[H-GEN] Humbug PGP & GPG Keyrings

Anthony Towns aj at azure.humbug.org.au
Thu Jul 2 05:57:19 EDT 1998 

Hello world,

I've finally gotten off my butt [not litterally, admittedly] and started
a humbug keyring.

But, in recompense for my tardiness, not just one keyring, but *two*.

That's right, two whole keyrings, and how much would you expect to pay?

What?

Nothing?

Oh, that's really great that is. I've got children to feed, you know!

Well, no, not *literally*, I suppose, but...

Oh, damn it all to heck.

Anyway. Here's the low down.

PGP is (for those who are totally out in the cold) a cute program that lets
you digitally sign and encrypt stuff, so people can tell that you really did
write it, and so people who you don't want to have read it, can't.

PGP has a number of problems though. For one, it's argument style
absolutely sucks. For another, since it generally uses RSA it can't be
used in the US without problems with patents appearing. GPG is a free
(GLPed) reimplementation of PGP with proper command line arguments,
and support for the OpenPGP standard, which uses ElGamal and DSA as its
primary algorithms, which apparently don't have the problems of RSA.

GPG stands for GNU Privacy Guard, btw. Obvious, no?

It's still very much a work in progress, but it's really cool, so,
basically, I figured what the hell. :)

You should be able to get add-on's for pretty much whatever mail reader
you use to get it to understand PGP sign'ed or encrypted mail. Mutt will
apparently support GPG RSN, but doesn't yet. AFAIK nothing else does,
either.

Some sample usage follows.

The first thing you need to do is generate your own personal "key". This
is an unreasonably large number that basically identifies who you are.

] [aj at azure]$ mkdir .pgp
] [aj at azure]$ pgp -kg
] Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses
] (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
] International version - not for use in the USA. Does not use RSAREF.
] Current time: 1998/07/01 13:08 GMT
] 
] Pick your RSA key size:
]     1)   512 bits- Low commercial grade, fast but less secure
]     2)   768 bits- High commercial grade, medium speed, good security
]     3)  1024 bits- "Military" grade, slow, highest security
] Choose 1, 2, or 3, or enter desired number of bits: 3
] 
] Generating an RSA key with a 1024-bit modulus.    
] You need a user ID for your public key.  The desired form for this
] user ID is your name, followed by your E-mail address enclosed in
] <angle brackets>, if you have an E-mail address.
] For example:  John Q. Smith <12345.6789 at compuserve.com>
] Enter a user ID for your public key:
] Test <test at wherever>
] 
] You need a pass phrase to protect your RSA secret key.
] Your pass phrase can be any sentence or phrase and may have many
] words, spaces, punctuation, or any other printable characters.
] 
] Enter pass phrase:
] Enter same pass phrase again:
] Note that key generation is a lengthy process.
] 
] We need to generate 912 random bits.  This is done by measuring the
] time intervals between your keystrokes.  Please enter some random text
] on your keyboard until you hear the beep:  
]    0 * -Enough, thank you.
] ........**** .****
] Pass phrase is good.  Just a moment....
] Key signature certificate added.
] Key generation completed.             

or

] [aj at azure ~]$ gpg --key-gen
] gpg (GNUPG) 0.3.0a; Copyright (C) 1998 Free Software Foundation, Inc.
] This program comes with ABSOLUTELY NO WARRANTY.
] This is free software, and you are welcome to redistribute it
] under certain conditions. See the file COPYING for details.
] 
] gpg: secret keyblock resource '/home/dbs/.gnupg/secring.gpg': File open error
] gpg: keyblock resource '/home/dbs/.gnupg/pubring.gpg': File open error
] gpg: private data signature missing; creating ...
] gpg: no default secret key: Secret key not available
] gpg: error creating /home/dbs/.gnupg/gnupg.sig: Secret key not available
] gpg: failed to initialize the TrustDB: Secret key not available
] Please select what kind of key you want:
]    (1) DSA and ElGamal (default)
]    (2) ElGamal (sign and encrypt)
]    (3) ElGamal (encrypt only)
]    (4) DSA (sign only)
]    (5) ElGamal in a v3 packet
] Your selection? 1
] DSA keypair will have 1024 bits.
] About to generate a new ELG keypair.
]               minimum keysize is  768 bits
]               default keysize is 1024 bits
]     highest suggested keysize is 2048 bits
] What keysize do you want? (1024) 1024
] Requested keysize is 1024 bits
] Please specify how long the key should be valid.
]          0 = key does not expire
]       <n>  = key expires in n days
]       <n>w = key expires in n weeks
]       <n>m = key expires in n months
]       <n>y = key expires in n years
] Key is valid for? (0) 0
] Key does not expire at all
] Is this correct (y/n)? y
]
] You need a User-ID to identify your key; the software constructs the user id
] from Real Name, Comment and Email Address in this form:
]     "Heinrich Heine (Der Dichter) <heinrichh at duesseldorf.de>"
] 
] Real name: Anthony Towns
] Email address: aj at azure.humbug.org.au
] Comment:
] You selected this USER-ID:
]     "Anthony Towns <aj at azure.humbug.org.au>"
] 
] Edit (N)ame, (C)omment, (E)mail or (O)kay? o
] You need a Passphrase to protect your secret key.
] 
] gpg: Warning: using insecure memory!
] Enter pass phrase:                   
] We need to generate a lot of random bytes. It is a good idea to perform
] some other action (work in another window, move the mouse, utilize the
] network and the disks) during the prime generation; this gives the random
] number generator a better chance to gain enough entropy.
] ..+++++......+++++.....+++++..................+++++.+++++.++++++++++.......+++++
] .+++++.......+++++++++++++++.......+++++..+++++..+++++++++++++++++++++++++++++++
] ++++...++++++++++...+++++.+++++........+++++>.....+++++.+++++>..+++++....+++++
] We need to generate a lot of random bytes. It is a good idea to perform
] some other action (work in another window, move the mouse, utilize the
] network and the disks) during the prime generation; this gives the random
] number generator a better chance to gain enough entropy.
] ...+++++.+++++..............++++++++++.....++++++++++++++++++++.......+++++..+++
] ++............+++++...................++++++++++..+++++++++++++++........+++++..
] ..+++++...++++++++++....+++++.....+++++....+++++......+++++........+++++.....+++
] ++>.....+++++>+++++.........................+++++^^^
] 
] Not enough random bytes available.  Please do some other work to give
] the OS a chance to collect more entropy! (Need 95 more bytes)
] public and secret key created and signed.                             

