What does PGP mean? What does it do?
Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting, and decrypting texts, e-mails, files, directories and whole disk partitions and to increase the security of e-mail communications. PGP and similar software follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data.If you are already familiar with what PGP is, you may be ready to skip ahead to the section on how to use it.
GNU Privacy Guard
GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories.
We recommend using GnuPG, regardless of your current operating system.
However, the best explanation of it I've seen can be found below:
That does a pretty good job of explaining why you can trust it almost entirely (if you want to go beyond a reasonable doubt, the entire source code is freely available). But this guide doesn't go anything into how exactly I'm meant to get from this:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - From here on out, we will cryptographically sign all messages with this key. It is available on the mit keyservers. Key ID 7A35090F, as posted in a2e7j6ic78h0j. Patience is a virtue. Good luck. 3301 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBAgAGBQJPBRz7AAoJEBgfAeV6NQkP1UIQALFcO8DyZkecTK5pAIcGez7k ewjGBoCfjfO2NlRROuQm5CteXiH3Te5G+5ebsdRmGWVcah8QzN4UjxpKcTQRPB9e /ehVI5BiBJq8GlOnaSRZpzsYobwKH6Jy6haAr3kPFK1lOXXyHSiNnQbydGw9BFRI fSr//DY86BUILE8sGJR6FA8Vzjiifcv6mmXkk3ICrT8z0qY7m/wFOYjgiSohvYpg x5biG6TBwxfmXQOaITdO5rO8+4mtLnP//qN7E9zjTYj4Z4gBhdf6hPSuOqjh1s+6 /C6IehRChpx8gwpdhIlNf1coz/ZiggPiqdj75Tyqg88lEr66fVVB2d7PGObSyYSp HJl8llrt8Gnk1UaZUS6/eCjnBniV/BLfZPVD2VFKH2Vvvty8sL+S8hCxsuLCjydh skpshcjMVV9xPIEYzwSEaqBq0ZMdNFEPxJzC0XISlWSfxROm85r3NYvbrx9lwVbP mUpLKFn8ZcMbf7UX18frgOtujmqqUvDQ2dQhmCUywPdtsKHFLc1xIqdrnRWUS3CD eejUzGYDB5lSflujTjLPgGvtlCBW5ap00cfIHUZPOzmJWoEzgFgdNc9iIkcUUlke e2WbYwCCuwSlLsdQRMA//PJN+a1h2ZMSzzMbZsr/YXQDUWvEaYI8MckmXEkZmDoA RL0xkbHEFVGBmoMPVzeC =fRcg -----END PGP SIGNATURE-----
To 'I can completely trust that this message was sent from who they purport to be'?
The important bit to remember here is that with 3301's messages, they aren't encrypted. Anyone can view them. But here we have that weird block of text at the bottom, with some random weird characters that don't appear to make any sense. Effectively, this block of text is an encrypted version of the message inside. This means that when your crypto software performs a check on it, it will decrypt that text to find that a) the message was sent from the person you're checking it off with, and b) that they sent this message exactly.
If neither of these two tests return true, then the message was not sent from who this purports to be.
As with almost any kind of open source software, there's going to be multiple people who have forked and edited the source code to create their own version of it which can run on multiple platforms, support different GUIs, maybe even different encryption algorithms. The recommended implementations for each platform can be found below:
gpg4win is the commonly accepted standard. Front-ends (like Kleopatra) are known for ignoring important signs of manipulated signatures. We recommend using the command line version of GnuPG.
GnuPG may already be installed on your machine. If you do not have it installed, you can install the 'gpg' package from your package manager. We strongly recommend that you use the command line version. However, the officially supported GUI is GPA.
GPGTools is your only option here. It provides an awesome GUI and some great integration with OSX.
Choosing a PGP implementation to verify with
There are a lot of PGP implementations out there and they are not all the same. PGP is a sophisticated and complex standard and it is difficult to write proper cryptographic code that implements the standard. There are several possible issues you need to keep in mind if you want to verify a PGP signature with a high degree of confidence. One of the most unintuitive ways that a signature can appear legitimate when it really isn't is by malforming a message in various ways.
A proper implementation will let you know by printing a warning, whereas a faulty or imprecise implementation will glance over the manipulation. On this wiki, we urge you to use the GnuPG implementation of PGP. It is free software, has a long track record of reliability and can be inspected by the general public. Other implementations may not have received as much code review and are therefore more likely to contain overlooked flaws. We further urge you to use the command line version of GnuPG if possible.
