technical inaccuracies or typographical erro rs. Changes may be made to the information and incorporated in new editions of this document, if and when made available by Network Associates Inc.

Expor t o f th i s so f t wa re and do c u m entation may be subjec t to compli a nce wi t h the rules and regulations promulgated from tim e t o time by the Bureau of Export Administration, United States D e p a rt me nt of Com me r ce , wh ich restri c t the ex p or t a n d re -e xp o rt of certa i n p ro d ucts and technical data .

Network Ass ociates, Inc. (408) 988 -3832 main 3965 Freedom Circle (408) 970 -9727 fax Santa Clara, CA 95054 http://www.nai.com

info@nai.com

is sometimes used instead of t he ® for registered tr ademarks to protect marks registered outside of th e

U.S.

LIMITED WARRANTY

Limited Warranty.

Network Associates Inc. warrants that the Software Product will perform subs ta nt i a ll y i n ac co rdance with the acc ompanying wr itt e n ma terials fo r a period of sixty (60) days from the date of original purchase. To the extent allowed by applicable law, implied warr a n tie s on the Sof tw a re P roduct, if any, a re li mited to su ch sixty ( 6 0) da y p er i o d. Some jurisdictions do not allow lim itat ions o n durat ion of an imp lied war ran ty, so the ab ove limitation may not apply to you.

Customer Re me dies.

Network Associates Inc’s and its suppliers’ entire liability and your exclusive remedy shall be, at Network Associates Inc’s option, either (a) return of the purchase price paid for the license, if any or (b) repair or r eplacement of the Software Product that does not meet Network Associates Inc’s limited warranty and which is returned at your expense to Network Associates Inc. with a copy of your receipt. This limited warranty is void if failure of the Software Product has resulted from accident, abuse, or misapplication. Any repaired or replacement Software Product will be warranted for the remainder of the original warranty period or thirty (30) days, whichever is longer. Outside the United States, neither these remedies nor a n y pr o du ct support service s o ff ered by Ne twork Associ a te s Inc. are av a i la b l e without proof of purchase f rom an authorize d internati onal source and may not be available from Network Associates Inc. to the extent they subject to restrictions under U.S. export control laws and regulations.

NO OTHER WARRANT IES . TO TH E MAX IMUM EXT EN T PER MITTED BY AP PLICABLE LAW, AN D EXCEPT FOR THE LIMITE D WAR R ANTIES SET FOR T H HEREIN, THE SOFTWARE AND DOCUMENTATION ARE PROVIDED “AS IS” AND NETWORK ASSOCI ATES, INC. AND ITS SUPPLIERS DISCLAIM ALL OTHER WARRANTIES AND CONDITIONS, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, IMPLIED WARRANTIES OF MERCH AN TAB ILIT Y , FITNES S FOR A PAR TIC UL AR PURPOS E, CONF ORMANC E WIT H DESC RIP TION, TITLE AND NO N-INF RIN GEMENT OF THIRD PARTY RIGHTS, AND THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT SERVICES. THIS LIMITED WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHER S , WHICH VARY FROM JURISDICTION TO JURISDICTION.

LIMITATION OF LIABILITY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, I N N O E VEN T SH AL L NE TWO RK AS SOCI A TE S, I NC . O R I T S S UPP L IERS BE LIABLE FOR ANY INDIRECT, INCID ENTAL, CONSEQUE NTIAL, SPECIA L OR EXEMPLARY DAMAGES OR LOST PROFITS WHAT SOEVER (I NCLUDING, WIT HOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINE SS INFORM ATION, OR ANY OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OR INAB ILIT Y TO USE TH E S OF TW AR E PR O D UC T OR TH E FAILURE TO PROV IDE SUPPORT SERVICES, EVEN IF NETWORK ASSOCIATES, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN ANY CASE, NETWORK ASSOCIATES, INC’S CUMULATIVE AND ENTIRE LIABILITY TO YOU OR ANY OTHER PARTY FOR ANY LOSS OR DAMAGES RESU L TING FROM ANY C LAI MS, DE MANDS OR AC TION S A RISI N G OUT OF OR RELATING TO THI S AGREEMENT SHALL NOT EXCEED THE PURCHASE PRICE PAID FO R THIS LICENSE. BECAUSE SOME JU R ISDICTIONS DO NOT ALLOW T HE EXCLUSION OR LIMITATION OF LIABILITY, THE ABOVE LIMITATIONS MAY NOT APPLY TO YOU.

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi

How to contact Network Associates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xii

Customer service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xii

Technical support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xii

Network Associates training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

Comments and feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

Recommended Readings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii

Chapter 1. Introducing PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

What’s ne w in PGP v e rs ion 6 .0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 7

Using PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

A quick overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20

Basic steps for using PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Chapter 2. Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Running PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Using PGP from the System tray . . . . . . . . . . . . . . . . . . . . . . . . . . .23

Performing PGP functions from the clipboard . . . . . . . . . . . . . . . .23

Opening the PGPkeys wind ow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Setting PG P Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Getting Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Quitting PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24

Using PGP from supported email applications . . . . . . . . . . . . . . . . . . . . . . . .25

Using PGP/MIME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25

Using PGP from the PGPtools application . . . . . . . . . . . . . . . . . . . . . . .26

Using PGP from the Windows Explorer . . . . . . . . . . . . . . . . . . . . . . . . . .26

Selecting recipients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

Taking shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

PGPkeys icon definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

User’s Guide v

Table of Contents

Chapter 3. Making and Exchanging Keys . . . . . . . . . . . . . . . . . . . . . . . .31

Key concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Making a key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Creating a passphrase that you will remember . . . . . . . . . . . . . . . . . . . . . . . .38

Adding a photographic ID to your key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Creating new subkeys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41

Key Splitting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Protecting your keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Distributing your public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46

Making your public key available through a key server . . . . . . . .47

Updating your key on a key server . . . . . . . . . . . . . . . . . . . . . . . . .47

Removing signatures or user name s associated with your key . .48

Including your public key in an email message . . . . . . . . . . . . . . . . . . . 49

Exporting your public key to a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Obta ining t h e p ublic keys of other s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Getting public keys from a key server . . . . . . . . . . . . . . . . . . . . . . . . . . .50

Adding public keys from email messages . . . . . . . . . . . . . . . . . . . . . . . .51

Importing a public key from a file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Verifying the authenticity of a key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52

Signing the public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53

Getting public keys through trusted introducers . . . . . . . . . . . . . . . . . . . . . . 53

Chapter 4. Sending and Receiving Secure Email . . . . . . . . . . . . . . . . . .55

Encrypting and signing email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55

Encrypting and signing with supported email applications . . . . . . . . .56

Encrypting email to groups of recipients . . . . . . . . . . . . . . . . . . . . . . . .61

Working with distribu tion lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Sending e ncrypted and signed emai l to distribution lists . . . . . . .62

Decrypting and verifying email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Chapter 5. Using PGP for Secure File Storage . . . . . . . . . . . . . . . . . . . .67

Using PGP to encrypt and decrypt files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67

Using the PGP right-click menu to encrypt and sign . . . . . . . . . . .67

Usin g PGPt ools to encry pt and s ign . . . . . . . . . . . . . . . . . . . . . . . .69

Using PGPtray to decrypt and verify . . . . . . . . . . . . . . . . . . . . . . . .71

vi PGP for Windows 95, 98, and NT

Table of Contents

Using PGPtools to decrypt and verify . . . . . . . . . . . . . . . . . . . . . . .72

Signing and decrypting files with a split key . . . . . . . . . . . . . . . . . . . . . . . . . .73

Using PGP Wipe to delete files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77

Using the PGP Free Space Wiper to clean free space on your disks . . . . . .78

Chapter 6. Managing Keys and Setting Preferences . . . . . . . . . . . . . . .81

Managing your keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81

The PGPkeys window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

PGPkeys attribute definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Examining a key’s properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

General key properties wind ow . . . . . . . . . . . . . . . . . . . . . . . . . . . .86

Subkey properties wind ow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87

Specifying a default key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Adding a new user name or address to a key pair . . . . . . . . . . . . . 88

Veri f y ing som eone’s pu blic key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Signing someone’s public key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Granting trust for key validations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Disabling and enabling keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Deleting a key, signature, or user ID . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

Changing your Passphrase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94

Importing and Exporting Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95

Revoking a key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Setting you r preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98

Searching for a key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Chapter 7. PGPdisk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109

What is PGPdisk? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109

PGPdisk features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109

Why use PGPdisk? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110

Starting the PGPdisk program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Working with PGPdisk Volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Creating a new PGPdisk volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

Changing a passphrase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114

Adding alternate passphrases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

Removing a passphrase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116

User’s Guide vii

Table of Contents

Maintainin g PGPdisk Volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122

Tech nical D e t a ils and Secu r ity Co ns ider a t ions . . . . . . . . . . . . . . . . . . . . . . . 1 2 4

Removing all alternate passphrases . . . . . . . . . . . . . . . . . . . . . . . . . . .116

Add/Remove Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Mounting a PGPdisk volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118

Usin g a mou nt e d PGPdisk volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 9

Unmounting a PGPdisk volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Specifying Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120

Mounting PGPdisk files on a remote server . . . . . . . . . . . . . . . . . . . . .122

Automatically mounting PGPdisk volumes . . . . . . . . . . . . . . . . . . . . . .122

Backing up PGPdisk volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

Exchanging PG Pdisk volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

Changing the size of a PG Pdisk volume . . . . . . . . . . . . . . . . . . . . . . . .124

About PGPdisk volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124

The PGPdisk e ncryption algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . .125

Passphrase quality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

Special security prec autions taken by PGPdisk . . . . . . . . . . . . . . . . . .127

Passphrase erasure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Virtual memory protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Memory Static Ion Migration Protection . . . . . . . . . . . . . . . . . . . .127

Other security considera tions . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

Appendix A. Troubleshooting PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . .129

Appendix B. Transferring Files Between the Mac OS and Windows .133

Sending f ro m the Ma c O S to Window s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 3 4

Receiving Windows files on the Mac OS . . . . . . . . . . . . . . . . . . . . . . . . . . . .135

Supported App lications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136

Appendix C. Phil Zimmermann on PGP . . . . . . . . . . . . . . . . . . . . . . . . .139

Why I wrote PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

The PGP symmetric algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143

About PGP data compression routines . . . . . . . . . . . . . . . . . . . . . . . . .145

About the random numbers used as session keys . . . . . . . . . . . . . . .145

About the message digest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .146

How to protect public keys from tampering . . . . . . . . . . . . . . . . . . . . .147

viii PGP for Windows 95, 98, and NT

Table of Contents

How does PGP keep track of which keys are valid? . . . . . . . . . . . . . . .150

How to protect private keys from disclosure . . . . . . . . . . . . . . . . . . . .152

What if you lose your private key? . . . . . . . . . . . . . . . . . . . . . . . .153

Beware of snake oil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153

Vulnerabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158

Compromised passphr ase and private key . . . . . . . . . . . . . . . . . . . . . .158

Public key tampering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158

Not quite deleted files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159

Viruses and Trojan horses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .160

Swap file s or v ir t ual me m ory . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161

Physical security breach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162

Tempest attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162

Protecting against bogus timestamps . . . . . . . . . . . . . . . . . . . . . . . . . .162

Exposure on multi-user systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164

Traffic analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164

Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164

Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171

User’s Guide ix

Table of Contents

x PGP for Wind ows 95, 98, and NT

Preface

PGP is part of yo u r organization’s security toolkit for protecting one of your most important assets: information. Corporations have traditionally put locks on their doors and file cabi nets and require em p loyees to show identificati on to prove th at they are permitted access into various parts of the business site. PGP is a valuable tool to help you protect the security and integrity of your organization’s data and messages. For many companies, loss of confidentiality means loss of business.

Entire books have been written on the subject of implementing network securit y. T he foc us o f th is guid e is o n impl ementi ng P GP as a t ool w ithi n yo ur overall n e twork security structu re . PGP is merely one piece of an overall security system, but it is an extremely important one. PGP provides encrypti on, which protects d ata from the eyes of anyone for who m it was not intended, even those who can see the encrypted data. This protects information from both i nt e rnal and external “outsiders.”

This guide d esc ri bes h ow to us e PGP many new features, which are described in Chapter 1, “Introducing PGP.”

If you are new to c ryptography and would like an overv iew of the termi nology and concepts you will encounter while using PGP, see An Introduction to

Cryptography.

for Windows 95, 98, and NT. PGP has

User’s Guide xi

Preface

How to contact Network Associates

Customer service

To orde r prod uc t s or ob t a i n p ro du ct info rmation , c o ntact the N e t work Associates Cust omer Care department at (408) 988-3832 or wri te to th e following address:

Network Associates, Inc. McCandless Towers 3965 Freedom Circle Santa Clara, CA 95054-1203 U.S.A.

Technical support

Network Ass ociates is famous for its dedication to customer sat isfaction. We have continued this tr adi tion by making our site on the Wo rld Wide Web a valuable resource for answers to technical support issues. We encourage you to make this you r f i rs t st o p fo r answe rs to fr e q u e ntly ask e d qu e s tions, for updates to Netw ork Associat es software, and for access to N etwork Assoc iates news and encryption information

World Wide Web

Technical Support for your PGP product is also available t hrough these channels:

Phone Email

To provide the answers you need quickly and efficiently, the Network Associates technical support staff needs some information about your computer and your software. Please have this information ready before you call:

If the aut omat ed se rvic es d o not ha ve th e an swers y ou n eed, cont act Net work Associates at one of the fo llowing numbers Monday through Friday between

A.M

6:00

xii PGP for Windows 95, 98, and NT

. and 6:00 P.M. Pacific time.

Phone

http://www.nai.co m

(408) 988-3832

PGPSupport@pgp.com

(408) 988-3832

• Product name and version number

• Computer brand and model

• Any additional hardware or peripherals connected to your computer

• Operating system type and version numbers

• Network type and version, if applicable

• Content of any status or error message displayed on screen, or appearing

in a log file (not all products produce log files)

• Email application and version (if the problem involves using PGP with an

email product, for example, the Eudora plug-in)

• Specific steps to reproduce the problem

Network Associates training

Preface

For infor mat ion a bo ut sched uli ng on-si te tra ini ng f or an y N etwo rk Assoc iates product, call (800) 338-8754.

Comments and feedback

Network Associates appreci a te s your comments and fe e db ack, but incurs no obligation to you for information you submit. Please address your comments about PGP product documentation to: Network Associates, Inc., 3965 Freedom Circle Santa Clara, CA 95054-1203 U.S.A.. You can also e- mail comments to tns_documentation@nai.com.

Introducing PGP

Welcome to PGP. With PGP, you can easily and securely protect the privacy of your data by encrypting it so that only intended individuals can read it. You can also digitally sign information, which ensures it’s authenticity.

What’s new in PGP version 6.0

This version of PGP includes these new features:

Secure Viewer.

•

private information on your computer screen from interception through electromagnetic radiation—also known as TEMPEST attacks. It is widely known that eavesdroppers, with special equipment, can capture and reconstru ct video s creen cont ent from r adio freque ncy radiat ion. When tex t is encrypte d with the Secure Viewer option enabled, the decryp ted text is displayed in a special TEMPEST attack prevention font and window that are unreadable to radiation capturing equipment. The Secure Viewer feature allows you to securely view your decrypted text.

