__________________________________________________________ GUIDE TO (mostly) HARMLESS HACKING Vol. 3 No. 8, Part 1 The Magical Mystical Crypto-Primer ____________________________________________________________ By Tim "No Sinister Nickname" Skorick Thanks for the suggestions and comments: Carolyn Meinel (naturally!), Bruce Schneier, John Young (for his internet Crypto vigilance), Mark Skorick, Eric Brisnehan, Mom, Dad, kenspiraC, Rahul Bheemidi, venMus, Everett Gidlund, Gomez, Skip Stavis, Jon Tempest and Prabaker Balasubramanium. Last, but not least, an emotional, teary-eyed "thank-you" to Juan Valdez for bringing the world 100% Columbian coffee, the richest coffee in the world. Part One: the Crypto-bottom What I'm going to tell you The bottom How they used to do it The Ceasar cipher What exactly is an algorithm? The key to it all How do you make a key? More crypto-history How they do it today Keys are important still, but not the only thing. What's "brute forcing?" What is "public key" supposed to mean? What's a Diffie-Hellman and who's RSA? What's the easiest way to get into all this? PGP and where to get it Playing with PGP Getting someone else's public key What PGP really does Other ways to start using crypto Secure your Netscape connection Wrap up stuff All that confuses is not crypto Beware "kindergarten cryptography" Words you get to throw around Wanna learn more? Quick web stuff Books to look for Tim what's up with you and all this? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I. WHAT I'M GOING TO TELL YOU Okay, some of you out there know generally what cryptography is supposed to do, how it is used, and what its limitations are. A lot of you probably even have a really good grasp of the mathematics involved. This primer won't tell you people anything you don't already know. Basically, I'm writing this for the cipher-newbies out there that have never used cryptography, or "crypto," and have no idea how it works, and like the idea of starting at the bottom. And it isn't going to be a quick thing. There is too much science, history, theory, and other stuff involved for a person to learn all the basics of cryptography quickly. BUT - as with most computer stuff, it is still way simpler than most people make it sound. When you're done reading this you will have a whole metric ton of cool crypto-words you can throw around to impress your buds, and you should be just enough of a knowledgeable cryptodude to be able to find the real cryptography and avoid the "kindergarten cryptography." II. THE BOTTOM (or "What the?") Okay. "What the heck is cryptography?" you ask. Well, dang it I'll tell ya (This is the crypto-bottom, chitlins.) Everybody at some time or another sends someone message that they would rather be kept secret. Whether you are sending an e-mail to a friend, your doctor is faxing your medical records to the insurance company, you are ordering a take-out dinner over your wireless phone (and using your debit card number to pay in advance), or saving the plans for your latest development tool to your business partner's network drive, privacy these days is super important. Cryptography is the art of taking a perfectly good message and scrambling the living snot out of it so as to make it completely 100% unreadable to everyone except for the party who is supposed to be reading it. Now the whole crypto thing is rolled up into the subject of "cryptology." There are a few different disciplines within cryptology. "Cryptography" is the art of creating the schemes used in the whole process. "Cryptanalysis" is the discipline of cracking what the cryptographers come up with. Most really hard core cryptographers were people who spent a LOT of time and effort being cryptanalysts, so they know enough to keep from making all those idiotic mistakes cryptographers usually make. People have actually been doing this for a long time III. HOW THEY USED TO DO IT (or "Beware the Ides of March") A. The Ceasar cipher ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Not Exact But Not Boring Either History Lesson" #743: The World's Most Famous Ancient Cryptogram Remember Ceasar? Back when he was conquering the world, he had to send messages back and forth across enemy territory. He sometimes would have to send his troops really important information, and his generals had to come up with a way of screwing the message up to keep the enemy gauls or whoever from reading it if the messenger got captured. This screwing up of the message is called "enciphering" a text. But here's the catch: It would be really stupid to do this unless you could do it in such a way that the people who were SUPPOSED to read it would have no trouble "deciphering" it. Deciphering is just the "un-screwing-up" of a text that was enciphered. So here's what they did. They wrote the text of the message: "Hey Brutus, here's my salad dressing recipe, give it to Mark Antony on March 15, and do me a favor, sharpen my knives for me." They then took each letter in the message and replaced it with the letter four spaces down in the alphabet. That made the message look like this: "Lic Fyxyw liviw qc wepeh hviwwmrk vigmti kmzi mx xs Qevo Erxsrc sr Qevgl 15 erh hs qi e jersv wlevtir qc ormriw jsv qi." Now when the person the message is for got the message, he would only have to look at each letter, replace it with the letter four letters UP the alphabet. Then he would have the "plaintext" back again and could run out and buy romaine lettuce and croutons. Neat huh? So if the poor slob delivering the letter was captured by a motley horde of gauls, the enemy would have no idea what the message said. Of course Ceasar would have really been writing in Latin, and who can read that stuff anyway? But the crux of the matter is this: They used what is called a "substitution cipher" with a "key" that was pretty much just "count four letters down the alphabet." Geddit? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ A "substitution cipher" just creates the cipher by substituting each piece of text with a different piece of text. It's old, insecure, and unused today outside of elementary school playgrounds, but nevertheless has one thing in common with all cryptosystems: Like any cipher, it's pretty much useless unless there's a key that the receiving party can use to turn the ciphertext back into plaintext. B. What exactly is an algorithm? We use these really complex algorithm things today, but there was an algorithm involved even then. You're gonna love this: An "algorithm" is just a step-by-step set of things you would have to do to solve a problem. You keep doing the steps over and over until the process is finished and the problem is solved. Now, don't go batty on me with the "what problem? Is this math again?" In a way, yeah it is, but in the case of an algorithm, the problem it's solving is that the message is in plain English and has to get encrypted somehow. See? No big deal. The algorithm used to encrypt with a Ceasar cipher took place in the guys' little pointed heads instead of in a computer and went like this: 1. Look at the plaintext letter 2. Count four letters down the alphabet 3. The letter you end up with is the ciphertext 4. Write that letter down. 5. Move to the next plaintext letter You just read an algorithm! The guys would start at the top of the message and do this over and over until the enciphering was done. The decryption steps were the same as above but done backwards, counting four letter UP the alphabet. That's an algorithm. Algorithms used in ciphers today are seriously complicated, but are based around the same idea of taking a math action and turning it into an automatic process that goes until it solves a problem, in this case the problem of encrypting and decrypting stuff. Have you heard names like "RSA," "IDEA," "DES," "Blowfish," "CAST," and "El Gamal?" Those are the really popular algorithms (Except for DES. DES is the old unpopular one that's getting a little weary and tired). To make things more confusing, sometimes the algorithms that encrypt and decrypt are different. We'll go into why later, but just remember, the "encryption algorithm" turns plaintext into ciphertext, and the "decryption algorithm" turns ciphertext back into plaintext. Now what C. The key to it all Awright, chitlins, this is the funnest part. The key to the cryptosystem! Keys are super-important. A key is the special information that the algorithm uses in its job of encrypting and then later decrypting messages. If you're thinking about a key as in how you lock your house, you is right on de' money. Your key to your house has to fit your lock perfectly. It has to be able to lock AND unlock your house. Most importantly, it has to be different from most other keys, so your neighbor can't just wander into your locked house with HER key and dig into your chips and guacamole. Like she lives there or something, sheesh! I get really bitter when that happens. Keys are important. The cryptosystem key is what makes the encryption different for everybody that uses it. People have to use the same algorithm to encrypt and decrypt stuff, so there has to be something in the whole chain that is used to make your encryption special. The algorithm HAS to have a special key, not like anyone else's. Back in the old days people would use passphrases like Bible quotes and sayings as keys. Then they would use numbers. The smart ones would use both. What they could use as a key depended a lot on what kind of a system they used. Now when we actually look at today's keys, they look like big blobs of numbers and characters and who knows what else. This is the first few lines of one of my public keys, check it out: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP for Personal Privacy 5.0 mQGiBDU3uhARBAD6JcwWAU68HZUtONoew0sB24wr5v9YCDEPHy4rb/141+l4pOOh qgvogHAaulE6qmy8fePWuPtJKGOJXoVKlalZIs1ibi+aiOwqwFDHTEp8dQBlHXDB edc+USPh7WBms08RmEHotZwrJJfBdKWLjldzoe5oBLSb+LKs5Q+SB8GjMwCg/3C2 Nuts, huh? Important thing: that is just the "text" way of showing something that the computer really sees as 100% digital. If you looked at a digital "binary" (that means ones and zeroes) version of that same key the way the algorithm has to work with it, it'd be way bigger and would look like: 110101 110011 10001110010011 111110100101010101011010 110011 1111101001 10101010110 0011111010010101 1010110100 100101011 110101 110011 00101010101011010 110011 10001110010011 111110 ... and on and on and on. ~~~~~~~~~~~~~~~~~~~~~~~~ Head Exercise ~~~~~~~~~~~~~~~~~~~~~~~~ Pretend for a second that you're the algorithm. You're the process that the program repeats over and over to encrypt the data. This is what you would do: First off, you would be waiting inside the PC wishing the air conditioning worked. Then the user would type a letter that they wanted encrypted. As soon as they clicked on the program to encrypt the message, the program would kick you in the behind and swing you into action. You would take the person's key in one hand, and only take a little piece of the message in the other, and start adding them to each other and mashing them around together till you were finished with that piece of message. Then you would grab the next piece of the message, the same key, and do it over again. You would repeat this until all