PGP
A quick introduction
What is it PGP?
Pretty Good Privacy
- program to allow privacy in communications
- can ensure that only the intended recipient can access a message/document
- can guarantee that you are the sender of a message/document and no one tampered it
Why would I want it?
Everyday we send each other tons of emails and documents
What can possibly go wrong???
Confidentiality
Confidentiality
Integrity
Authenticity
But it won't happen!
We might be on a private network, with our own mail and document share servers. It's fine, isn't it? That's why we have a firewall for.
Yes, probably!
But there are still ways for things to go wrong.
The question is: how much risk are we willing to accept?
Threat modeling
- how easy it is to interfere with a message?
- how much damage can be created by interfering?
- given these, how secure should it be to mitigate the damage?
Menu for team lunch
- Confidentiality: it's publicly available in front of the restaurant anyway
- Integrity: I can trick you into thinking that it's cheaper, but won't cause any real problem
- Authenticity: does it even matter here?
no protection needed at all
The new design draft
- Confidentiality: not nice to leak it, but it will go public in a couple of weeks anyway
- Integrity: tampering will probably confuse the devs and cause useless discussions, but probably nothing more
- Authenticity: probably as above
the internal file server is fine enough
Account details of suppliers
- Confidentiality: money stuff, only who deals with payments should know it
- Integrity: might trick into paying huge sums to a stranger's account!
- Authenticity: as an accountant, I shouldn't trust account details that are not really being communicated by my boss
this should be encryped to be really on the safe side
SO
do we need this encryption thingy or not??
But when you need it it's better to have it rather than treating the situation as lower risk
Most times you'll be fine.
Tools are just a mean to mitigate risk
won't solve anything without a culture of thinking about security
but
Now on for the tech
What do I need?
PGP - the components
- the program (OpenPGP, GPG, GPGTools etc..)
- a private key
- its associated public key
- possibly published on a keyserver
A message encrypted with a public key can only be opened with the paired private key
Confidentiality
- want to send message to John
- ask the keyserver for John's public key
- use that to encrypt
- only John will be able to read it, using his private key
A message encrypted with a private key can only be decrypted with the paired public key
Authenticity
- John sends a message to the mailing list
- He creates a signature for the message with his private key
- Anyone can ask the keyserver for John's public key and try to open the signature
- If it works fine it means that the sender can only be John!
Integrity
- A message signature is generated on the message
- After opening the signature, if it matches the message we're sure that no one modified it!
Cool, how do I do that?
- Signing, verifying, decrypting mail: can configure your client to do it automatically for you
- Encrypting mail: your client will probably give you the choice to send encrypted on per-mail basis
- non-mail documents: depends on the tool
- signing/verifying commits: an extra option on git's cli