PGPdisk Functionality.

•

6.0. PGPdisk is an easy-to-use encryption application that enables you to set asi de an are a o f di s k sp a c e fo r st oring your sen si t i v e data.

Secure View e r i s P GP’s software solution to protect the

PGPdisk functionality is built into PGP version

Designated Revokers.

•

your keyring is allowed to revoke your key. This can be useful in situations where you are afraid of losing your private key, forgetting your passphrase, or in extreme cases such as a physical incapacity to use th e key. In such cases, the third-party you designate will be able to revoke your key, send it to the server and it will be just as if you had revoked it yourself.

Added Plug-ins.

•

included. A Groupwise plugin is availab le separ ate ly.

Added Plug-ins.

•

included. A Groupwise plugin is availab le separ ate ly.

PGPdisk Functionality.

•

6.0. PGPdisk is an easy-to-use encryption application that enables you to set asi de an are a o f di s k sp a c e fo r st oring your sen si t i v e data.

Photographic User ID.

•

Photo IDs ca n be signed just like a user ID to p rovide extra information when verifying the key.

You may now specify that another public key on

Email plug-ins for Outlook Express and Outlook 98 ar e

PGPdisk functionality is built into PGP version

You can add your photograph to your public key.

User’s Guide 17

Introducing PGP

Secure Communications with the PGP Certificate Server 2.0.

•

PGP provides a secure connection when any query is sent to the server. This secure conne cti on p reve nts any t ra ffi c anal ys is wh ich mi gh t de termi ne th e keys you are retrieving from or sending to the server.

• Secure Deletion from the PGP Certificate Server.

You can delete or disab l e y our own k e y on th e se rver by a u th e ntica ti ng yourself th r ough Transport Layer Security (TLS).

• PGPkeys Toolbar.

An iconic toolbar has been added to PGPkeys for easy

access to the most frequently used key management functions.

Unknow n Rec i pie nt o r Sig ner Se rve r Lo ok up.

•

When decrypting or verifying a message, you can automatically perform a server lookup on all the keys which the message is encrypted to or signed by to determine their identity.

Subkey Management.

•

(Diffie-Hellman/DSS keys only) With the subkey management feature, you can manage your encryption (DH) and signing (DSS) keys separately.

• Signature Reverification.

The signatures collected on keys are automatically verified when added to your ring. It is p ossible, howeve r, whether through data corruption or malicio us tamperi ng, for invalid signatures to exist. This new feature allows you to reverify the signatures to ensure th at they are valid.

Signature Expiration.

•

You can create signatures on other keys that will

expire after a given date.

Enhanced Int erfa c e

•

. An intuitive toolbar has been added to PGPkeys for

easy access to the most freq uently used key management f unctions.

Improved Application Integration.

•

The PGPtray allows in-place encrypt/ decr ypt /si gn/v erif y wit h most ap pli cati ons wi thou t th e n eed f or an explicit copy and paste by the user.

Freespace Wipe.

•

PGPtools now has the ability to wipe all freespace on your

disks.

Enhance d Wip i ng.

•

Both file and volume wiping now use a significantly enhanced set of patter ns over mult iple wipes special ly tuned for the medi a types in use by today's computers.

Key Splitting.

•

Any high secur ity private key can be split i nto shares amon g multiple “shareholders” using a cryptographic process known as Blakely-Shamir splitting.

PGPdisk ADK.

•

An Additi onal Decryption Key can be specif ied for acc e ss to all new PGPdisks created with a configured client install of PGP. This utilizes the new public key support in PGPdisk.

18 PGP for Windows 95, 98, and NT

Introducing PGP

New features o f PGPdisk

Public Key Support.

• configured to open a PGPdisk. This support is integrated with PGP 6.0 and its keyrings. For example, if Bob wants to give his wife Mary access to his PGPdisk, he can give access to Mary by adding her public key to the PGPdisk. The key for the disk will be encrypted to Mary's key.

New Disk Wizard.

• by a New Disk Wizard which will guide you through the process step by step.

Window s NT Su ppor t.

• to Windows 95, 98, and MacOS.

A public key or multiple public keys can now be

The process of creating a PGPdisk has been simplified

PGPdisk now runs on Windows NT 4.0 in addition

User’s Guide 19

Introducing PGP

Using PG P

PGP is a security software application that enables you and your co-wor kers to exchange or store information securel y, so that no one else can read it.

One of the most convenient w ays to use PGP is through one of the popular email applications supported by the PGP plug-ins. With these plug-ins, you can enc ryp t and sign as wel l as de c ry pt and verify y o u r me s s ag e s while you are com p os i ng and reading your mail wit h a s imp le click of a but to n.

If you are using an email application that is not supported by the plug-ins, you can easily encrypt the text of the message using PGPtray. In addition, if you need to encrypt or decrypt file attachments, you can do so directly from the Windows clipboard by choosing the appropri ate menu option. You can also use PGP to encrypt and sign files on the hard disk of your computer for secure storage, to secu rel y wi pe f ile s f rom yo ur har d dis k and to wi pe fr ee di sk spa ce so that sensitive data can’t be retrieved with disk recovery software.

A quick overview

PGP is based on a widely accepted encryption technology known as public key cryptography in which two complementary keys, called a key pair, are used to

maintain secure communications. One of the keys is designated as a private key to which only yo u have access and the other is a public key which you freely exchange with other PGP users. B oth your private and your public keys are stored in keyring files, which are accessible from the PGPkeys window. It is from this window that you perform all your key management functions.

For a com p rehensi ve ov e rview of PGP encr y pti o n technolo g y , refe r to “An Introduction to Cryptography,” which is included with the product.

20 PGP for Windows 95, 98, and NT

Introducing PGP

Basic steps for using PGP

This section takes a quick look at the procedures you normally follow in the course of using PGP. For details concerning any of these procedures, refer to the appropri ate chapters in this book.

1. Install PGP on your com pute r. Ref er to the PGP I nst a ll ati on Gu ide included with the product for c omplete installation instructions.

2. Create a private and public key pair. Before you can begin using PGP, you need to generate a key pair. A PGP

key pair is composed of a private key to which only you have access and a public key that you can copy and make freely available to everyone with whom you exchange information.

You have the opti on of cre ating a new ke y pair immedi ately aft er you have finished the PGP installation procedure, or you can do so at any time b y opening the PGPkeys application.

For more information about creating a private and public key pair, refer to

“Making a key pair” on page 32.

3. Exchange public keys with others. After you have created a key pair, you can begin corresponding with other

PGP users. You will need a copy of their public key and they will need yours. Your pub lic k ey is ju st a b loc k of tex t, so i t’ s quit e easy t o tr ade keys with some one. You can i ncl ud e your pu blic k ey in a n e mail messa ge , co py it to a file, or post it on a public or cor porate key server where anyone can get a copy when they need it.

For more information about exchanging public keys, refer to “Distributing

your public key” on page 46 and “Obtaining the public keys of others” on page 50.

4. Validate pu bl ic keys. Once you have a copy of someone’s public key, you can add it to your

public keyring. You should then check to make sure that the key has not been tamper ed with and that it reall y belongs to th e purpor ted owner. You do this by comparing the unique fingerprint on your copy of someone’s public key to the fingerprint on that person’s original key. When you are sure that you have a valid public key, you sign it to indicate that you feel the key is sa fe to use. I n additio n, you can g rant the ow ner of the key a level of trust indicating h ow much confidence you have in that person to vouch for the authenticity of someone els e ’s public key .

For more information about validating your keys, refer to “Verifying the

authenticity of a key” on page 52.

User’s Guide 21

Introducing PGP

5. Encrypt and sign your email and files. After you have generated your key pair and have exchanged public keys,

you can begin encrypting and signing email messages and files.

• If you are using an email application supported by the plug-ins, you can

encrypt and sign y our messages by selecting the ap p ropriate options from your application’s tool bar.

• If your email application is not supported by the plug-ins, you can

perform the ap p ropriate functions from PGPtray. You can also encrypt and sign files from PGPtools be f ore attaching them to your email . Encrypting ensures that only you and your intended recipients can decipher the file’s conten ts; signing ens ures that any tampe ring will be readily apparent.

For more information abo ut encrypt ing and sign ing info rma tion, refer to

“Encrypting and signing email” on page 55.

6. Decrypt and verify your email and files. When someone sends you encrypte d data, you can unscramble the

contents and verify any appended signature to m ake sure that the data originat e d with the alleged sender and that it h as not been altered.

• If you are using an email application that is supported by the plug-ins,

you can decrypt and verify your messages by selecting the appropriate options from y ou r app lication’s tool bar.

• If your email application is not supported by the plug-ins, you can copy

the message to the cl ipboard and perf orm the appropriat e functions fro m there. If you want to decrypt and verify f ile attachments, you can do so from the Wind ows cl ipboard . You can a lso decrypt encryp ted f iles stored on your computer, and verify signed files to ensure that they have not been tampered with.

For more inform ation about decrypting and verifying data, refer to

“Decrypting and veri fying email” on page 63.

7. Wipe files. When you need to permanently delete a file, yo u can us e the W i pe feature

to ensure that the file is unrecoverable. The f ile is immediately o verwritten so that it ca nnot be retrieved using disk reco ve ry softwa re .

For more information about wip ing files, refe r to “Using PGP W ipe to

delete fil e s” on page 77.

22 PGP for Windows 95, 98, and NT

Getting Started

This chapter explains how to run PGP and provides a quick overview of the procedures you will normally follow in using the product. It also contains a table of the icons used with PGPkeys.

Running PGP

PGP works on the data generated by other applications. Therefore the appropriate PGP functions are designed to be immediately available to you based on the task you are performing at any given moment. There are four primary ways to use PGP:

• From the System tray (PGPtray)

• From within supported email applications (PGP email plug-ins)

• From the Windows Explorer File menu

• From the PGPt ools toolbar

Using PGP from the System tray

You can access many of the main PGP functions by c li cking the lock icon, which is normally located in the System tray, and then choosing the appropriate menu item. (If yo u can’t find this icon in your System tray, run PGPtray from the Start menu).

Performing PGP functions from the clip board

You will notice that many of the options on the System tray refer to PGP functions that you perform from the Wind ows clipboard. If you are using an email application that is not supported by the PGP plug-ins, or if you are working with text generat ed by some ot her application, you perf orm your encryption /decrypt ion and signature/v erificat ion functions via the Windows clipboard.

For instance, to encrypt or sign text, you copy it fr om your application to the clipboard, encrypt and sign it using the appropriate PGP functions, then paste it back into your application before sending it to the intended recipients. When you receive an encrypted or signed email message, you simply reverse the process and copy the encrypted text, known as ciphertext fro m you r application to the clipboard, decrypt and verify the information, and then view the contents. After you view the decrypted message, you can decide whether to save the information or retain it in its encrypted form.

User’s Guide 23

Getting Started

Opening the PGPkeys window

When you ch oose Laun ch PGPkey s f rom t he PGP p op-up menu , th e PGP key s window opens, showing the private and public key pairs you have created for yourself as well as any public keys of other users that you have added to your public keyring. (If you have not already created a new key pair, the PGP Key Generation Wizard leads you through the necessary steps. However, before going throu gh the proces s of creating a new key pair, you sh ould see

Chapter 3 for com p l e te d e t ai l s a b out the various op t i o ns.)

From the PGPkeys window you can create new key pairs and manage all of your other keys. For instance, this is where you examine the attributes associated with a partic ular key, specify how confident you are that the key actually belongs to the alleged owner , and indicate how well you trust the owner of the key to vouch for the authenticity of other users’ keys. For a complete explan at ion of the ke y m anag ement f u nction s you pe rfor m fr om the PGPkeys window, see Chapte r 6.

Setting PGP Preferences

When you choose PGP Preferences from the PGP pop-up menu, you access the PGP Preferences dialog box in which you specify settings that affect how the PGP program functions based on your computing environment.

By clicking the appropriate t ab, you can advance to the preference settings you want to modif y. For a complete expl anation of these settings, see Chapter 6.

Getting Help

When you choose Help from the PGP menu or window, you access the PGP help syst em, whi ch p rovi de s a gener al ove rvi ew a nd i nstr uct i ons fo r a ll o f the procedures you are likely to perform. Many of the dialog boxes also have context- sensitive help, which you access by cli cking the question mark i n the right corner of the window and then pointing to the area of interest on the screen. A short explanation appears.

Quitting PGP

By default, the PGPtray program runs whenever you start your computer, as indicated by the lock icon displayed in the System tray. If for some reason you need to quit ru nning PGPtray, you can do so by choosing Exit PGPtray from the PGP pop-up menu.

24 PGP for Windows 95, 98, and NT

Getting Started

Using PGP from supported email applications

If you have one of these po pular email applications supported by the PGP plug-ins, you can access the necessary PGP function s by clicking the appropriate buttons in yo ur ap p lication’s toolbar:

• Qualcomm E udora

• Microsoft Exchange

• Microsof t Outlook

• Microsoft Express

• Novell Groupwise (available separately)

For example, you click the envelope and lock icon ( ) to indicate that you want to encrypt your message and the pen and paper ( ) to indicate that you want to sign your message. Some applications also have an icon of both a lock and quill ( ), which lets you do both at once.

When you receive email from another PGP user, you decrypt the message and verify the person’s digital signature by clicking the opened lock and envelope, or by selecting “Decrypt/Verify” fr om the PGPmenu ( ).

You can also access the PGPkeys window at any time while composing or retrieving your ma il by clicki ng the PGPkey s button ( ) in some plug-in s.

Using PGP/MIM E

If you are using an email application wit h one of the plug-ins that supports the PGP/MIME stan dard, and you are communicating with anothe r user whose email application also suppor ts this standard, b oth of you can automatically encrypt and decrypt your email messages and any attached files when you send or retrieve your email. All you have to do is turn on the PGP/MIME encryption and signing functions from th e P GP Preferences dialog box.

When you receive email fr om someone w ho uses the PGP/MIME feature, the mail arrives with an attached icon in the message window indicating that it is PGP/MIME encoded.

To decrypt the text and file attachments in PGP/MIME encapsulated email and to verify any digital signatures, you simply double-click the lock and quill ( ) icon. Attachments are still encrypted if PGP/MIME is not used, but the decryption process is usually more involved for the recipient.

User’s Guide 25

Getting Started

Using PGP from th e P GPtoo ls appl ica tio n

If you are using an email application that is not supported by the plug-ins, or if you wa nt t o per for m PGP fun cti ons from wit hin oth er a pp licati o ns, yo u can encrypt an d si gn, decrypt and verify, or se curely wipe messages and f il e s directly from the PGP tools window. You can open the PGPtools wi ndow by:

• Clicking Start-->Programs-->PGP-->PGPtools.

• Double-cli cking the PGPtools icon ( ) on the system tray .

When the PGPtools window (Figure 2-1) opens, you can begin your encryption work.

Figure 2-1. PG P tool s wi ndow

If you are working with text or files, you can encrypt, decrypt, sign, and verify by select ing th e t ext or f ile an d th en d raggi ng it onto the appro priat e bu tton in the PGPtools window.

If you are working with files, click on the appropriate button i n the PGPtools window to choose a file or select the Clipboard.