of the text looked like it was put through a meat grinder. The way you would know your job was done with each piece of text (called "blocks" by cryptopeople) was when you had done however many steps (called "iterations" by cryptopeople) you were supposed to on that block. That would be your signal to move on to the next block. The way you would know you were done with the whole shebang was when you ran out of pieces of text to encrypt, or should I say - when you ran out of "blocks" of "plaintext" to perform "iterations" on. Do me a favor, think about whether or not you would have understood that last sentence before you started reading this ... it sounded cool anyway - Heh heh heh. So to sum up: the algorithm does all the freaky mish-mashing on your message using the unique key as the tool. That is what makes the encryption of a message different for each person, because each person has a different key. So that's the part of the algorithm where the key "fits in." Get it? "Fits in?" Nevermind. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ D. How do you make a key? The way the key is generated is really super important. It's also the easiest part for you because the software you're using will do all that for you. Each crypto program will have different crazy ways of making its keys. Some of them tell you to swirl your mouse around and pound on your keyboard for a while. Why do you do this? The answer is simple: random data. You have to use as much random and unpredictable stuff as you possibly can. The reason for this is that if you use really predictable and non-random information like the date and your name to make a key, some attacker who wanted to read your encrypted email could guess what your key is really easily by playing with that kind of info until he had it right. If people can guess your stuff THAT easy, sheesh what's the point? That ain't real cryptography, it's kindergarten cryptography. You HAVE to have random numbers in a cryptosystem. ~~~~~~~~~~~~~~~~~~~ Head Exercise ~~~~~~~~~~~~~~~ Random numbers are tougher to come up with than you might think. Here's an example of what I'm talking about: Pretend for a second that your crypto program comes up with keys by taking the date, say 1-15-98, and multiplies it by 50 (011598 x 50 = 579900) and then randomly comes up with another number by multiplying two double digit numbers (like 36 x 73 = 2628 and then multiplies them all: 1523977200 is the result. That's 1011010110101100000101111110000 in binary form. Looks pretty random, huh? But it's not at ALL. A cryptanalyst can come along and take the output of all possible dates multiplied by 50 (there's only 365 numbers it could be), and then go through all those and multiply them by non-prime integers between 1000 and 9801 (there are only so many products of double digit numbers) and he will have your key before you can blink. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This is where we have more help from programmers. They write programs called "Random Number Generators." They're super high-tech programs way deep inside the key-making programs that use really strange stuff (like static) and weird things (like how you type) to come up with freaked-out numbers that NOBODY would have predicted. These Random Number Generators are often just called RNGs and are a real vital part of making a key. Always remember that the program for generating a key is one of the most intense and crucial parts of any cryptosystem. E. More crypto-history Okay, ciphers have evolved over the ages. A lot. There were disc ciphers that could rotate between alphabets, electrical ciphers that looked like typewriters but spat out ciphertext, and others. I have to skip over a lot of these for right now to get to other important stuff, but fear not - I'll cover more classical crypto stuff later on. IV. HOW THEY DO IT TODAY (or "Bigger isn't better") A. Keys are important still, but not the only thing. Today's ultra-modern crypto stuff is still based around making sure that the ciphertext can only be decrypted with that one special key. The keys you see these days are made up of strings of numbers, characters and stuff all broken down into digital form of 1s and 0s. The more numbers in the key, and the more random the info that makes it, the "stronger" the key is. Important thing: Having a big ol' humongous strong key doesn't necessarily mean you have a strong cryptosystem. Having a nice secure algorithm and a tiny weak little key also doesn't guarantee you a strong cryptosystem. Are you going "aroof" and scratching your head yet? Look at it this way. A strong algorithm is like knowing self-defense, and a big key is like having big muscles. Having big muscles doesn't mean you know how to defend yourself. And knowing how to defend yourself doesn't mean you're strong enough to. If you have the ability, then you use your big muscles to get the job of defending yourself done, but neither is any good without the other. *************************************************** Here's a good way to remember: Big Manly Key + Weak Wimpy Algorithm = Weak System Small Wimpy Key + Strong Manly Algorithm = Weak System Big Manly Key + Strong Manly Algorithm = Strong System Note: All apologies to the females in the audience, the word "manly" just had the vibe I was looking for. No offense intended :) *************************************************** Now I have to confuse you again, but all will be made clear. The big key and strong algorithm don't *guarantee* a strong system necessarily. Why? Well, it's always possible that YOU the user can mess everything up and make the whole dang thing insecure by