With all this talk about passphrases, I bet you thought I forgot about the keys. The keys are what are used to start the encryption process to lock a file and also to unlock (ore reverse) the process to decrypt the data. Contrary to popular belief, there is no part of the passphrase in a key; the passphrase is just a lock that you create to protect and access the key.
So, just what exactly is a key? Simply put, it’s a number in binary form that is stored as a text file. You can open your key files and copy them to other files or, in the case of PGP, paste them into an e-mail message to send to someone else. Here is a portion of my PGP public key (a private key is never, ever published or otherwise made public):
mQGiBD6wIvsRBADxHMROiJJBin68dtvztxWMu+nIaSFGUn8m5iroeWMP4GvmZd3tl5k6FXuqi8jglzDtKZZL0WbYpM5IeZ9tT
That’s not my entire key, but it’s enough to give you an idea of what one looks like, isn’t it? It certainly doesn’t look like a number, but to your computer and the PGP program, it is.
But just because this is a key does not mean that I can use it for other encryption programs. The key above can be used only with PGP. Likewise, an AES key can only be used to encrypt and decrypt data with the AES algorithm and a 3DES key can only be used to encrypt and decrypt data with the 3DES algorithm. Keys are generally not
interchangeable between applications.
Key generation
Keys are generated by a program within the encryption program. If you are creating your own encryption program (and many programmers do), there is a specific formula for creating a key, which is really just another algorithm. That algorithm creates a stream of pseudo-random data that starts when the user tells the program what size key to create and for which algorithm.
After you tell the program that you want a 128-bit AES key, for example, the key generator goes to work in creating a number. In order not to start from the number 0 every time, something called an initialization vector plays roulette in effect, and starts the count-off with a number. The pseudo-random number generator (PRNG) starts from that number and keeps going “eenie-meenie-miney-moe” until it picks a long random number. After the number is created, the key generator goes through some more processes to make sure that the number is valid, has not been used before, and will not be used again. We’re not finished yet, though. The last, but not least, step is to add some more random data to mix with the number that the PRNG created.
The additional number that is mixed with the key number is called a seed. In effect, that number is used to help “grow”
a better number. The seed number is created by gathering random data from things that are happening to your computer — mouse movements, cursor location, print commands, disk read and write speeds, and so on. All of that data is gathered at the same time and is thrown into a pool of random data for future use by the key generator algorithm.
Warning If you turn your computer off, all the random data that has been gathered by the computer is dumped. There is a slight possibility that, if you generated a key right after a computer was rebooted, there wouldn’t be enough random data to create a good seed for an encryption key. Most key generators solve this problem by dumping gathered data to a file before the system is shut down. In that way there is already a pool to start with. It’s always a good idea, though, to generate a key on a computer that has been continuously running for a long time.
One of the major problems with poor encryption programs is that they use a very poor PRNG. If you are coding your own program, never use the random number generator that comes with programming languages or the one included in operating systems. They don’t gather enough random data from your computer to meet the entropy tests. For a list of software for random number generators, go to the WWW Virtual Library on random number generators at
http://crypto.mat.sbg.ac.at/links/rando.html.
Back in the old days . . .
I’ll digress just a moment here to tell you how things used to be back in the old days — like sometime in the late
‘80s or early ‘90s. Back then, most key-creating programs relied upon the user’s input to help generate the key.
The program would ask you to move your mouse or type at random on the keyboard until the key generator had enough random data to seed a key. The problem with that was that it often took a minute or two of mouse movements and keystrokes to complete the process. Most users got bored and would end up tapping on the same keys over and over or just move their mouse in a circle, which resulted in flawed random data. Luckily, we don’t have to rely on that process any more.
Protecting your keys
As I mention earlier, a good passphrase is one method of protecting your keys, but almost as important is the need to store your keys in a non-obvious location. If you are on a network with a full PKI (Public Key Infrastructure) system, there’s probably not much you can do about that as the system administrators will have set up key servers, back-up keys, and recovery keys (if they’re good, that is!). But what do you do if you’re using your own system? There are five good, safe methods of keeping your keys safe:
Don’t save your keys on your desktop computer (unless your company requires you to).
1.
If you must store your keys on your desktop computer, see if you can change the name of the folder or locate the keys in a different directory. (You’ll have to check with your IT staff about this.) 2.
Always save copies of your keys to a removable drive such as a USB keychain drive, CD, or floppy disk.
3.
Keep the USB drive, CD, or floppy with your keys on your person.
4.
If you cannot keep your key storage media on you, put it in a safe place such as a safe, a bank safe-deposit box, or a locking cabinet.
5.
Back before there were USB drives, I always kept a copy of my keys on a floppy disk. I also had to keep the disk at work in case I needed it in a hurry. We had one locking file cabinet for three people to use. My solution? I slipped the floppy disk on to the bottom of the file drawer instead of in a hanging folder. The folders easily slid back and forth above the disk. What was funny was that my co-workers always assumed that I was putting the disk in a folder and they drove themselves crazy trying to find it. This method may not be the safest in the world, but it sure beats saving the floppy in a desk drawer!
There are a number of complicated methods of safely storing keys that are mentioned in Part II on PKI. This is because that type of storage is often a component (or policy) of a PKI system. If you need information on sharing keys, key escrow, or other key protection systems, please check there.
What to do with your old keys
One question I often hear from people is, “I have an old key on a server and I’ve forgotten the passphrase. Is there any way I can delete the key?” I’m sorry to have to tell them that they are out of luck. Without the original passphrase to the key, you can’t delete it from any public server. Although this is a royal pain, it was meant as a form of security to prevent unauthorized persons from messing with your keys.
If you do have the passphrase to your old key, you can revoke it. How you do this depends on the type of system you used to create the key in the first place. In PGP, there is a very clear command to revoke your key. You can also assign someone else (or other authority) to revoke the key when you give the word. Many Certificate Authorities work in this manner. The other method of getting rid of old keys is to set an expiration date. If you do not reinstate the key before the expiration date, the key expires and becomes useless.
This document was created by an unregistered ChmMagic, please go to http://www.bisenter.com to register it. Thanks.
It’s a small bone of contention with me that PGP and other systems, by default, have a key expiration date of “Never.” I think it should be the other way around and that the default should be a one-year expiration date from the date of creation. But I’m not in charge of such things, and they obviously didn’t ask me for advice.
Some cryptiquette
I have to thank my good friend, Dave Del Torto, (also known as DDT) for the term cryptiquette. He is one of the original cypherpunks and his soap box for years has been the proper creation, storing, sharing, and maintenance of keys. There is more cryptiquette information elsewhere in this book and on the Cheat Sheet in the front, but here are a few items to start you off:
Always set an expiration date for your key when you create it.
1.
If you lose a key or the passphrase, please advise others of your new key and update your key on all servers where it is stored.
2.
If someone sends you a public key, never publish it to a public server without the owner’s permission.
3.
Always save your passphrase somehow, somewhere.
4.
Always make backups of your keys and put them somewhere safe.
5.
That’s your teaser for now. Look for other cryptiquette rules elsewhere in this book!