Using PGP f rom the Windo ws E xplo rer

You can encrypt and sign or dec ry p t and verify files such as word processing document s, spreadshee ts and video cl ips direct ly from the Win dows Explorer. If you are not using an email application such as Qualcomm Eudora, which supp o rts the PG P / MIME st andar d , or a n ap p l icatio n su c h as E xc h a n g e or Outl oo k th a t doe sn’t req uire PGP to encr y p t or si gn files , you mus t use this method to attach files that you want to send along with your email messages. You might also want to encrypt and decrypt files that you store on your own computer to prevent others from accessing them.

To access PG P f unctions from the Windows Explorer, c hoose the appropriate option from the PGP submenu of the File menu. The options that appear depend on the current state of the fi l e you hav e selec ted . If the file has not yet been encrypted or signed, then the options for performing these functions appear on the menu. If t he file is already en crypted or s igned, then opt ions for decrypting and verifying the contents of the file are displayed.

26 PGP for Windows 95, 98, and NT

Selectin g reci pi ents

When you send email to someone whose emai l application is s upported by the PGP plug-ins, the recipient’s email address determines which keys to use when encrypting the contents. However, if you enter a user name or email address that does not correspond to any of the keys on your public keyring or if you are encrypting from the clipboard or from the Windows Explore r, you must manual ly select the re cipient’s public key from the PGP Key Selection dialog box. To select a recipient’s public key, simply d rag the ic on representing their key into the Recipient’s list box and then cli ck OK.

For complete instructions on how to encrypt and sign and decrypt and verify email, se e Chapter 4. If you want to encrypt files to store on your hard disk or to send as email attachments, see Chapter 5.

Taking shortc uts

Although you will find that PGP is easy to use, a number of shortcuts are available to help you accomplish your encryption tasks even quicker. For instance, while you are managing your keys in the PGPkeys window, you can press th e right mouse button to perfo rm all the nec essary PGP f unctions rath er than accessing them fr om th e menu bar. You can also drag a file containing a key into the PGPkeys window to add it to your keyring.

Getting Started

Keyboard shortcuts are also available for most m enu operations. These keyboard sh ortcut s are shown on all th e PGP menus, an d other sh ortcu ts are described in context throughout this manual.

PGPkeys icon definitions

PGPkeys men u bar icon s

The follow in g table shows a ll of the icons used in the PGPkeys menu bar, along with a description of their functions.

Icon Function

Launches the Key Generation Wizard. Click this button to create a new key pair.

Revokes the currently selected key or signat ure. Click this button to disable a key or revo ke a signature. Revoking a key will prevent anyone from encrypting data to it.

Allows you to sign th e cur rently sel ec ted key. By signi ng the key, you are certifying that the key and user ID belong to t he identified user .

User’s Guide 27

Getting Started

Deletes the currently selected item. Click this button to remove a key, signatur e, or photographic ID.

Opens the Key Search window whic h all ows you to search for keys on local keyri ngs and remote servers.

Sends the currently selected key to the server. Click this button to upload your key to the Certificate or domain server.

Updates the curren tly selected key from a Certificate or domain server. Click thi s button to import keys f rom a Certificate or domain server to your keyring.

Displays the Properties dialog box for the currently selected key. Click this bu tton t o view t he Gene ral a nd Sub key pro perti es f or a key.

Allows you to import keys from file on to your keyring.

Allows you to export the selected key to a file.

PGPkeys wind ow icon s

The follow ing tabl e sh ows all of the min i-i co ns use d in the PGP keys window, along with a description of what they represent.

Icon Description

A gold key and user repres ents your Diffie-Hellman/DSS key pair, which consists of your private key and your publi c key.

A single gol d key represents a Diffie-Hellman/DSS public key.

A gray key and user represents your RSA key pair, which consists of your private key and your public key.

A single gr ay key represents an RSA public key.

When a key or key pair is dimm ed, the keys are temporar ily unavailable for encrypting and signing. You can disable a key from the PGPkeys window, which prevents sel dom-used keys from cluttering up the Key Selection dialog box.

This icon indicates that a photographi c user ID is accompanied with the public key.

28 PGP for Windows 95, 98, and NT

Getting Started

A key with a red X indicates tha t the key has been revoked. Users revoke their key s when they are no longer valid or have been compromised in some way.

A key with a clock indicates that the key has expired. A key’s expiratio n date i s established when the key is created.

An envelope represents the owner of the key and lists the user names and email addresses associated with the key.

A gray circle indicates that the key is invalid

A green circle indicat es that they key is valid. An addit ional red circle in the ADK column indicates that the key has an associated Additional Decryption Key; an addit ional gray circle in the ADK column indicat es that the key does not have an asso ciated Addit ional Decryption Key.

A green circle and user indicates that you own the key, and that it is implic itl y tr u st ed .

A pencil or fountain pen indicates the sig natures of the PGP users who have vouched for the aut henticity of the key. A signature with a red X through it indic ates a revoked signature. A signature with a dimmed pencil icon indicates a bad or invali d signature. A signature with a blue arrow next to it indicates that it is exportable.

An empty bar indicat es an invalid key or an untrusted user.

A half-fill ed bar indicates a marginally valid key or marginally trusted user.

A striped bar indicat es a valid key that you own and is implicitly trusted, regardless of the signatures on the key.

A full bar indicates a completely valid key or a completely trusted user.

User’s Guide 29

Getting Started

30 PGP for Windows 95, 98, and NT

Making and Exchanging

Keys

This chap ter describes how to generate the public and private key pairs that you need to correspond with other PGP users. It also explains how to distrib ute you r pu bli c key and obt ain th e pu bli c keys of ot h ers so th at you can begin exchanging private and authenticated email.

Key concepts

PGP is based on a widely accepted and highly trusted public key encr yption system, as shown in Figure 3-1, by which y o u and other PGP users generate a key pair consisting of a private key and a public key. As its name implies, only you have acc ess to your pri vate key, bu t in order to co rrespond wit h other PGP users you need a copy of their public key and they need a copy of yours. You use your private key to sign the email messages and file attachments you send to others and to decryp t the messages and files they send to yo u . Conversely, you use the publ ic keys of others to send them encrypted email and to verif y their digital signatures.

public key private key

decryptionencryption

plaintext ciphertext plaintext

Figure 3-1. Public Key Cryptography diagram

User’s Guide 31

Making and Exchanging Keys

Making a key pair

Unless you have already done so while using another version of PGP, the first thing you need to do before sending or receiving encrypted and signed email is create a new key pair. A key pair consists of two keys: a private key that only you possess an d a public key that you freely dis t ribute to those with whom you correspond. You generate a new key pair from the PGPkeys window using the PGP Key Generation Wizard, which guides you through the process.

NOTE:



probably already generated a private key and have distributed its matching public key to those with whom you correspon d. In this case you don’t h ave to m ake a new k ey p air ( as d esc ri bed in t he next s ect i on) . Instead, you specify the location of your keys when you run the PGPkeys application. You can go to the Files pane of the Preferences dialog box and locate your keyring files at any time .

If you are upgrading from an earlier version of PGP, you have

To create a n ew key pa ir

1. Open the PGPkeys window. You can open this window by:

• Clicking Start-->Programs-->PGP-->PGPkeys.

• Clicking the P GP tray icon ( ) in the System tray, then click ing PGPkeys.

2. Clicking in your email application’s toolbar.

32 PGP for Windows 95, 98, and NT

Making and Exchanging Keys

The PGPkeys application appears, as shown in Figure 3-2.

Figure 3-2. PGPk eys wi ndo w

3. Click in the PGPkeys menu bar. The PGP Key Generation Wizard provides some introductory

informa tion on the first screen.

4. When you are finished reading this information, click Next to advance to the next pane.

The PGP Key Gene ra tion Wiza rd ask s you to e nter y o ur na me a nd ema il address.

5. Enter your name on the first line and your email address on the second line.

It’s not absolutely necessary to enter your real name or even your email address. However, using your real name makes it easier for others to identify you as the owner of your public key. Also, by using your correct email address, you and others ca n take advantage of the plug-in feature that automati call y look s up t he approp ri ate key on your c urr ent keyr ing when you address mail to a particular recipi ent. Some Corporate Signing Keys and Additional Decryption Keys have no use for an email address because they do not represent i ndividuals.

User’s Guide 33

Making and Exchanging Keys

6. Click Next to advance to the next dialog box. The Key Generation Wizard asks you to select a key type.

7. Select a key type, either Diffie-Hellman/DSS or RSA and then clic k Next. Earlier versions of PGP use an older te chnology referred to as RSA to

generate keys. With PGP Version 5.0 and abov e , y ou hav e the option of creating a new ty p e of key based on the imp roved Elgamal variant of Diffie-Hellma n techno lo gy.

• If you plan to correspond with people who are still using RSA keys,

• If you plan to correspond with people w ho have PGP Ver sion 5.0 o r

• If you want to exchange email with all PGP users, make an RSA key

you might want to generate an RSA key pair that is compatible with older vers ions of the program.

later, you can take advantage of the new technology and generate a pair of Diffie-Hellman/DSS keys.

pair and a Diffie-Hellman/DSS key pair, then use the appropriate pair depending on the version of PGP used by the recipient. You must create a separate key pair for eac h type of key that you need.



NOTE:

If your version of PGP does not support RSA, this step may not be availabl e to y ou. For more information about RSA support, see the ReadMe file that accompanies the product.

8. The PGP Key Generation Wizard asks you to specify a size for your new keys.

Select a key size fr om 768 to 3072 bits , or enter a cus tom key siz e from 768 to 4096 bits.



NOTE:

A custom key size may take a long time to gene rate,

depending on the speed of the computer you are using.

34 PGP for Windows 95, 98, and NT

Making and Exchanging Keys

The key size corresponds to the number of bit s u s e d to construct your digital key. The larger the key, the less chance that someone will be able to crack it, but the longer it takes to perform the decryption and encryption process. You need to strike a balance between the convenience of performing PGP functions quickly with a smaller key and the increased level of security provided by a larger key. Unless you are exchanging extremely sensitive information th at is of enough interest that someone wou ld be willing to mou nt an expensive and time-consuming cryptographic attack in order to read it, you are safe using a key composed of 1024 bits.

NOTE:



When creating a Diffie-Hellman/DSS key pair, the size of the DSS portion of th e key is less than or equ a l to the size of the Diffie-Hellman portion of the key, and is limited to a maximum size of 1024 bits.

9. Click Next to advance to the next pane. The PGP Key Generation Wizar d asks you to i ndic ate wh en the ke y pair

will expire.

10. Indicate when you want your keys to expire. You can either use the default selection, which is Never, or you can enter a specific date after which the keys will expire.

Once you create a key pair and have distributed your public key to the world, you will probably continue to use the same keys from that point on. However, under certain conditions you may want to create a special key pair that you plan to use for only a limited per iod of time. In this case, when the public key expires, it can no longer be used by someone to encrypt mail for you but it can still be used to verify your digital signature. Similarly, when your private key expires, it can still be used to decrypt mai l th at wa s se nt to you b efor e y our publ ic k ey ex pi red but can no longer be used to sign mail for others.

11. Click Next to advance to the next pane. The PGP Key Generation Wizard asks you to enter a passphrase.

12. In the Passp hrase d ial og bo x, ent er t he st ring of char act ers or wo rds y ou want to use to maintai n excl usi ve acce ss to y our pri vate k ey. To con fir m your entry, press the Tab key to advance to the next line, then enter the same passphrase again.

User’s Guide 35

Making and Exchanging Keys

Normally, as an added level of security, the characters you enter for the passphrase do not appear on the screen. However, if you are sure that no one is watching, and you would like to see the characters of your passphrase as you type, clear the Hide Typing check box.



NOTE:

Your passphrase should contain multiple words and may include spaces, numbers, and punctuation charac ters. Choose something th at you can rememb e r e asily but that others won’ t be able to guess. The passphrase is case sensiti ve, meaning that it distinguishes between uppercase and lowercase letters. The longer your passphrase, and the great er the variety of characters it contains, the more secure it is. Strong passphrases include upper and lowercase letters, numbers, punctuation, and spaces but are more likely forgotten. See “Creating a passphrase that you will

remember” on page 38, for more inform a tion abo u t choosi ng a

passphrase.

WARNING:



No one, including Network Associates, can recov e r a

forgotten p a ssphrase.

13. Click Next to beg in the key generation process. The PGP Key Generation Wizard indicates that it is busy generating your

key. If you have entered an inadequate passphrase, a warnin g message

appears before the keys are generated and you have the choice of accepting the bad passphrase or entering a more secure one before continuing. For more information about passphr ases, see “Creating a

passphrase that you will remember” on page 38.

If there is not enough random information upon which to bui ld the key, the PGP Random Data dialog box appears. As instructed in the dialog box, move you r mouse ar ound and e nte r a se ries of ran dom ke yst rokes until the progress bar is completely filled in. Your mouse movements and keystrokes generate random information that is needed to create a unique key pair.

NOTE:



sources on the sy stem, including mouse positions, timi ngs, and keystrokes. If the Random Data dialog box does not appear, it indicates th at PGP has already col lected all the random data that it needs to create the key pair.

36 PGP for Windows 95, 98, and NT

PGPke y s c o nti nuall y gat h e r s random d a ta f ro m many

Making and Exchanging Keys

After the key ge neration process begins, it may take a while to generate the keys. In fac t, if you specify a size other than the default valu e s f or a Diffie-Hellman/DSS key, the fast key generation option is not used and it may ta ke hou rs to g enera te you r key at larger siz es. Eve ntually the P GP Key Generation Wizard indica te s that the key generation process is complete .

14. Click Next to advance to the next pane. The PGP Key G e ne ra t i on Wiza rd i ndicat es th a t yo u ha ve su c ce ssful ly

generated a new key pair and asks if you want to send your public key to a key server.

15. Specify whe ther you want your new public key to b e sent to the serve r, and then click Next (the default server is specified in your Preferences).

When you send yo ur publi c key to the key ser ver, anyone wh o has acc ess to that key server can get a copy of your key when they need it. For complete d etails, se e “Distributing your public key” on page 46.

When the key generation process is complete, the final pane appears.

16. Click Done. A key pair representing your newly created keys appears in the PGPkeys

window. At this point you can examine your keys by checking their properties and the at tributes assoc iated with the keys; you may also want to add other email addre sses that belong to you. See “Adding a new user

name or address to a key pai r” on page 88, for details about adding new

user names to your key.

User’s Guide 37

Making and Exchanging Keys

Creating a passphrase that you will remember

Encrypting a file and then finding yourself unable to decrypt it is a painful lesson in learning how to choose a passphrase you will r e me mb er. Most applications require a password between three and eight letters. A single word password is vulnerable to a dictionary attack, which consists of having a computer try all the words in the dictionary until it finds your password. To protect ag ainst this manner of attack, it is widely recommended that you create a word that includes a combination of upper and lowercase alphabetic letters , n u mbers, punctuation marks, and spaces. This resu lts in a stronger password, but an obscure one that you are unlikely to remember easily. We do not recommen d th at you use a single-word passphrase.

A passphrase is less vulnerable to a dictionary attack. This is accomplished easily by using multiple words in your passphrase, rather th an trying to thwart a dic tionary att ack by ar bitrarily i nserting a lot of funny non- alphabetic character s, which has the eff e ct of making your passphrase too e asy to forget and could lead to a disastro us loss of information because you can’t decrypt your own files. Howev er, u nles s the passp hr ase you choose is som eth in g that is easily committed to long-term memory, you are unlikely to remember it verbatim. Picking a phrase on the spur of the moment is likely to result in forgetting it entirely. Choose something that is already residing i n you r long-term memory. Perhaps a silly saying you heard years ago that has somehow st uck in your mind all this time. It shoul d not be somethi ng that yo u have repeated to others recently, nor a famous quotation, because you want it to be hard for a soph isticated attacker to guess. If it’s already deeply embedded in your long-term memory, you probably won’t forget it.

Of course, if you are reckless en ough to write your passphra se down and tape it to your mon itor or to the ins ide of your desk drawer, it won't matter what you choose .

38 PGP for Windows 95, 98, and NT

Adding a photographic ID to your key

You can include a photographic user ID with your Diffie -Hell man/DSS key.

Making and Exchanging Keys

WARNING:



with someone’s key for verification, you should always check and compare the digital fingerprints. See “Verify ing someone’s publ ic key”

on page 89 for more information about authentication.

Although you can view the photographic ID accompanied

To add y our p hotog raph to you r key

1. Open the PGPkeys application.

2. Select your key pair and then click Add Photo on the Keys menu. The Add Photo dialog box op e ns , as sh own in Figure 3-3.

Figure 3-3. A dd P ho t o di alo g box

3. Drag or paste your ph otograph on to the Ad d Photo d ialog box or browse to it by clicking Select File.

NOTE:



picture quality, crop the picture to 120x144 before adding it to the Add Photo dialog box. If you do not do this , P GP will scale the picture for you.

4. Click OK.

The photograph must be a .JPG or .BMP file. For maximum

User’s Guide 39

Making and Exchanging Keys

The Passphra se di alog box opens, as shown in Figure 3-4.

5. Enter your passphrase in the space provided, then click OK. Your photograph ic user ID is added to you r public key and is li sted in the

PGPkeys window. You can now send your key to the server. See “To

send your public key to a key server” on page 47, for additional

instructions.

To repla ce your phot ograp hic ID

1. Open the PGPkeys application.

Figure 3-4. Passphrase dialog box

2. Se lect your key pair

3. Select the photograph that you want to replace .

4. Choose Delete from the Edi t me nu.

5. Add your new photographic I D usi ng the instructions outlin e d i n “To

add your photograph to your key” on page 39.

40 PGP for Windows 95, 98, and NT

Creating new subkeys

Every Diffie-Hellman/DSS key is actually two keys: a DSS signing key and a Diffie-Hellman encryption subkey. PGP Version 6.0 provides the ability to create an d revoke new encryption keys without sacrificing your master signing key and the signatures collected on it. One of the most common uses for this featu re is to create mu ltiple subkeys that are set to be us e d d ur ing different periods of the key's lifetime. For example, i f you create a key that will expire in 3 years, you might also create 3 subkeys and use each of them for one of the years in the l ifetime of the key. This can be a useful s ecurity measure and provides an automatic way to p e riodically switch to a ne w e ncryption key without hav ing to recreate and distribute a new public key.

To create ne w subkey s

1. Open the PGPkeys application.

2. Select your key pair and then click Properties on the Keys menu, or click .

The Properties dialog box opens.

3. Click the Subkeys tab.

Making and Exchanging Keys

The Subkeys dialog b ox opens, as shown in Figure 3-5.

User’s Guide 41

Making and Exchanging Keys

4. To create a new subkey, click New. The New Subkey dialog box opens.

5. Enter a key size from 768 to 3072 bits, or enter a custom key size from 768 to 4096 bits.

6. Indicate the start date on which you want your subkey to activate.

7. Indicate when you want your subkey to expire. You can either use the default se lection, which is Never , or you can enter a specific date af ter which the subkey will expir e.

8. Click OK. The Passphrase dialog box appears.

9. Enter your passphrase and th e n click OK. Your new subkey is listed in the Subkey window.

42 PGP for Windows 95, 98, and NT

Figure 3-5 . PGP ke y prop e rty page

(Subkeys dialog box)

Key Splitting

Any private key can be split into shares among multiple “shareholders” using a cryptographic process known as Blakely-Shamir key splitting. This technique is recommended for extremely high security keys. For example, Network Associates keeps a corporate key split between multiple individuals. Whenever we need to sign with that key, the shares of the key are rejoined temporari ly. To split a key, select the key pair to be split and choos e Share Split from the Keys menu. You are then asked to set up how many different people will be required to rejoin the key. The shares are saved as files either encrypted to the public key of a shareholder or encrypted conventionally if the shareholder has no public ke y. Af te r th e key has b een sp lit , at tem ptin g to s ign with it or decrypt with it will automatically attempt to rejoin the key. For information about rejoining a split key, see “Signing and decrypting files with

a split key” on page 73.

To create a split key w ith multip le shares

1. Open the PGPkeys application.

2. In the PGPkeys window, create a new key p air or select an existing key pair that you wan t to split.

Making and Exchanging Keys

3. On the Keys menu, click Shar e Split. The Share Split dialog box opens (Figure 3-6) on top of the PGPkeys

window.

Figure 3-6. Share Split dialog box

User’s Guide 43

Making and Exchanging Keys

4. Add shareholders to the key pair by dragging their keys from the PGPkeys window to the Shareholder list in the Share Split dialog box.

To add a shareholder that does have a public key, click Add in the Share Split dialog box, enter the persons name and then allow the person to type in their passphrase.

5. When all of the shareholders are listed, you can specify the number of key shares that are necessa ry to decrypt or sign with this key.

In Figure 3-7, for example, the total number of shares that make up the Administration key is four and the total number of shares required to decrypt or sign is three. This provides a buffer in the event that one of t he shareholders is unable to provide th eir key share or forgets the passphrase.

By default, eac h s hareh old er is res p onsib le f or on e s hare. To inc rea se the number of shares a shareholder possesses, click the name in the shareholder’s list to display it in the text field below. Type the new number of key shares or use the arrows to selec t a new amount.

44 PGP for Windows 95, 98, and NT

Figure 3-7. Share Split dialog box

(Example)

Making and Exchanging Keys

6. Click Split Key. A dia log box op ens and p ro mpts y ou to select a dire ct o r y i n w hich to

store the share s.

7. Select a location to store the key shares. The Passphrase dialog box appears.

8. Enter the p a ss p hrase fo r the key you want to spli t and then click OK. A confirmation dialog box opens.

9. Click Ye s to sp lit th e ke y . The key is split and the shares are saved in the location you specified.

Each key shar e is saved wi th the s harehold er’s n ame as the fi le name and a .SHF extension, as shown in the example below:

10. Distr i b u te the key sha res to the owner s, th e n d e le t e th e local copi e s . Once a key is split among multiple shareholders, attempting to sign or

decrypt with it wi ll cause PGP to automatic ally attem pt to rejoi n the key. To learn how to rejoi n a split key to sign or decrypt files, “ Sign ing an d

decrypting files with a split key” on page 73.

Protecting your keys

Once you have ge nerated a key pair , it is wise to put a copy of them in a safe place in case something happens to the originals. PGP prompts you to save a backup copy when you close the PGPkeys application after creat ing a new key pair.

Your private keys and your public keys are stored in separate keyring files, which you can copy just like any other files to another location on your hard drive or to a floppy disk. By default, the private keyring (secring.skr) and the public keyring (pubring.pkr) are stored along with the other program files in the “PGP Keyrings” folder in the “PGP 6.0” fold er, but you can save your backups in any location you like.

When you specify that you want to save a backup copy of your keys, the Save As dialog box appears, as king you to specify the locati on of the backup private and public key ring files that a re to b e created.

User’s Guide 45

Making and Exchanging Keys

Besides making backup copies of your keys, you should be especially careful about where you store your private key. Even though your private key is protected by a passphrase that only y ou should know, it is possible that someone could discover your passphrase and then use your private key to decipher your email or forge your digital signature. For instance, somebody could lo ok over your shou lder and watch t he keystr okes you enter or inte rce pt them on the network or even over the airwaves.

To prevent anyone who might happen to intercept your passphrase from being able to use your private key, you should store your priv ate key only on your own computer. If your computer is attached to a network, you should also make sure th at your file s are not auto maticall y include d in a system-wid e backup where others might gain access to your private key. Given the ease with which computers are accessible over networks, if you are working with extremely sensitive information, you may want to keep your private key on a floppy disk, which you can insert like an old-fashioned key whenever you want to read or sign private information.

As another se curity precaution, consider assigning a different name to your private keyring file and then storing it somewhere other than in the default PGP folder where it will not be so easy to locate. You use the Files pane of the PGPkeys Preferences dialog box to specif y a name and location for your private and public keyring files.

Distributing your public key

After you cr eate yo ur keys , you need to mak e the m availab le to other s so tha t they can send you encrypted information and verify your digital signature. You have three alternatives for distributing your public key:

• Make your public key available through a public key server.

• Include your public key in an email message .

• Export your public key or copy it to a text file. Your public key i s basically composed of a block of text, so it is quite easy to

make it available through a public key server, include it in an email message, or export or copy it to a file. The recipient can then use whatever method is most convenient to add your public key to their public keyring.

46 PGP for Windows 95, 98, and NT

Making and Exchanging Keys

Making your p ubli c key a vai la ble t hrough a key s erver

The best method for making your public key available is to place it on a public key server where anyone can access it. That way, people can send you email without having to explicitly request a copy of your key. It also relieves you and others from having to maintain a large number of public keys that you rarely use. There are a number of key servers worldwide, including those offered by Network Associates, Inc., where you can make your key available for anyone to access. Your Security Officer will usually pre-configure your keyserver settings so that everything works correctly for your site.

To send you r public ke y to a ke y server

1. Connec t to th e I nte rnet.

2. Open the PGPkeys application.

3. Select the icon that represents the public key you want to post on the key server.

4. Open the Server menu, then select the key server you want to post on from the Send To submenu.

Once you place a copy of your public key on a key server, you can tell people who want to send you encrypted data or to verify your digital signature to get a copy of your key fr om the server. Even if you don’t explicitly point them to your public key, they can get a copy by searching the key server for your name or email address. Many people include the Web address for their public key at the end of their email messages; in most cases t he recipi ent can just dou ble-cli ck the add ress to acc ess a co py of your key on the server. Some people even put their PGP fingerprint on their busi ness cards for easier verification.

Updating you r ke y on a k ey se rver

If you ever need to change your email address, or if you acquire new signatur es, all you have to do to r eplace yo ur old key i s send a new co py to the server; the information is automatically updated. However, you should keep in mind that public key servers are only capable of updating new information and will not allow removal of user names or signatures from your key. To remove signatures or user names from your key, see “R emoving signatures or

user names associated wit h your key” on page 48 for instructions. If your key

is ever compromised, you can revoke it, which tells the world to no longer tru st that ve rsion of your key. See Chapter 6, “Managing K eys and Setting

Preferences” for more details on how to revoke a key.

User’s Guide 47

Making and Exchanging Keys

Removing signat ures or user names associ ated with your key

Public key servers are only capable of updating new information and will not allow removal of user names or signatures from your key. If you want to remove si gnatures or user names associated with your public key, you must must first remove yo u r key from the server.

To delete you r key f rom a cer tificate server

1. Open the PGPkeys window.

2. Choose Search from the Serv e r menu or click the Search button ( ) in the PGPkeys menu.

The PGPkeys Search window appears.

3. Choose the server y ou wi sh t o sear c h from t he Sear ch for Ke ys On me nu.

4. Specify your search criteria to locate your public key: The default is User ID, but you can click the arrows to select Key ID, Key

Status, Key Type, Key Size, Creation Date, or Expiration Date. For example, you might search for all keys with the User ID of Fred.

5. To begin the search, click Search. The results of the search appear in the window.

6. Right-click on the key that you want to remov e from the server, then select Delete.

The Passphrase dialog box appears.

7. Enter the passphrase for the key you want to remove from the server and then click OK.

Confirmation dialog appears and the key is removed.

8. If you want to send an updated key to a certificate server, see “Making

your public key available through a key server” on page 47 for

instructions.

WARNING:



be aware that someone who has your public key on th e ir keyring c an upload it to the server agai n. You should c heck the server periodically t o see if the key has reappeared - you may have to delete your key from the server more than once.

If you delete your key from a certificate server, you should

48 PGP for Windows 95, 98, and NT

Making and Exchanging Keys

Including your public key in an email message

Another convenient method of delivering your public key to someone is to include it along with an email message.

To include yo ur publ ic key in an email m essage

1. Open the PGPkeys application.

2. Select your key pair and then click Copy on the Edit menu.

3. Open the editor you use to compose your email messages, place the cursor in th e desired area, and then click Paste on the Edit me nu. In newer email applications, you can simply drag your key from the PGPkeys window i nto the text of your emai l mess age to trans fer the key info rm ation.

When you send someone your public key, be sure to sign the email. That way, the recipient can verify your signature and be sure that no one has tampered with the information along the way. Of course, if your key has not yet been signed by any trust e d introducers, recipients o f your signature can only truly be sure the signature is fr om you by verifying the fingerprint on you r k e y.

Exporting your public key to a file

Another method of distributing your public key is to copy it to a file and then make this file available to the person with whom you want to communicat e.

To export you r public ke y to a f ile

There are three ways to export or save your public key to a file:

• Select the icon representing your key pair from the PGPkeys window, then clic k Export on th e Ke ys men u and enter th e name of the file where you want the key to be saved.

• Select the icon representing your key pair in the PGPkeys window, click Copy on the Edit menu, then click Paste to insert the key information into a text doc umen t.

NOTE:



PCs, enter a name of up to ei ght initial characters an d th ree additional characters for the file type extension (for example, email.txt).

If you are sending your key to colleagues who are using

User’s Guide 49

Making and Exchanging Keys

Obtaining the public keys of others

Just as yo u n e e d to distribute y our pub li c k e y to th ose who wa n t to se nd you encrypted mail or to verify your digital signature, you need to obtain the public keys of others so you can send them encrypted mail or verify their digi ta l signa tu r e s.

To obtain someon e’s public ke y

There are three ways you can obtain someone’s public key:

• Get the key from a public key server.

• Add the public key to your keyri ng dir ec tly f rom an email mess age.

• Import the public key from an exported file.

Public keys are just blocks of text, so they are easy to add to your keyring by importing them from a file or by c opying them from an email message and then pasting them into your public keyring.

Getting public keys from a key server

If the person to whom you want to send encrypted mail is an experienced PGP user, chances are that they have placed a copy of their public key on a key server. This makes it very convenient for you to get a copy of their most up-to-date key whenever you want to send them mail and also relieves you from having to store a lot of keys on your public keyring.

Your secur ity office r may direct you to use a corporate key server that holds all of your org anization’ s frequently u sed keys. In this c ase, your PGP sof tware is probably already configured to acces s the appropr iate server.

You can search for keys on a key server us ing these meth ods:

•User ID

•Key ID

• Key Status (Revoked or Disabled)

• Key Type (Diffie-Hellman or RSA)

•Creation date

• Expiration date

• Revoked keys

• Disabled keys

50 PGP for Windows 95, 98, and NT

Making and Exchanging Keys

•Key size

• Keys signed by a parti cu lar key The inverse of most of these operations is also available. For example, you may

search using “User ID is not Bob” as your cri te ria. There are a number of public key servers, such as the one maintained by

Network Associates, Inc., where you can locate th e keys of most PGP users. If the recipient has not pointed you to the Web address where his or her public key is stored, you can access any key server and do a search fo r the user’s name or email address, because all key servers are regularly updated to include the keys stored on all the other servers.

To get some one’s pub lic key fr om a k ey server

1. Open the PGPkeys application.

2. Click Search Server on the Keys menu or click to open the Search dialog box.

The Search dialog box opens.

3. In the Search For Keys On box, select the location or server you want to search.

4. Enter the search criteria to use to locat e the user’s public key. To narr ow your search, click More Choices to specify additional criteria.

When the public key is found, you can examine it in the Search dialog box to make sure that it is valid. If y ou decide to add the key to your public keyr ing, dra g i t to th e m ain PGPk e ys wind o w .

Adding public keys from email messages

A convenient way to get a copy of someone’s public key is to have t hat person include it in an email message. When a public key is sent through email, it appears as a block of text in the body of the message.

To add a pu blic key f rom an email m essage

Do one of the f ollowi ng:

• If you have an email application that is supported by the PGP plug-in, then click to add the sender’s public key to your public keyring.

User’s Guide 51

Making and Exchanging Keys

• If you are using an email application that is not supported by the plug-ins, you can add the public key to the keyring by copying the block of text that represents the public key and pasting it into the PGPkeys window.

Importing a public key from a file

Another m ethod of obt ainin g someon e’s publi c key is to hav e that per son save it to a file from which you can import it or copy and paste it into your public keyring.

To import a publ ic key fr om a fi le

There are three methods of extracting someone’s public key and adding it to your public keyring:

• Click Import on the Keys menu and then navigate to the file where the public key is stored.

• Drag the file containing th e publ ic key onto the main PGPkeys window.

• Open the text document where the public key is stored, s elect the block of text representing the key, and then click Copy on the Edit menu. G o t o th e PGP key s window and cli c k Past e on the E dit men u to copy the key . Th e key then shows up as an ic on in the PGPkeys window.

Verifying the authenticity of a key

When you exchange keys with someone, it i s sometimes hard to tell if the key really belongs to that person. PGP software provid e s a number of safeguards that allow y ou to check a key’s auth enti c ity an d to cer ti fy th at th e key bel o ngs to a particular owner (that is, to validate it). The PGP program also warns you if you atte mpt to u se a key that is not vali d and als o defaul ts to warn you when you are about to use a marginally valid key.

Why verify the authen ticity o f a key?

One of the major vulnerabilities of public key encryption systems is the ability of sophisticated eaves droppers to mount a “man-in-the-middle” attack by replacing someone’s public key with one of their own. In this way they c an intercept any encrypted email intended for that person, decrypt it using their own key, then encrypt it again with the person’s real key and send it on to them as if nothing had ever happened. In fact, this could all be done autom atical l y th r ough a so p h isticated computer prog ra m that stands in the middle and deciphers all of your correspondence.

52 PGP for Windows 95, 98, and NT

Based on thi s scenario, you and those with whom you exchange email need a way to determine whether you do indeed have legitimate copies of each others’ key s. The best way to be completely su re that a public key actually belongs to a part icular person is to have the owner copy it to a flopp y disk and then physically hand it to you. However, you are seldom close enough to personally hand a disk to someone; you generally exchange public keys via email or get them from a public key server.

Verify wit h a dig ital fin gerprint

You can determine if a key really be longs to a particular person by checking its digital fingerprint, a unique series of numbers generated when the key is created. By comparing the fingerprint on your copy of someone’s public key to the fin gerpr int on th eir or ig inal ke y, you can be absol ut ely s ure th at y ou do in fact have a valid copy of their key. To learn how to veri f y with a digital fingerprint, see “Verify ing someone’s public key” on page 89.

Signing the public key

Once you are abso lutely convinced that you have a legitimate copy of someone’s public key, you can then sign that person’s key. By signing someone’s public key with your private key, you are certifying that you a re sure the ke y belongs to the alleged user. F or instance, when you create a new key, it is automatically ce rtified with your own digital signature. By default, signature s y ou make on other keys are not exportable, which means th e y apply only to the key when it is on your local keyring. For detailed instructions on signing a key, see “Signing someone’s public key” on page 90.

Making and Exchanging Keys

Getting public keys through trusted introducers

PGP users often have o ther tr usted u sers si gn the ir pub lic key s to f urther attes t to their authenticity. For instance, you might send a trusted colleague a copy of your pub lic k ey wi th a r eques t t hat he or s he cer tif y and ret urn it so you c an include the signature when you post your key on a public key server. Using PGP, when someone gets a copy of your public key, they don’t have to check the key’s authenticity themselves, but can instead rely on how well they trust the person(s) who signed your key. PGP provides the means for establishing this level of validity for each of the public keys you add to your public keyring and shows the level of trust and validity a ssociated with each key in the PGPkeys window. This means that when you get a key from someone whose key is si gned by a trusted introducer, you can be fairly sure that the key belongs to the p urported user. For details on how to sign keys and validate users, see “Signing someone’s public key” on page 90.

User’s Guide 53

Making and Exchanging Keys

Your Security Officer can act as a trusted in troducer, and yo u ma y then trust any keys signed by the corporate key to be valid keys. If you work for a large company with several l ocatio ns, you may h ave regi onal int roducers, and your Security Of f icer may be a meta-introducer, or a trusted introducer of trusted introduce rs.

54 PGP for Windows 95, 98, and NT

Sending and Receiving

Secure Emai l

This ch apter exp la i ns how to e n cr y p t a n d sign the em a il y o u se nd to ot h e r s and decrypt and verify th e email others send to you.

Encrypting and signing email

There are three ways to encrypt and sign email messages. The quickest and easiest way to encrypt and sign email is with an application supported by the PGP email plug-ins. Although the procedure varies slig htly between different email applications, you perform the encryption and signing process by clicking the ap p ropriate buttons in the application’s toolbar.

If you are using an email application that is not supported by the PGP plug-ins, you can encrypt and sign your email messages via the Windows clipboard by selecting the appr opri ate option from the lock icon in the S ystem tray. To include file attachme nts, you encrypt the files from the Windows Explorer before attachi ng them

TIP:



If you are sending sensitive email, consider leaving your subject line

blank or creating a subject li ne th at does not reveal the contents of your encrypted message.

If you do not have one of the email a ppl ications that is supported by PGP, see

Chapter 5 for information about how to encrypt files.

As an alternative to using the plug-ins, you can use PGPtools to encrypt and sign you r email text and attachments before sendin g them, see “To encrypt

and sign text using PGPtools” on page 59.

User’s Guide 55

Sending and Receiving Secure Email

Encryptin g an d si gn ing with s upport ed ema il app licat i ons

When you encrypt and sign with an email application that is supported by the PGP plug-ins, you have two choices, depending on what type of email application the recipient is using. If you are communicating with other PGP users who have an em ai l application that supports the PGP/MIME standard, you can take advantage of a PGP/MIME feature to encrypt and sign your email messages and any file attachments automatically when you send them. If you are commu nicating wi th someone who does not have a PGP/MIME-compliant email application, you should encrypt your email with PGP/MIME turned off to avoid any compatibility problems. Refer to Table

4-1, “PGP Plug-in Features,” for a list of plugins an d their features.

Table 4-1 . PG P Plug-in Features

PGP/MIME

Auto-decrypt

Encrypt HTML

View decrypted HTML as an HTML document

Encrypt attachments

Encrypt/Sign defaults

Eudora

3.0.x

Yes Yes No No

Yes No Yes Yes

N/A Yes converts to plain

No Yes No No

Yes Yes Yes No

Yes Yes Yes Yes

Eudora

4.0.x

Exchange/ Outlook

text before encrypting

Outlook Express

56 PGP for Windows 95, 98, and NT

Sending and Receiving Secure Email

To encrypt and sign wi th s upporte d email app lication s

1. Use your email application to compose your email message as you normally would.

2. When you h av e finish e d compos i ng the text o f your ema il mess a g e, click to encrypt the text of your me ssage, then click to sign the message.



NOTE:

If you know that you are going to use PGP/MIME regularly, you can leave this turned on by s electing t he appropriat e settings in the email pane of the Preferences dialog box.

3. Send your message as you normally do. If you have a copy of the public keys for every one of the recipients, the

appropriate keys are used. However, if you specify a recipient fo r whom there is no corresponding public key or one or more of the keys have insufficient validity, the PGP Key Selection dialog box appears (Figure

4-1) so that you can specify the correc t key .

Encryption optio n s

Figure 4-1. PGP Recipients window

User’s Guide 57

Sending and Receiving Secure Email

4. Drag the public keys for th ose who are to re ceive a copy of the encrypte d email message into the Recipients list box. You can also double-click any of the keys to move them from one area of the screen to the other.

The Validity icon indicates th e minimum level of confidence tha t the public keys in the Recipi ent list are va lid. This validit y is based o n the signatures associated with the key. See Chapter 6, “Man ag ing Keys and

Setting Preferences,” for details.

5. Select the Conventional Encrypt opti on to use a common passph rase instead of public key encrypti on. If you select this option, the file is encrypted using a session key, which encrypts (and decrypts) using a passphrase that you will be asked to choose.

6. Select the Secure Viewer option to protect the data from TEMPEST attacks upon decryption. If you sele ct this option, the decrypted data is displayed in a specia l TEM PES T attack prev ent ion font that is unreadable to radiat io n capturing e quipm ent . For more info rma tion about TEMPEST attacks, see “Vulnerabilities” on page 158.

NOTE:



previous versions of PGP. Files e ncrypted with this option enabl e d can be decrypted by previous versions of PGP, however this feature may be ignored.

The Secure Viewer option may not be compatible with

7. Click OK to encrypt and sign your mail. If you have elected to sign the encrypted data, the Signing Key

Passphrase dialog box appears, as in Figure 4-2, requ e st in g y o u r passphrase before the mail is sent.

Figure 4-2. Signing Key Passphrase dialog box

58 PGP for Windows 95, 98, and NT

8. Enter your passphrase and th e n click OK.

Sending and Receiving Secure Email

WARNING:



If you do not send your email immediately but instead store it in your outbox, you should be aware that when using some email applications, the information is not encrypted until the email is actually transmitted. Before queuing encrypted messages you should check to see if your appli cati on does in fac t enc ryp t the m essages in y our outbox . If i t does not, you can use PGPtray to encrypt your messages before queuing them in the outbox.

To encrypt and sign t ext usin g PGPto ols

1. Copy the text that you want to encrypt and sign to the clipboard.

2. Drag the text on to the Encrypt, Sign, or Encrypt and Sign button in the PGPtools window.

Figure 4-3. PG P tools window

The PGP Key Recipients dialog box ap pears (Figure 4-1).

3. Drag the public keys for th ose who are to re ceive a copy of th e encrypted email message into the Recipients list box. You can also double-click any of the keys to move them from one area of the screen to the other.

Setting Preferences,” for details.

4. Select the Conventional Encrypt option to use a common passphrase instead of public key encrypti on. If you select this option, the file is encrypted using a session key, which encrypts (and decrypts) using a passphrase that you will be asked to choose.

User’s Guide 59

Sending and Receiving Secure Email

5. Select the Secure Viewer option to protect the data from TEMPEST attacks upon decryption. If you sele ct this option, the decrypted data is displayed in a specia l TEM PES T attack prev ent ion font that is unreadable to radiat io n capturing e quipm ent . For more info rma tion about TEMPEST attacks, see “Vulnerabilities” on page 158.



NOTE:

The Secure Viewer option may not be compatible with previous versions of PGP. Files e ncrypted with this option enabl e d can be decrypted by previous versions of PGP, however this feature may be ignored.

6. Click OK to encrypt and sign your mail. If you have elected to sign the encrypted data, the Signing Key

Passphrase dialog box appears, as in Figure 4-2, requ e st in g y o u r passphrase before the mail is sent

7. Enter your passphrase and th e n click OK.

8. Paste the text into your emai l message, then se nd the message.

60 PGP for Windows 95, 98, and NT

Sending and Receiving Secure Email

Encryptin g email to groups of reci pient s

You can use PGP to create g roup distr ibuti on lists. For ex ample, if y ou want to send encrypted mail to 10 people at engineering@company.com, you could create a distributi on list with that name. The Groups menu in P GPkeys contains a Show Groups op tion th at to ggles th e displ ay of the Gro ups win dow in PGPkeys.

NOTE:



email distribution list, you must create a PGP group by the same name as, and includ ing the same memb e rs as, the email distributi on list. For example, if there is a staff@company.comlist set up in your email application, you must create a staff@company.com group in PGP.

If you intend to encrypt information to all members of an existing

Working with distributi on lists

Use the Groups feature to create distribution lists and to edit the list of people to whom you wa n t to se n d en c r ypted e mail.

To create a g roup (d istributio n list)

1. Choose Show Group from the Groups menu.

2. Choose New Group from the Groups menu.

3. Enter a name for the group distribution list. Optionally, enter a group description. For example, you can name the group “everyone@c o mpa ny .c om” with a descr iption o f “All empl oyee s.”

4. Click OK to create the distribution list. The group dist ribution list is saved as PGP Groups in the PGP

Preferences folder and the list is added to your keyring.

To add member s to a dist ribution list

1. In the PGPkeys window, select the users or lists you want to add to your distribution list.

2. Drag the users from the PGPkeys window to the desired distribution list in the Groups window.

NOTE:



distribution lists.

Members in a distribution list can be add e d to other

User’s Guide 61

Sending and Receiving Secure Email

To delete me mbers from a distri bution li st

1. Within the distribution list, select the member to be deleted.

2. Press the Delete key. PGP ask s yo u to co nf irm your cho i c e .

To delete a d istributio n list

1. Select th e di stribu ti o n li st to be de l e t e d fr om the G ro u p s wi n d ow.

2. Press the Delete key.

To add a distri but ion li st to anoth er di strib ution list

1. Select the distribution list that y ou want to add to anothe r list.

2. Drag the selected list into the list to which it will be added.

Sending encrypted and sig ned email to distri bution list s

You can send encrypted email to groups of recipients once your PGP distribution lists are created. See “Working with di stri but i on lis ts” o n page 61 for more information a bou t creating a nd edit ing distr ibut io n lists .

To send encr ypted and signe d email t o a dist ribution list

1. Address the mail to your mail distribution list. The name of your encryption distribution list must correspond to the

name of the e mail di st ri b ution l ist.

2. Use your email application to compose your email message ju st as you normally would.

3. When you h av e finish e d compos i ng the text o f your ema il mess a g e, click to encrypt the text of your me ssage, then click to sign the message.

The PGP Key Recipients dialog box appears (Figure 4-1). You can select the recipient’s public keys for the text you are encr ypting or signing. The options avail ab le are described i n “To encrypt and sign with supported

email applications” on page 57.

4. Send the message.

62 PGP for Windows 95, 98, and NT

Decrypting and verifying email

The quickest and easiest way to decrypt and verify the email sent to you is with an application supported by the PGP plug-ins. Although the procedure varies slightly between different email applications, when you are using an email application supported by the plug-ins, you can perform the decryption and verification operations by clicking the envelope icon in the message or your application’s toolbar. In some cases you may need to select Decrypt/Verify from the menu in your email application. In addition, if you are using an application that supports the PGP/MIME standard, you can decrypt and verify your email messages as well as any file attachments by clicking an icon attached to your message.

If you are using an email application that is not supported by the PGP plug-ins, you will decrypt and verify your email messages via PGPtray. In addition, if your email includes encrypted file attachments, you must decrypt them separately via PGPtools or PGPtray.

To decrypt and verify from support ed ema il applica tions

1. Open your email message just as you normally do. You will see a block of un intelligible ciph ertext in t he body of your email

message.

Sending and Receiving Secure Email

2. Copy the cipher text to the Clipboard.

3. To decrypt and verify the message, do one of the following:

• If you are commun icating with other PGP users, and they hav e encrypted and signed their mail using the PGP/MIME standard, double-click the locked enve lop e icon ( ).

• If you are receiving email from someone who is not using a PGP/MIME-compliant email application, click the opened envelope icon ( ) on your applicatio n’s toolbar or click Decr y p t/Verif y Clip b o a r d on the Plugins men u .

To decrypt and verify attached files, decrypt them separately using PGPtools or PGPtray.

The PGP Enter Passphrase dialog box appears, as in Figure 4-4, asking you to enter your passphrase.

User’s Guide 63

Sending and Receiving Secure Email

Figure 4-4. Signing Key Passphrase dialog box

4. Enter your passphrase, then click OK. The message is decrypted. If i t has been s igned and you have t he senders

public key, a message appears indic atin g whether the signature is valid. If the message is encrypted with the Secure Viewer option enabled, an

advisory message appears. Click OK to continue. The decrypted message appears on a secure PGP screen in a special TEMPEST attack prevention font.

5. You can save the message in its d e crypted state, or you can save the original encrypted versi on so that it remains secure.

NOTE:



cannot be saved in the ir decrypted state.

To decrypt and ver ify fr om non- suppo rted em ail app lication s

1. Open your email message just as you normally do. You will see a block of unintelligible ciphertext in the body of your email

message.

2. In PGPtray, select Decrypt/Verify. If the email message includes encrypted file attachments, decrypt them

separately with PGPtools or PGPtray . The PGP Enter Passphrase dialog box appears, as in Figure 4-4, asking

you to enter your passphrase.

3. Enter your passphrase, then click OK. The message is decrypted. If it has been signed, a message appears

indicating whether the signature is valid.

64 PGP for Windows 95, 98, and NT

Messages en cry pted wit h th e Secur e Vie wer o pti on e nable d

Sending and Receiving Secure Email

If the message is encrypted with Secure Viewer enabled, an advisory message appears. Click OK to continue. The decrypted message appears on a secure PGP screen in a special TEMPEST attack prevention font.

4. You can save the message in its d e crypted state, or you can save the original encrypted versi on so that it remains secure.



NOTE:

Messages en cry pted wit h th e Secur e Vie wer opti on e nable d

cannot be saved in the ir decrypted state.

User’s Guide 65

Sending and Receiving Secure Email

66 PGP for Windows 95, 98, and NT

Using PGP for Secure File

Storage

This chapter describes how to use PGP to secure ly maintain files. It describes how to use PGP to encrypt, decrypt, sign and verify files either for email or for secure storage on your computer. It also describes the PGP Wipe and Free Space Wipe functions, which delete files by erasing their co nten ts completely from your computer.

Using PGP to encrypt and decrypt files

You can use P GP to en crypt a nd sign files t o use a s email a ttach ments. Y ou can also use the techn iques described in this chapter to encrypt and sign files so that you can st ore them securely on your computer.

Using the PGP right-click menu to encrypt and sign

Use the PGP righ t-c li ck menu to send an en cry pted file as an attac hmen t with your email message, or to encrypt a file to protect it on your computer.

To encrypt and sig n using th e righ t-click menu

1. In the Windows Expl orer, right-click on the file or f iles that you want to encrypt.

2. Choose one of the followi ng options from the PGP right-click me nu:

Encrypt.

• selected.

Sign.

•

Encrypt and Sign.

• or files you selected.

The PGP Key Selection dialog box appears, as shown in Figure 5-1.

Select this option to onl y encrypt the file or files you

Select this option to only si gn the file or files you selected.

Select this option t o both en crypt and si gn the fi le

User’s Guide 67

Using PGP for Secure File Storage

Encryption options

You can select the recipient’s public keys for the file you are encrypting or signing.

Figure 5-1. PGP Recipients dialog box

3. Select the public keys by dragging them to the Recipients list, then click OK.

You can choose from the foll owing encryption optio ns depending on the type of data you are encr ypting:

Conventional Encrypt.

• passphrase rather than on public key cryptog raphy. The file is encrypted using a session key, which encrypts (and decrypts) using a passphrase th at you will be asked to ch oose.

Text Output.

• applications, you may need to s elect the Text Output checkbox to save the file as ASCII text. This is sometimes necessary in order to send a binary file using older email applications. Selecting this option increases the size of the encrypted fi le by about 30 percent.

Wip e Or iginal.

• document that you are e ncr ypti ng or si gning , so th at your sen siti ve information is not readable by anyone who can access your hard disk.

68 PGP for Windows 95, 98, and NT

Select this checkbox to rely on a common

When sending files as attachments with some email

Select this checkbox to overwrite the original

Using PGP for Secure File Storage

Secure Viewer.

•

Select this checkbox to protect text from TEMPEST attacks upon decryption. If you select this option, the data is displayed in a specia l TEM PES T attack prev ent ion font that is unreadable to radiation capturing equipment upon decrypting. For more information abo ut TEMPEST attac ks, see “Vu ln era bilit ie s” on

page 158.



NOTE:

This option is only availab le when e nc rypting tex t or

text files.

If you are signing the files, you are asked to supply your passphrase. After encryption, if you look in the folder where the origin al file was

located, you will find a file with the specified name represented by one of two icons:

If you are encrypting or signing a folder, the output may be in a new folder, depending on the options you selected.

Using PGPtool s to e ncry pt and si gn

To encrypt and sign u sing P GPtools

1. Open the PGPtools application.

encrypted with text outputencrypted with standard output

PGPkeys

encrypt

sign encrypt

and sign

decrypt/ verify

wipe

Freespace wipe

Figure 5-2. PGPtools menu

2. In the Windows Expl orer , s ele ct the f il e or fil es t hat y ou wa nt to e ncrypt . You can select multiple files, but you must encrypt and sign each of them

individually.

User’s Guide 69

Using PGP for Secure File Storage

3. Drag the file(s) ont o the En cry pt, Si gn, or Encr ypt and Sig n button in the PGPtools window.

The PGP Recipients dialog box appears, as shown in Figure 5-1.

4. Select the public keys by dragging them to the Recipients list.

5. You can choose from the following encryption options depen ding on the type of data you are encr ypting:

Conventional Encrypt.

• passphrase rather than on public key cryptog raphy. The file is encrypted using a session key, which encrypts (and decrypts) using a passphrase th at you will be asked to ch oose.

Text Output.

Wip e Or iginal.

• document that you are e ncr ypti ng or si gning , so th at your sen siti ve information is not readable by anyone who can access your hard disk.

Select this checkbox to rely on a common

When sending files as attachments with some email

Select this checkbox to overwrite the original

Secure Viewer.

• attacks upon decryption. If you select this option, the data is displayed in a special TEMPEST attack prevention font that is unreadable to radiation capturing equipment upon decrypting. For more information abo ut TEMPEST attac ks, see “Vu ln era bilit ie s” on

page 158.



6. Click OK. If you are signing the file, you are asked to supply your passphrase. After encryption, if you look in the folder where the origin al file was

located, you will find the file with the specified name represented by one of two icons:

70 PGP for Windows 95, 98, and NT

NOTE:

This option is only availab le when e nc rypting tex t or

text files.

Select this checkbox to protect text from TEMPEST

encrypted with text outputencrypted with standard output

If you are encrypting or signing a folder, the output may be in a new folder, depending on the options you selected.

Using PGPtray to de crypt and v eri fy

If the email you receive has file attachments, and you are not using a PGP/MIME-compliant email application, you must decrypt t hem from the Windows clip b oard.

To decrypt and verify files using PGPtray

1. In the Windows Explorer, select the file or files tha t you want to decrypt and verify.

2. Choose Decrypt/Verify from PGPtray. The passphrase dialog box appears, as in Figure 5-3.

Using PGP for Secure File Storage

Figure 5-3. Passphrase dialog box

3. Enter your passphrase and th e n click OK. The file is decrypted. If i t has been signed, a message appears indicating

whether the signature is valid. If the text file is encrypted with Secure Viewer enabled, an advisory

message appears. Click OK to continue. The decrypted text appears on a secure PGP screen in a special TEMPEST attack prevention font.

4. You can save the message in its d e crypted state, or you can save the original encrypted versi on so that it remains secure.

NOTE:



cannot be sa ved in th ei r dec rypted state. They are only view abl e on the secure PGP screen after decryption.

Messages en cry pted wit h th e Secur e Vie wer opti on e nable d

User’s Guide 71

Using PGP for Secure File Storage

Using PGPtool s to d ecry pt and ver ify

To decrypt and ver ify using PGPto ols

1. In the Windows Explorer, select the file or files that you want to decrypt.

2. Drag the file onto the Decrypt/Verify button in the PGPtools window (Figure 5-2).

The PGP Enter Passphrase dialog box appears, as shown in Figure 5-3, asking you to enter your passphr ase .

3. Enter your passphrase and th e n click OK. If the file is signed, a message appears indicating whether the signature

is valid. If the text file is encrypted with Secure Viewer enabled, an advisory

message appears. Click OK to continue. The decrypted text appears on a secure PGP screen in a special TEMPEST attack prevention font.

4. You can save the message in its d e crypted state, or you can save the original encrypted versi on so that it remains secure.

NOTE:



cannot be sa ved in th ei r dec rypted state. They are only view abl e on the secure PGP screen after decryption.

Messages en cry pted wit h th e Secur e Vie wer o pti on e nable d

72 PGP for Windows 95, 98, and NT

Using PGP for Secure File Storage

Signing and decrypting files with a split key

Once a key is spl it amon g mult iple sh arehold ers, attempti ng to si gn or decry pt with it will cause PGP to automatically attempt to rejoin the key. There are two ways to rejoin the key, locally and remotely.

To rejoin key shares locally requires the shareholders presence at the rejoining computer. Each shareholder is required to enter the passphrase for their key share.

To rejoin key s hares r emote ly requ ires t he rem ote shar eholder s to a uthen ticate and decrypt th eir keys befo re sending the m over the networ k. PGP's Transpo rt Layer Secur ity (TLS) provides a secure link to transmit key shares which allows multiple individuals in distant locations to securely sign or decrypt with their key share.

IMPORTANT:



should verify each shareholder’s fingerprint and sign their public key to ensure that their authenticating key is legitimate. To learn how to verify a keypair, see “Verify with a digital fingerprint” on page 53.

Before rece iving key shares over the network, you

To sign or decr ypt f iles with a split ke y

1. Contact each shareholder of the split key. To rejoin a key shares locally, the shareholders of the key must be present.

To collect ke y shares over the network, ensure that the remote shareholders are prepared to send their key share file. Remote shareholders must have:

• their key share file and password

• a public key (for authentication to the computer that is collecting the key shares)

• a network connection

• the IP address or Domain Name of the computer th at is collecting the key shares

2. At the rejoin i n g computer, use the Windows Explorer to select the fi l e(s) that you want to sign or decrypt with the split key.

3. Right-click on the file(s) and select Sign or Decrypt from the PGP menu. The PGP Enter Passphrase for Selected Key dialog box appears with the

split key selected.

4. Click OK to reconstitute the selected key.

User’s Guide 73

Using PGP for Secure File Storage

The Key Share Collection dialog box appears, as in Figure 5-4.

5. If you are collecting the key shares locally, click Select Share File and then locate the share files associated with the split ke y. The share fil e s can be collected from the hard drive, a floppy disk, or a mounted drive. Continue with step 6.

If you are collecting key shares over the network, click Start Network. The Passphra se di alog box opens. In the Signing Key box, se lect the

keypair that you want to use fo r authenti cation to the remot e system and enter the passphrase. Click OK to prepare the computer to receive the key shares.

The status of the transaction is displayed in the Network Shares box. When the status changes to “Listening,” the PGP application is ready to receive the key shares.

At this time, the sharehol ders must send their key share s. To learn how to send key shares to the rejoining comput er, see “To send your key share

over the network” on page 75.

When a key is received, the Remote Authentication dialog box appears, as shown in Figure 5-5.

74 PGP for Windows 95, 98, and NT

Figure 5-4. Key Share Collection dialog box

Using PGP for Secure File Storage

Figure 5-5. Remote Authentication dialog box

If you have not signed the key that is being used to authenticate the remote system, the key will be considered invalid. Although you can rejoin the split key with an invalid authenticating key, it is not recommended. You should verify each shareholder’s fingerprint and sign their publ ic key to ensure th at the authenticating key is legitimate.

Click Confirm to accept the share file.

6. Continue collecting key shares until the value for Total Shares Collected matches the value for Total Shares Needed in the Ke y Shares Collection dialog box.

7. Click OK. The file is signed or decrypted with the split key.

To send you r key sh are ov er the net work

1. When you are contacted by the person who is rejoining the split key, make sure that you have these items:

• the key share file and password

• a keypair (for authentication to the computer th at is collecting the key shares)

• a network connection

• the IP address or Domain Name of the rejo ining comput er collectin g the key shares

User’s Guide 75

Using PGP for Secure File Storage

2. Select Send Key Shares on the PGPkeys File menu. The Select Share File dialog box appears.

3. L ocat e your key share and then click Open. The PGP Enter Passphrase dialog box appears.

4. Enter your passphrase and th e n click OK. The Send Key Shares dialog box appears, as in Figure 5-6.

5. Enter the IP ad dress or the Domain Name of th e rejoining computer in the Remote Address text box, then click Send Shares.

The status of the transaction is displayed in the Network Status box. When the status changes to “Connected,” you are asked to authenticate yourself to the rejoining computer.

The Remote Authentication dialog box appears asking you to confirm that the remote computer is the one to whom you want to send your key share.

6. Click Confirm to comple te the transaction. After the remote computer receives your key shares and confirms the

transaction, a message box appears stating that the shares were successf ully sent.

7. Click OK.

8. Click Done in the Key Shares window when you have completed sending your key share.

76 PGP for Windows 95, 98, and NT

Figure 5-6. S end Key Share s di alo g box

Using PGP Wipe to d e le t e f il e s

The Wipe item on PGPtools deletes files and their contents. The Wipe fea ture is a secure way of permanently removing a file and its contents from the hard drive of your computer. Whe n you delete a file normally by plac ing it in the Trash, the name of the file is removed from the file direc tory, but the data in the file s tays o n the disk. Wipe r emove s all t rac es of a fil e’s dat a so t hat n o o ne can use a software tool to recover the fil e .

To permanent ly de lete a fil e using the PG P right- click menu

1. In the Windows Explorer, select the file or f iles that you want to wipe. To stop wiping th e file before the task is completed, click Cancel.