It is known that front-ends like Kleopatra glance over signs of manipulated signatures and won't let you know. They are not suited for giving you all the information there is - they either ignore warnings or don't display them. It is currently believed that GnuPG detects a malformed message reliably and warns you accordingly. You should take these warnings seriously, and not ignore them.
There are some parts of a PGP clearsigned message that do not invalidate the signature. For example, you can change the version header if one is present without the signature invalidating.
How to use PGP for Cicada 3301
This, of course, is going to vary between different systems. Below I will provide the outlines of steps you can do, you should be able to find the corresponding stuff yourself in the programs.
1. GENERATE YOUR KEY PAIR
Generating a PGP key was required in 2013's puzzle. You should probably do that and upload your key to as many servers as possible.
NEVER REVEAL YOUR PRIVATE KEY TO ANYBODY.
2. GET 3301'S KEY
3301's key is officially available at MIT's keyserver . Import it to your software, you'll need it to verify any messages.
3. VERIFY ANY IMPORTANT MESSAGES
You should take a look through the writeups of the previous puzzles for signed messages. Attempt to verify these with your PGP software. For most, you should get a confirmation.
This can be done in the command line with
$ gpg --verify filename
An example can be seen here.
Note: LANG=en_US is not required. Our dear brotherBox is just German and wanted it to display in American English.
How do I make a PGP key?
NOTE: NEVER REVEAL YOUR PRIVATE KEY TO ANYBODY
NOTE: IT IS RECOMMENDED THAT YOU USE A FRESH EMAIL FOR PGP KEYS
Here is an RSA key creation worksheet, to better understand the mathematics behind key creation and encryption/decryption process
$ pgp --gen-key Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 2048 Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) 0 Key does not expire at all Is this correct? (y/N) y You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) <firstname.lastname@example.org>" Real name: Bob Smith Email address: email@example.com Comment: Hello World! You selected this USER-ID: "Bob Smith (Hello World!) <firstname.lastname@example.org>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key. Enter passphrase: ****** Repeat passphrase: ******
Extra Information For...
If you want outgoing/incoming mail to be automatically encrypted/decrypted, install the Thunderbird email client and the Enigmail add-on.
OS X Users:
Nox Populi's video on using PGP to verify cicada 3301:
How did the NSA hack our emails?
Just tell me how the PGP magic works!
Extra information on PGP:
Or, a more simple version:
- Gambling with Secrets: Part 2/8 (Prime Factorization)
- Gambling with Secrets: 8/8 (RSA Encryption)
- Encryption and HUGE numbers - Numberphile (very nicely explained the mathematics behind the RSA encryption and decryption)
RSA Calculators (How the mathematics behind key creation and encryption works in practice)
Simple Mathematics Example of RSA:
p=7 q=11 for e1 public key=13 e2 private key=37 n=p*q=77 totient(n)= (7-1)*(11-1) =60 this must be 1: 13 mod 60 x 37 mod 60 = 481 mod 60 = 1 example: clear text message = 2 encrypted message = 30 encryption: e1 2^13 = 8192 8192 mod 77 = 30 decryption: e2 30^37 = 4.5028391e+54 4.5028391e+54 mod 77 = 2
You can’t trust the key based on metadata, or even short and long key fingerprints, they can also be faked:
So always check full length fingerprint (160 bit or 40 hex characters) which you need to get from owner himself!
Efforts on breaking the keys:
CICADAS PUBLIC KEY:
Script showing math behind public and personal keys are generated
Java online script to encode and decode RSA
Not terrible online java factorization (Factorization using the Elliptic Curve Method)
2012 3301 final RSA puzzle:
Perl script that solves 2012 RSA puzzle:
- http://pastebin.com/NrDwJait (p and q values in it are factors from Triangle puzzle.)
Manual key generation:
- Upload: http://pgp.mit.edu/
Make sure you save your private key and remember (write down) the passphrase, if you lose that there is no recovery, and you won’t be able to decrypt messages you get from Cicada.
How is RSA is a part of PGP:
One of many backup servers you can use:
Base64 is a group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. The term Base64 originates from a specific MIME content transfer encoding.
Each base64 digit represents exactly 6 bits of data. Three 8-bit bytes (i.e., a total of 24 bits) can therefore be represented by four 6-bit base64 encodings.
Base 64 Table
The Base64 index table: