 |
| |
How good is Pretty Good Privacy?
Preface
With the worlds governments snooping on their citizens' e-mail and data transactions, I decided to take a look at personal encryption in the form of Network Associates' PGP(Pretty Good Privacy) encryption software. I hope to show how and why an average individual would use PGP. One's privacy is a very sacred right that should not be trampeled on in the name of justice and if the governments of the world want to snoop then it is up to the individual to ensure his/her own privacy. The really great part about PGP by Network Associates is the basic package is free of charge! You can dowload it at http://web.mit.edu/network/pgp.html. Be warned, you must be a US citizen in the US or a Canadian citizen in Canada to download the US/Canadian version, if you live outside the US or Canada go here for the international version.
Installation
Let's not waste anymore time and dive right in to the installation of this defacto standard for personal encryption. If you are familiar with the installation or are a computer geek then just skip this section. I've tried to do this in a painful step by step process for those out there that are NOT computer savvy in the hopes that a better understanding of the installation is achieved even by the most computer illiterate person.
Step 1
Obviously download the software and remember if you have an internet connection that is outside of the USA or Canada you will not be able to download it. They check your IP before letting you download and believe me when I tell you they check!
Step 2
You must unzip the download and extract it to any place on your hard drive you prefer. If you don't have an unzip utility you can download one here.
Step 3
In the folder you extracted to, double click on the executable, you should see the following screen.
Click "next" or "yes" to the next 3 screens...read them of course but they are only informational screens.
Step 4
The next part you must fill-in your name. And a company if you want. Click "next" when you are finished. The screen shot below will help.
Step 5
Here you choose the destination folder of the install, either choose the default or browse for one. Click when you are satisfied with your choice.
Step 6
This is where you pick which components you want installed. If you don't use Outlook/Outlook Express don't install it. I must say, PGP works really well with Outlook/Outlook Express, but I've never tried Eudora so I can't say anything about that. Click next here once you've choosen.
Step 7
Well that does it for this beginning section, PGP has enough info to install the base software, click next and the program will install.
Step 8
PGP will ask if you already have an existing keyring. If you do, say yes and skip to Step 16, otherwise say no.
Step 9
Now comes the important part of the PGP installation, your key generation! I can't stress enough how important this is to your final security level. When you get to the screen asking for your name and e-mail address fill it in and click next as seen below.
Step 10
I've done some research for the next screen and most people say to choose the Diffie-Hellman/DSS option for the best encryption. Of course you can choose RSA but I don't use it so you're on your own with that choice. Click next when you make your decision.
Step 11
As you can see in the following screen the Diffie-Hellman choice leads to higher encryption levels. I usually use the 3072 bit option, but this is really overkill. 1024 bit or 2048 is so unbreakable that it's hard to comprehend how long it would take a hacker to crack the encryption, think in terms of the lifespan of the universe and you might come close. You can also choose your own level with the custom option but why? Click next when you have decided.
Step 12
On the next screen you get to choose when and if your key pair expires. If you are really paranoid to the point you think monkeys are after you choose an expiration date, otherwise go ahead and like a man with even a small bit of sanity, set the pair to never expire.
Step 13
Here's the BIG one, baby! Choose a password that is both easy to remember and long enough that it can't be guessed easily. This may at first seem a difficult task but I've found that choosing a phrase that is easy to remember works well. Of course if you're the type that sees small squirrels with cameras spying on you from the trees while trying to look inconspicuous then I suggest you use capital letters, numbers and symbols with a minimum character length of 150. PGP displays a bar showing the quality of your password as you type. This is case sensitive so be carefull and you can use any character you want. I recommend at least using some numbers but a capital letter or special character wouldn't hurt.
Step 14
After PGP generates your key pair the next screen gives you the option to send your public key half of your pair to the root server. The server stores your public key so others can download it and decrypt your encrypted messages that you send them. I'm a bit leery of this and I usually choose not to send it to the server so I can send it directly via e-mail to those I want to have it.
The screen above shows what public keys you have on your key ring. You can search for people who have placed thier public key on the server so you can put them on your key ring. Once your key is sent or not sent, click on next and then finish.
Step 15
PGP is nice enough to ask whether you want to back up your key pair and I highly recommend it. If you lose your key pair and your hard drive crashes you'll have to create a whole new pair. Once you back it up I'd back it up again somewhere else, like a floppy, CD-R/RW or Zip!
Step 16
If you have skipped to this step then great, you have saved some time by keeping an existing key pair handy. If you have gone through the creation process then you are finished with the install...WATCH OUT! Whew, that was close I saw a monkey trying to steal your key pair! Navigate your way through your directories until you come across your key pair. It will ask for both your private and public keys seperately so point to them at the appropriate time. PGP will copy these to the proper directory and finally the setup is over!
Last notes
PGP will put an icon in your systray allowing you to quickly access it's functions. Besides encrypting e-mail and files PGP can also perform a wipe of any file you wish. A wipe, if you are not familiar with that function, erases the file and then writes over the exact area where it existed with bogus information and then deletes that so no one can use a recovery utility to pull deleted information off your disk. Believe me when I tell you that pulling files off a hard drive that has even been formated is completely possible. I had a conversation with a Nuclear Power Station security officer(since I work at a Nuclear Plant) who stated they had deleted the contents of a hard drive then formated it 8 times and were still able to pull most of the files off of it. Yes, Nuclear Power security officers are anal enough to try this sort of thing, God only knows why? I also heard a story about a person who bought a refurbished Dell computer and for whatever reason had Norton Utilites or some other recovery utility try and recover lost information on the hard drive. Lo and behold Paul Mccartney's(yes THEE Paul Mccartney of the Beetles) financial records were recovered from it. If that is not reason enough I don't know what is, of course the menacing monkeys and snooping squirrels are a good reason too! Happy encrypting from LittleWhiteDog.
Additional information about this topic can be found in our follow-up articles titled: The why for's and what not's of encrypting
|
Copyright © by LWD All Rights Reserved. Published on: 2004-02-22 (2757 reads) [ Go Back ] |
|
|
|