Using PGP for Secure File Storage

NOTE:



file behind.

2. Right-click on the file and then choose Wipe from the me nu. A confirmation dialog box appears.

3. Click OK to permanently erase the file.

Clicking Cancel during file wipe can leave r emnan ts of the

To permanent ly de lete a fil e using PGPtool s

1. In the Windows Explorer, select the file or f iles that you want to wipe.

2. Drag the file onto the Wipe button ( ) in the PGPtools window. A confirmation dialog box appears.

3. Click OK to permanently erase the file. To stop wiping th e file before the task is completed, click Cancel.

NOTE:



file behind.

Even on systems with virtual memory, PGP correctly writes over all the contents of the fil e. It is wort h noti ng th at so me appl ic ation pr ogra ms sav e the file prior to encrypting it and may have leave fragments of the file on your disk in locations which are no longer consid ered pa rt of the file. For more information, see “Swap files or virtual memor y” on page 161. You can use the PGP Freespace Wipe feature to wipe all free space on your disk to solve this problem. See the next section for information about Freespace Wipe. Also, be aware that many programs automatically save fil e s in progress, so there may be back-up copies of the file that you want to delete.

Clicking Cancel during file wipe can leave r emnan ts of the

User’s Guide 77

Using PGP for Secure File Storage

Using the PGP Free Space Wiper to clean free space on your disks

As you create a nd delete files on your computer, the data contained in those files re main s on t he dri ve. P GPt ools c an be use d to sec ure ly wipe t he d at a in a file before it is deleted to negate the possibility of the data ever being recovered.

Many programs create temporary files while you edit the contents of the documents. These files are deleted when you close the documents but the actual document data is left scattered about your drive. To h e lp reduce the chance that your document’s data can later be recovered, Network Associates recommends that you securely wipe the free space on your drives as well as securely deleting sensitive documents.

To wipe free space on your disks

WARNING:



be turned of f an d al l appl icat ion s on t he volume or disk th at yo u wan t to wipe must be clo s e d.

1. Open the PGPtools application.

2. Click the Wipe Free Space button ( ) in the PGPtools window. The PGP Free Space Wiper Welcome screen appears.

3. Read the information carefully, then click Next to advance to the next dialog box.

The PGP Free Space Wiper prompts you to select the volume you want to wipe and the number of passes you want to perform.

4. In the Volume box, selec t the disk or v ol ume that y ou wa nt PGP to w ipe . Then, select the number of pas ses that you want PGP to perform. The recommended guidelines are:

• 3 passes for personal use.

• 10 passes for commercial use.

• 18 passes for military use.

• 26 passes for maximum security.

Before running the PGP Free S pace Wiper, file s haring must

NOTE:



recover data that has been over written up to 9 times. PGP uses highly sophisticated patterns during each wipe to ensure that your sensi t ive da t a ca nnot be rec ov e re d .

78 PGP for Windows 95, 98, and NT

Commercial data recovery companies have been known to

Using PGP for Secure File Storage

5. Click Next to continue. The Perform Wipe d ialog box opens, as shown in Fi gu re 5- 7, and displays

statistical information about the drive or volume you selected.

Figure 5-7. Free Space Wipe

(Perform Wi pe di al og box)

6. Click the Begin Wipe button to start freespace wiping your disk or volume.

The PGP Free Space Wiper scans and then wipes leftov er fragments from your disk or volume.

7. When the wipe session ends, click Finish.

User’s Guide 79

Using PGP for Secure File Storage

80 PGP for Windows 95, 98, and NT

Managing Keys and Setting

Preferences

This chapter explains how to examine and manage the keys stored on your keyrings. It also describes how to set your preferences to suit your particular computing environment.

Managing your keys

The keys you crea te, as well as those you collect from others, are stored on keyrings, which are essenti ally files stored on your hard drive or on a floppy disk. Normally your private keys are stored in a file named secring.skr and your public keys are stored in another file named pubring.pkr. These files are usually located in the PGP Keyrings folder.

NOTE:



and your passphrase being uncompromised, there is no danger in leaving your keyrings on your computer. However, if you are not comfortable storing your keys in the default l o cation, you can choose a differen t file name or locat ion. For d etails , see “Setting your preferences,” later i n th is ch a p t e r.

Occasionally , you may want to examine or ch ange the attributes associated with your keys. For instance, when you obtain someone’s public key, you might want to identify its type (either RSA or Diffie-Hellman/DSS), check its fingerpr int, or det ermin e its va lid ity based on any digi tal si gnatu re s incl uded with the key. You may also want to sign someone’s public key to indicate that you believe it is valid, a ssign a level of trust to the key’s owner, or ch ange a passphrase for your private key. You may even want to search a key server for someone’s key. You perform all of these key-management functions from the PGPkeys window.

As a result of your private key being encrypted autom atic ally

User’s Guide 81

Managing Keys and Setting Preferences

The PGPkeys window

To open the PGPkeys application, click Start-->Programs-->PGP-->PGPkeys, or click the PGPtray icon in the System tray and then click Launc h PG Pkeys .

The PGPkeys window (Figure 6-1) displays the keys you have created for yourself, as well as any public keys you have added to your public keyring.

A key and user icon ( ) represent the private and public key pairs you have created for yourself, and single keys ( ) represent the public keys you have collected from others. If you have more than one type of key, you will notice that RSA-type keys are silver keys and Diffie-Hellman/DSS keys are gold keys.

By clicking on the plus sign at the left side of the key icon, you can expand the entries to reveal the user ID and email address for the owner of the key as represented by the envelope ico ns ( ). By clicking the plus sign next to an envelope icon, you can see the signatures of any user s who have certified the user ID. If you don’t want to expand each key indi vidually, simply sele ct the keys of intere st and then choose Expand Selecti on from the Edit menu.

82 PGP for Windows 95, 98, and NT

Figure 6-1. PGPkeys window

PGPkeys attribute definitions

Some of the attrib utes as so c i at e d w i th keys ca n be d isplay e d i n th e ma i n PGPkeys window. Yo u can choose which attributes you want to make visib le by selecting them in the View menu. For each selec ted item in the Vi ew menu, PGPkeys displays a column in the main window. If you want to change the order of these columns, click and drag the header of the column you want to move.

Managing Keys and Setting Preferences

Keys

Validity

Shows an iconic r epresent ation of the key along wit h the user name and emai l addre ss of the owner, and th e name s of t h e key’s signer s .

Indicates t he level of confidence t hat the key actually belongs to the alleged owner. The validi ty is based on who has s igned the key and how well you trust the signer(s) to vouch for the authenticity of a key. The public keys you sign yourself have the highest level of validity, based on the assumption that you only sign someone’s key if you are totally convinced that it is valid. The validity of any other keys, which you have not personally signed, depends on the level of trust you have granted to any other users who have signed the key. If there are no signatures associated with the key, then it is not consider ed val id, an d a mess age i ndica ting t his f act app ear s whenever you encrypt to the key.

Validity is in dicated by either circle or bar icons, dependi ng upon your Advanced Preferences “ D isplay marginal val idi ty level” setting (see “ To set advanced

preferences” later in this chapter). If set, then validity appears as:

, an empty bar for invalid keys

, a half-filled bar for marginall y valid keys , a filled bar for valid keys that you do not own , a striped bar for valid keys that you do own

If not set, then validity appears as:

, a gray circle for invalid keys and marginally valid keys if the Advanced

Preferences “Tr eat marginally val id keys as invalid” is set

, a green circle for valid keys that you do not own

In a corporate env ir onm ent, your security officer may sign users’ keys with the Corporate Sign ing Key. Keys signed with the Corporate Signing Key are usual ly assumed to be com pletely valid. See Chapter 3, “ Making and Exchanging Keys,” for more informati on.

Size

Shows the number of bits used to construct the key. Generally, the larger the key, the less chance that it will ever be compromised. However, larger keys require slightly more time to encrypt and decrypt data than do smaller keys. When you create a Diffie-Hellman/DSS key, there is one number for t he Diffie-Hellman port ion and another number for the DSS portion. The DSS portion is used f or signing, and the Diffie-Hell m an portion for encryption.

User’s Guide 83

Managing Keys and Setting Preferences

Description

Additional Decryption Key

Key ID

Trust

Expiration

Creation

Describes the t ype of information displayed in the Keys c olumn: key type, type of ID, or signature type.

Shows whether the key has an associated Additional Decryption Key.

A unique identifyin g num ber associated with each key. This identification number is useful for distinguishing between two keys that share the same user name and email address.

Indicates the level of trust you have granted to the owner of the key to serve as an introducer for the public keys of others. Thi s trust comes i nto play when you are unable to verify the validi ty of someone’s public key for yourself and instead rely on the judgment of other users who have sign ed the key. When you cr eat e a key pair, they are considered implicitly tr ustworthy, as shown by the st riping in the tr ust and validity bars, or by a green dot and user icon.

When you receive a public ke y that has been signed by another of the user’s keys on your public keyring, the level of authenticity is based on the trust you have granted to the signer of that ke y. You assign a l evel of tru st, ei ther Tr usted, Margi nal, or Untr usted, in the Key Properties di alog box.

Shows the date when the key will expire. Most keys are set to Never; however, there may be instances when the owner of a key wants it to be used for only a fixed period of time.

Shows the date when the key was originally created. You can sometimes make an assumption about the validity of a key based on how long it has been in circulation. If the key has been in use for a while, it is le ss li kely that someone will try to replace it because there are many other copies in circulation. Never re ly on creation dates as the sole indicator of validity.

84 PGP for Windows 95, 98, and NT

Examining a key’s properties

In addition to the general attributes shown in the PGPkeys window, you can also examine and change other key and subkey properties. To access the properties for a particular key, select the desired key and then choose Properties from the Keys menu.

Managing Keys and Setting Preferences

Figure 6-2. PGPkey property page

(General properties dialog box)

User’s Guide 85

Managing Keys and Setting Preferences

General key pro p erties w indo w

Key ID

Key Type Key Size Created Expires

Cipher

Join Key

Enabled

A unique identifying number associ ated with each key. This identi fication numbe r is useful for distinguishing bet ween two keys that share the same user name and email address.

The key type, either RSA or Diffie-Hellman/DSS. The size of the key. The date when the key was created. The date when the key expires. O wners specify this date when they create their keys,

and the value is usua ll y set to Never. However, some keys are set to expire on a particular date if the owner wants them to be used for a limited period of time.

CAST, Triple DES, or IDEA. This is the “p referred” encryption algorithm by which the owner of the key requests that you e ncrypt to his public key. If this algorithm is allowed in your Advanced preferences, it will be used whenever encrypting to this key.

Opens the Key Share Colle ction dialog box. Avai lable for split keys only. See “Signing

and decrypti ng files with a split key” on page 73 for information about rejoining split

keys. Indicates whether the key is currently enabled. When a key is disabled, i t is dimmed in

the PGPkeys window and is not available for performing any PGP functions except Decrypt and Veri fy. However, the key remains on your keyring and you can enable it again at any time. To enable or disable a key, select or clear the Enabled check box. (The check box is not vi sible for implicitly trusted keys.) This feature is useful for preventing seldom-u sed ke ys from cl ut tering up t he Ke y Select ion di alog box whe n you are sending encrypted email.

Change Passphrase

Fingerprint

Trust Model

86 PGP for Windows 95, 98, and NT

Changes the passphrase for a private key. If you ever think that your passphrase is no longer a secret , cl ick this button to enter a new passphrase.

It is a good idea to change your passphrase every 6 months or so. For instruct ions on changing your passphrase, see “Changing your Passphrase,” later in this chapter.

A unique identification number that is generated when the key is created. This is the primary means by which you can check the authenticity of a key. The best way to check a fingerpr int is to have the owner read thei r fi ngerprint to you over the phone so that you can compare it with the fingerprint shown for your copy of thei r public key.

Indicates the validity of the key based on its certification and the l evel of trust you have in the owner to vouch for the authenticity of someone else’s public key. You set the trust level by sliding the bar to the appropriate level (Trusted, Marginal, or Untrusted). The bar is disabled for revoked, expired, and implicitly trusted keys.

Managing Keys and Setting Preferences

Subkey properties window

Valid From Expires

Key Size New

Revoke

Remove

The date when the subkey becomes active. The date when the subkey expires. Owners specif y this date when they create their

subkeys. Subkeys are usually activ e for a limited period of tim e. The size of the subkey. Creates a new subkey. For information abou t creating a new subkey, see “Creat ing

new subkeys” on page 41.

Revokes the currently selected enc ryption subkey. After you revoke the subkey and redistribute your key, others will no longer be able to encry pt dat a to this subkey.

Permanently r emoves the curr entl y select ed en cryption s ubkey . This proc edure cann ot be undone. Any data that is encrypted to the select ed subkey can longer be decrypted.

TIP:

Use the Revoke option (described above) if you want to disable the subkey and update the key server. Once a subkey has been sent to t he server, it cannot be removed.

Specifying a default key pair

When encrypt ing messages or fil e s, PGP gives you the op tion to additionally encrypt to a key pair that you specify as your default key pair. When you sign a message or someone’s public key, PGP will use this key pair by default. Your default key pair is displayed in bold type to distinguish them from your other keys. If you have only one key pair on your keyring, it is automatically designated as your default key pair. If you have more than one key pair, you may want to specifically designate one pair as your default pair.

To specify yo ur def ault key pair

1. Open the PGPkeys application.

2. Highlight the key pair you want to designate as your default pair.

3. Choose S e t D e f ault fro m the Keys menu. The selected key pair is displayed in bold type, indicating th at it is now

designated as your default key pair.

User’s Guide 87

Managing Keys and Setting Preferences

Adding a ne w user name or add ress to a ke y pair

You may have more than one user name or email address for which you want to use the same key pair. After creating a new key pair, you can add alternate names and addres ses to the keys. You can on ly add a new u ser name or emai l address if you have both the private and public keys.

To add a new user n ame or address t o an exi sting ke y

1. Open the PGPkeys application.

2. Select the key pair for which you want to add another user name or address.

3. Choose Add/Name from the Keys menu. The PGP New User Name dialog box appears (Figure 6-3).

4. Enter the new name and email address in the appropriate fields, and then Click OK.

The PGP Enter Passphrase dialog box appears.

5. Enter you r p a ss p h r ase, th e n c li c k OK . The new name is added to the end of the user name list associated with

the key. If you want to set the new user name and address as the primary identifier for your key, select the name and address and the n choose Set as Primary Name from the Keys menu.

88 PGP for Windows 95, 98, and NT

Figure 6-3. PGP New User Name dialog box

Verifying someone’s public key

In the past i t was difficul t to know for certain whether a key belonged to a particular individual unless that person physically handed the key to you on a floppy disk. Exchanging ke ys in this manne r is not usually pract ical, especially for users who are located many miles apart.

There are several ways to check a key’s fingerprint, but the safes t is to call the person and ha ve them read the fingerprint to you over the phone. Unless the person is a targ et of an atta ck, it is high ly unlike ly that someon e would be able to intercept this random call and imitate the per son you expect to hear o n the other end. You can also compare the fingerprint or photograph on your copy of someone’ s pu bli c key t o the f ing er prin t o r phot ogra ph on t hei r ori gi nal key on a public server.

