Security on MITnet - Closing the Loopholes with PGP Joanne Costello Network Services Pretty Good Privacy (PGP), is high-security, cryptographic software for Macintosh, DOS, and UNIX machines. It lets you exchange files or messages over a network with both privacy and authentication. Privacy means that only those intended to receive a message can read it. By letting you encrypt messages, PGP protects against network eavesdropping. Even if a PGP-encrypted message is intercepted, the snooper won't be able to read it. By letting you sign any file or message digitally, PGP provides authentication. This ensures that messages that appear to be from a given person have in fact been sent by that person.You can also use PGP to encrypt files stored on your computer. Public and Secret Keys PGP is based on the public key cryptosystem, RSA. Unlike conventional cryptosystems, which require the same key to encrypt and decrypt a message, public key systems use two complementary keys, one public and one secret. The secret key unlocks the code made by the public key, and vice versa. Knowing one of the keys doesn't help you deduce the other. You are free to publish your public key anywhere you like, including on electronic bulletin boards, on the Web, or in e-mail. Anyone who wants to send you an encrypted message can use your public key to encrypt it, knowing that only you have the secret key that can decrypt it. You can also use your secret key to authenticate messages that you send. You "sign" your messages with your secret key, proving to the receiver that you are the true sender of the message. The recipient can then check the signature with your public key. A Slight Catch Right now, you can't trust a public key unless you first verify its authenticity. To facilitate getting trusted signatures, MIT is developing a centralized Kerberized key signer, or Certifying Authority, that would serve as the "trusted person" who would sign keys for members of the MIT community. This service should be available later in the fall. In the interim, read "How to Protect Public Keys from Tampering" in the PGP User's Guide (see below). Safeguarding Your Secret Key When you create your secret key, you are asked for a pass phrase to encrypt it. If you forget this phrase, your secret key is irretrievable. Similarly, if you lose your secret key, your public key copies are useless. For this reason, be sure to keep a backup copy. Finally, store your secret key on a machine over which you have physical control. Future Versions to Improve Ease of Use The current version of PGP, 2.6.1, is not convenient to use. You must save your message to a file, run PGP to encrypt it, and then mail the encrypted file. During the coming year, MIT hopes to make available software that will provide seamless integration of PGP with mail systems on campus. Good Passwords Still Needed While PGP provides excellent protection against eavesdroppers and impostors, it does little to protect your system from access by unauthorized individuals. You still need to choose good passwords and set sensible access controls (e.g., for filesharing). How to Get PGP Due to license restrictions, getting PGP is convoluted. You first need to get the file, README.PGP, via anonymous FTP. It's on net-dist.mit.edu in the directory /pub/PGP. README.PGP tells you where to get copies of the RSAREF and MIT license agreements. If you agree with the licenses, you then telnet (remote login, not FTP) to net-dist.mit.edu and login on the "getpgp" account. You must answer four questions, after which you'll be given the location of the PGP software. If you plan to use PGP, read Volume One of the PGP User's Guide. You can find it in the /pub/PGP directory, as pgpdoc1.txt and as pgp261dc.zip. Athena users can gain access to PGP by typing add pgp at the athena% prompt. .