You can view your keyring with something like:

] [aj at azure ~]$ pgp -kvv
] Pretty Good Privacy(tm) 2.6.3ia - Public-key encryption for the masses.
] (c) 1990-96 Philip Zimmermann, Phil's Pretty Good Software. 1996-03-04
] International version - not for use in the USA. Does not use RSAREF.
] Current time: 1998/07/01 13:20 GMT
] 
] Key ring: '/home/dbs/.pgp/pubring.pgp'
] Type Bits/KeyID    Date       User ID
] pub  1024/4676CB35 1998/07/01 Test <test at wherever>
] sig       4676CB35             test at test
] 1 matching key found.       

or

] [aj at azure ~]$ gpg --list-keys
] gpg (GNUPG) 0.3.0a; Copyright (C) 1998 Free Software Foundation, Inc.
] This program comes with ABSOLUTELY NO WARRANTY.
] This is free software, and you are welcome to redistribute it
] under certain conditions. See the file COPYING for details.
] 
] /home/aj/.gnupg/pubring.gpg
] ----------------------------
] gpg: Warning: using insecure memory!
] pub  1024D/C787589C 1998-07-01 Anthony Towns <aj at azure.humbug.org.au>
] sub  1024G/499179BC 1998-07-01           

You can encrypt stuff with:

] [aj at azure ~]$ pgp -eat test_aj
] A user ID is required to select the recipient's public key.
] Enter the recipient's user ID: test
] 
] Key for user ID: test at test
] 1024-bit key, key ID 4676CB35, created 1998/07/01
] .
] Transport armor file: test_aj.asc 
] [aj at azure ~]$ cat test_aj.asc
] -----BEGIN PGP MESSAGE-----
] Version: 2.6.3ia
] 
] hIwD8rFlh0Z2yzUBA/9n9DH6+dC9CNuE3SHogsCzM1QMaknaMMwtzAn6qNzkPyyb
] MvQnJMr9052j2nXSsIvj711BuOHa7MhRdUspz5DJAFR45wY/cABgz1BIXrtiiuRP
] iRMhe0r1r8kvfEpVAb+OaW4GKJH8w33g/ljbIrq/itO1HqwfM/2+HOJlrsusiKYA
] AAAibl6j12D+/8+ZgcFzOx59QpY84OzPW9Rth+dIaTV51YepLA==
] =mlqH
] -----END PGP MESSAGE-----  

or

] [aj at azure ~]$ gpg --armor -r Towns --encrypt # ... in theory.
     # in practice it turns out that DSA/ElGamal keys aren't fully
     # functional atm, and in particular don't work to well with
     # the -r option.

...and so on. RTFM for the rest of the gritty details.

Anyway, the two keyrings, as they stand atm, are available at
	PGP 2.6: http://azure.humbug.org.au/~aj/humbug-keyring.pgp
 	GPG:     http://azure.humbug.org.au/~aj/humbug-keyring.gpg

They currently contain:

PGP:
pub  1024/7172DAED 1996/06/15 Anthony Towns
pub  1024/FA4DA549 1998/01/07 Bradley Marshall <bmarshal at plugged.net.au>  
pub  1024/84F22F0D 1997/04/11 David Jericho <davidj at meesha.humbug.org.au>
pub  1024/DA1DCFA5 1995/07/14 David Starkoff
pub  1024/96C91E2D 1998/06/09 Jason Henry Parker <henry at freezer.humbug.org.au>
pub   768/A96E54D9 1997/03/03 Martin Brett Pool <mbp at pharos.com.au>
pub  1024/82275ED9 1996/02/12 Mark J. Suter <cs331007 at student.uq.edu.au>

GPG:
pub  1024D/0B35E52E 1998-06-29 Anthony Towns <aj at azure.humbug.org.au>
pub  1024D/06514A49 1998-06-29 Jason Henry Parker <henry at freezer.humbug.org.au>
pub  1024D/224FD9A0 1998-06-30 michael pick <mjp at broken.humbug.org.au>

If you're a HUMBUG member and you've got a PGP or GnuPG key, or both,
please mail it to me for inclusion.

Note that pgp5 keys may or may not get included -- pgp5 uses different
algorithms to pgp2 and is totally incompatable, and the gpg keyring
format is, ttbomk, different to pgp5's (although the keys themselves
should be able to be added, the keyring is useless to non-gpg'ers. I
think). And coaxing pgp5 into producing a humbug- keyring of its own
looks like more effort than it's worth.

Cheers,
aj

-- 
Anthony Towns <aj at humbug.org.au> <http://azurehumbug.org.au/~aj/>
I don't speak for anyone save myself. PGP encrypted mail preferred.

      ``It's not a vision, or a fear. It's just a thought.''
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 434 bytes
Desc: not available
URL: <http://lists.humbug.org.au/pipermail/general/attachments/19980702/885169ce/attachment.sig>

More information about the General mailing list