To check a pu blic key with its d igital f inger print

1. Open the PGPkeys application.

2. Highlight the public key that you want to verify.

3. Choose Properties from the Keys menu or click to open the Properties dialog box.

Managing Keys and Setting Preferences

The Properties dialog box open s, as shown in Figure 6-4.

Figure 6-4. PGP Prope rties dialog box

User’s Guide 89

Managing Keys and Setting Preferences

4. Use the characters dis played in the Fi ngerprint text box to compare wit h the original fingerprint.

Signing someone’s public key

When you create a set of keys, the keys are automatically signed using your public key. Similarly, once you are sure that a key belongs to the proper individual, you can sign that person’s public key, indicating that you are sure it is a valid key. When you sign someone’s public key, an icon associated with your user name is shown for that key.

To sign someon e’s public k ey

1. Open the PGPkeys application.

2. Highlight the public key that you want to sign.

3. C hoo se Sign from the Keys menu or click to open the Sign Keys dialog box.

The Sign Keys dialog box appears (Figure 6-4) with the public key and fingerprint displayed in the text box.

4. C lic k “A llow signa ture to be Exported...” che ck box, to allow your signature to be exported with this key.

An exportable signature is one that is allowed to be se nt to servers and travels with the key whenever it is exported, such as by dragging it to a n email messag e. The c heck b ox provi de s a shor thand means of indi ca ting that you wish to export your signature.

90 PGP for Windows 95, 98, and NT

Figure 6-5. PGP Sign Keys dialog box

(fewer Choices)

Managing Keys and Setting Preferences

Click the More Choi ces button to configure op tions, such as signature type and signature expiration (Figure 6-6).

Figure 6-6. PGP Sign Keys dialog box

(More Choices)

Choose a signatur e type to sign the public key with. Your options are:

Non-exportable.

•

Use this signature when you believe the key is valid but you don’t want others to rely on your ce rtification. This signature type cannot be sent with the associated key to a key server, or exported in any w ay.

Exportable.

•

Use exportable signatures in situations where your signature i s sent with the key to th e key server so th at others can rel y on your signature and trust your keys as a result. This is equivalent to checking the “Allow signature to be exported.. .”check box on the Sign Keys menu.

Meta-Introducer.

•

Certifies that this key and any keys signed by this key with a Trusted Introducer Validity Asser tion are fully t ru sted introducers to you. This signature type is non-exportable.

Trust e d Introducer .

•

Use this signature in situations where you certify t hat th is ke y is v ali d, an d that t he owner of the k ey sh ould be completely tr u s te d to vouc h for other keys. This signatu r e ty p e is exportable. You can restrict the validation capabilities of the trusted introducer to a particular email domain.

User’s Guide 91

Managing Keys and Setting Preferences

5. Click the Sign button. The Passphrase dialog box appears.

6. Enter your passphrase, then click OK. An icon assoc i ated wit h yo ur use r n ame i s now inc l uded with the p ubl ic

key that you just signed.

Granting trust for key validations

Besides c ertif ying th at a key belongs to so meone, you can a ssign a leve l of t rust to the user of th e keys indicating how well you trus t them to act as an introducer to others whose keys you may get in the future. This means that if you ever get a key from someone that has been s igned by an individual w hom you have designated as trustworthy, the key is considered valid even though you have not done the check yourself.

To grant t rust f or a ke y

1. Open the PGPkeys application.

2. In the PGPkeys window, se lect the key for which you want to ch ange the trust level.

NOTE:



it. If you have not already signed the key, see “Signing the public

key” on page 53 for instructions.

3. Choose Properties from the Keys menu or click to open the Properties dialog box, as in Figure 6-4.

4. Use the Trust Lev el slid ing bar to choo se the a ppropri ate le vel of trust fo r the key pair.

Figure 6-7. Trust Level dialog box

5. Close the dialog box to accept the new setting.

92 PGP for Windows 95, 98, and NT

You must sign the key befo re you can set the trust level for

Disabling and enabling keys

Sometimes you may want to temporarily disable a key. The ability to disable keys is useful when you want to retain a public key for future use, but you don’t want it clutter ing up your recipient list every ti me you send mail.

To disable a k ey

1. Open the PGPkeys application.

2. In the PGPkeys window, selec t the key y ou want to d is able.

3. Select Disable in the Keys menu. The key is dimmed and is temporarily unavailable for use.

To enable a ke y

1. Open the PGPkeys application.

2. Se lect the key you want to enable.

3. S ele ct En able in the Keys menu. The key becomes visible and can be used as before.

Managing Keys and Setting Preferences

Deleting a key, signature, or user ID

At some point y ou may want to remove a key, a signatu re, or a user ID associated wi th a particular key.

NOTE:



removed and not recoverable. Signatures and user IDs can be r e-added to a key, and an imported public key can be re-imported to your keyring. However, a private key that exists only on that keyring cannot be recreated, and all message s encrypted to its pu b lic key copies can no longe r be decryp t ed.

To delete a ke y, signatur e, or user ID

1. Open the PGPkeys application.

2. Select the key, signature, or user ID you want to delete.

3. Choose Delete from the Edit menu or click in the PGPkeys toolbar. The Confirmation dialog box appears.

4. Click the OK button.

When you delete a key, signature, or user ID from a key, it is

User’s Guide 93

Managing Keys and Setting Preferences

Changing your Passphrase

It’s a good pr actice to change your passp hrase at regular intervals, perhaps every three months. More importantly, you should change your passphrase the moment you think it has been compromised, for example, by someone looking over your shoulder as you typed it in.

To change yo ur pa ssphr ase

1. Open the PGPkeys application.

2. Highlight your key listed in the PGPkeys window.

3. Choose Properties from the Keys menu or click to open the Properties dialog box.

The Properties dialog box appear s (see Figure 6-4).

4. Click Change Passphrase. The Passphrase dialog box appears.

NOTE:



must first rejoin the key shares. Click Join to col lect the key shares. See “Signing and decrypting f iles with a split key” on page 73 for information about collecting key shares.

5. Enter your current passphrase in the space provided, then click OK. The Change Passphrase dialog box appears.

6. Enter your new passphrase in the first text box. Pr ess the Tab key to advance to the next tex t box and confirm your entry by entering your new passphrase again.

7. Click OK.

WARNING:



your passphrase has been compromised, you should wipe all backup keyrings and wipe your freespace.

If you want to chan ge the passphra se f or a split key, you

If you are changing your passphrase because you feel that

94 PGP for Windows 95, 98, and NT

Importing a nd E xport ing Key s

Although you often distribute your public key and obtain the public keys of others by cu tting and pasting the raw text from a public or corporate key server, you can also exchange keys by importing and exporting them as separ a te te xt file s. Fo r ins tance , so m e one co ul d h a n d y o u a di s k containing their public key, or you might want to make your public key available over an FTP server.

To i

mport a k ey from a f ile

1. Open the PGPkeys application.

2. Choose Import from the Keys menu. The Import dialog box appears.

3. Select the file that contains the key you want to import, then click Open. The Import Selection dialog box appears.

4. Se lect the key(s) that you want to import to your keyring, then click the Import button.

5. The imported key(s) appears in the PGPkeys window, where you can use it to encrypt data or to verify someone’s digital signature.

Managing Keys and Setting Preferences

To add a key f rom an email message

If a colle ague sends you an email message with their k e y enclosed (as a block of text) you can add it to your keyring.

1. While the email message window is open, open the PGPkeys window.

2. Tile the two windows so that you can see par t of the PGPkeys win dow beh in d the me ss a g e wi ndow.

3. Select the key text, including the BEGIN PGP PUBLIC KEY BLOCK and END PGP PUBLIC KEY BLOCK text, and drag the text onto the PGPkeys window.

The Import Selection dialog box appears.

4. Se lect the key(s) that you want to import to your keyring, then click the Import button.

5. The imported key(s) appears in the PGPkeys window, where you can use it to encrypt data or to verify someone’s digital signature.

User’s Guide 95

Managing Keys and Setting Preferences

To export a key to a file

1. Open the PGPkeys application.

2. Se lect the key you want to export to a file.

3. Choose Export from the Keys menu. The Export dialog box appears.

4. Enter the name of the fi le or navigate to the file which you want the key to be exported and then click Save.

The exported key is saved to the named file in the specified folder location.

Revoking a key

If the situation ever arises that you no longer trust your personal key pair, you can issue a revocation to the world telling everyone to stop using your public key. The best way to circulate a revoked key is to place it on a public key server.

To revoke a k ey

1. Open the PGPkeys application.

2. Se lect the key pair you want to revoke.

3. Choose Revoke from the Keys menu. The Revocation Confirmation dialog box appears.

4. Click OK to confirm your intent to revoke the selected key. The PGP Enter Passphrase dialog box appears.

5. Enter your passphrase, then click OK. When you revok e a key, it is c ros sed ou t wi th a r ed line to i ndi cat e that i t

is no longer valid.

6. Send the revoked key to the server so everyone will know not to us e your old key.

It is possible that you might forget your passphrase someday or lose your privat e key. In whi ch case , you wou ld ne ver b e able to use y our key a gain, and you would have no way of revoking your old key when you create a new one. To safeguard against this possibility, you can appoint a third-party key revoker on your public keyring to revoke your key. The third-party you designate will be able to revoke your DH/DSS key, send it to the server and it will be just as if you had revoked it yourself.

96 PGP for Windows 95, 98, and NT

Managing Keys and Setting Preferences

To appoint a desig nated revo ker

1. Open the PGPkeys application.

2. Select the key pair for which you want to designate a revoker.

3. Select Add/Revoker from the Keys menu. A dialog box opens and displays a list of keys.

4. Select the key(s) in the User ID list that you want to appoint as a designated revoker.

5. Click OK. A confirmation dialog box appears.

6. Click OK to continue. The Passphrase dialog box appears.

7. Enter your passphrase, then click OK.

8. The selected key(s) is now authorized to revoke your key. For effective key management, distribute a current copy of your key to the revoker(s) or upload your key to the server. See “Distributing your public key” on

page 46 for instruction s.

User’s Guide 97

Managing Keys and Setting Preferences

Setting your preferences

PGP is configured to accommodate the needs of most users, but you have the option of adjusting some of the settings to suit your particular computing environment. You specify these settings through the Preferences dialog box, which you ca n access by choosing Preferences from the PGPkeys Edit menu.

To set gener al pre ferenc es

1. Open the PGPkeys application.

2. I n the PGPkeys Edit menu, select Preferences.

The Preferences menu opens with the General pane showing (Figure 6-8).

3. Select general encryption settings from the General pane. Your options are:

Always Encrypt to Default Key.

• the email messages and file attachments y ou encrypt with a recipient’s public key are also encrypted to you using your default public key. It is useful to leave this setting turned on so that you have the option of decrypting the contents of any email or files you have previously encrypted.

98 PGP for Windows 95, 98, and NT

Figure 6-8. PGP Preferences dialog box

(General pane)

When this setting is selected, all

Managing Keys and Setting Preferences

Fast er Key Gene ration.

•

When this setting is selected, less time is required to generate a new Diffie-Hellman/DSS key pair. This process is speeded up by using a previously calculated set of prime numbers rath e r than going through the time-consuming process of creating them from scratch each ti me a new key is generated. However, remember that fa st k ey generation is only imple mented for the fixed key sizes above 1024 and below 4096 provided as options when you create a key, an d is not used if you e nter some other value. Although it would be unlikely for anyone to crack your key based on their knowledge of these canned prime numbers, some may want t o spe nd the ex tra ti me to crea te a k ey p air with the max imum level o f sec u rity.

The general belief in the crypto graphic comm unity is that using canned primes provides no decrease in security for the Diffie-Hellman/DSS algorithms. If this feature makes you uncomfortable, you may turn it off. For more information, read the FAQ located on the Network Associates website.

Cache Decryption Passphrases for...

•

When this setting is selected, your d ecrypti on passp h rase is a u to matic a ll y st ored in y our computer's memory. Specify the frequency (in hours: minutes: seconds) in which you want to save your passphrase. The default setting is 2 minut e s.

Cache S ignin g Pass phr ases f or.. .

•

When this setting is selected, your signing passph rase is automatically stored in your computer's memory. Specify the frequency (in hours: minutes: seconds) in whi ch y o u wa n t to sa ve you r s i g ni n g passp hrase. The de fa u lt setting is 2 minut e s.

Comment

•

Block. You can add y our comment text in this area. The text will always be included in messages and files that you encrypt or sign.

Warn Before Wiping Files.

•

When this setting is se l e cted, a d ialog box appears before you wipe a file to give you one last chance to change your mind before PGP securely overwrites the contents of the file and deletes it from your computer.

4. Click OK to sa ve y o u r cha n ges an d re turn to the P G P k ey s me n u or choose another tab to continue co nfiguring your PGP preferences.

User’s Guide 99

Managing Keys and Setting Preferences

To set fil e preferen ces

Use the Files pane to specify the l ocation of the keyrings used to store your private and public keys.

1. Open the PGPkeys application.

2. Select Preferences from the PGPkeys Edit menu, then click the Files tab. The Preferences menu opens with the Files pane showing (Figure 6-9).

3. Use the buttons li ste d in th e Fi les pan e t o set the ap pr opria te l ocati o n for your public and private keyrings, and/or random seed file:

Public Keyring File.

• where the PGP program expects to find your public keyring file. If you plan to s tore your public keys in a file with a diffe rent name or in some other location, you specify this informat ion here. The location y ou s pecif y wil l al so b e us ed to sto re al l auto mat ic b ack ups of the public keyring.

100 P GP for Windows 95, 98, and NT

Figure 6-9. PGP Preferences dialog box

(Files pane)

Shows the curren t loca tion an d name of th e file

PGP 6.0 User’s Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

PGP Windows 95, 98, and NT

User’s Guide

Version 6.0

Table of Contents

Preface

How to contact Network Associates

Customer service

Technical support

Network Associates training

Comments and feedback

Recommended Readings

Introducing PGP

What’s new in PGP version 6.0

Using PG P

A quick overview

Basic steps for using PGP

Getting Started

Running PGP

Using PGP from supported email applications

Using PGP/MIM E

Using PGP from th e P GPtoo ls appl ica tio n

Using PGP f rom the Windo ws E xplo rer

Selectin g reci pi ents

Taking shortc uts

PGPkeys icon definitions

Key concepts

Making a key pair

Creating a passphrase that you will remember

Adding a photographic ID to your key

Creating new subkeys

Key Splitting

Protecting your keys

Distributing your public key

Including your public key in an email message

Exporting your public key to a file

Obtaining the public keys of others

Getting public keys from a key server

Adding public keys from email messages

Importing a public key from a file

Verifying the authenticity of a key

Signing the public key

Getting public keys through trusted introducers

Encrypting and signing email

Encryptin g an d si gn ing with s upport ed ema il app licat i ons

Encryptin g email to groups of reci pient s

Decrypting and verifying email

Using PGP to encrypt and decrypt files

Signing and decrypting files with a split key

Using PGP Wipe to d e le t e f il e s

Using the PGP Free Space Wiper to clean free space on your disks

Managing your keys

The PGPkeys window

Examining a key’s properties

Specifying a default key pair

Verifying someone’s public key

Granting trust for key validations

Disabling and enabling keys

Deleting a key, signature, or user ID

Changing your Passphrase

Importing a nd E xport ing Key s

Revoking a key

Setting your preferences