trusting the wrong person with your key, not knowing who has access to your computer, setting crypto stuff up wrong, and just not being careful. Having big muscles and the knowledge to defend yourself won't make you safe if you happen to be drunk when attacked. But back to the whole "big key" thing: it doesn't really have anything to do with the guts of the algorithm that encrypts and decrypts your message. The algorithm just uses the key to do the job. The reason everyone's stuff after being put through the same algorithm looks different is because each time, the same algorithm is put into motion, but using a different key - one from each person. B. What's "brute forcing?" Making sure your key is nice and big just makes it harder to guess the key if you were going down the list of all possible keys. This is called a "brute force" attack. This means that if you have a six-digit number, you could crack the key by starting guessing it at 000001 then 000002 then 000003 on the way to 999999 till you get the key. A typical ATM pin number four digits long would be harder to "brute force" if it were ten numbers. The number of guesses you would have to go through to get the key increase hugely each time a number is added to a key, and your poor PC is worked overtime in the rush to figure out all the possible combinations. ~~~~~~~~~~~~~~~~~~~~~~~~ Head Exercise ~~~~~~~~~~~~~~~~~~~~~~~~ You can brute force a key of two digits in your head. Get a friend to think of a two-digit number, and not tell you. Easy to guess, right? There are only 99 numbers it could possibly be, so you count down the list till you guess the right one. Now tell your friend to add just one more teensy little digit, so they have a secret number with three digits. Now there are 999 possible numbers it could be. See? 999 may only have one more digit than 99, but it's more than ten times bigger. It gets ten times harder each time you add a digit. You can still try to guess it, but how high do you feel like counting? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ With modern keys of 4096 bits, brute forcing takes dang near forever and there's just more intelligent ways of doing it. This is why the brute force method of cracking a large key is the very last resort of any smart cryptanalyst (those are the guys that crack the crypto stuff, remember?). And if a key can ever be brute forced, that means it's reeeeaaaaalllllly weak. Unfortunately some cryptosystem engineers haven't figured out that a bigger key isn't necessarily a better system. For instance, the PCS phone carrier that I use advertised the safety of talking on their phones by saying that "Our phones are so friggin' secure that in order to break through their communications privacy you'd have to guess four trillion keys in less than a second! Hoo yah! We're all that!" They didn't use those actual words, but it was something like that. Anyway, you know by now that they were talking about a brute force attack. The problem is that they didn't really look at the rest of the actual cryptosystem they used. Then some really awesome hackers looked at the actual system and process they used to encrypt the communication (remember the "algorithm?") and found some mathematical flaws that would allow anyone with a little ingenuity and some common equipment to decrypt the phone call information. Needless to say I made fun of my PCS people forEVER after that. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Cool thing: That was an actual true story. The algorithm is called CMEA, and it is used in an awful lot of PCS phones that communicate using a certain kind of behavior (or "protocol"). Check out the hack at: http://www.counterpane.com/cmea.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ *************************************************** Other note: The president of Counterpane Systems that published the hack is Bruce Schneier and you're going to be hearing his name a lot. He wrote the ultimately vital cryptography book "Applied Cryptography." If you're really into cryptography you probably already have it, but I'll get into that later. *************************************************** So remember. A stupid cryptosystem that happens to use a key seven gazillion digits long is still a stupid cryptosystem. You might as well just write the message on a dang postcard in large letters and attach a big neon sign to it that reads "Private but unprotected data! Don't read! Please! You might have to take all my money! Aaaaaa!" C. What is "public key" supposed to mean? Easy. You know how the ciphers we've been talking about have a secret key that both encrypts AND decrypts the message? Public key systems have two different keys that each will do one of those things. ? Okay okay, hold on. First let's have a little "Words You Need To Know" update: A cryptosystem that uses the same key to encrypt and decrypt the data is called a "symmetrical cipher." The reason for that should be obvious: because the whole process thing is the same on either end, only reversed like a mirror image. That's why they use the word "symmetry." And you can guess what they call a system that has a different key for each purpose ... yeah, an "asymmetrical cipher" (Asymmetrical just means "not symmetrical") Other more ordinary words for these systems are "private key" or "secret key" crypto for symmetrical, and "public key" for asymmetrical. Okay, you got the terms lah dee dah yeehaw let's get on with it. The problem started when people got sick of having to go through the hassle of getting the great and powerful secret key back and forth between the senders and receivers and all that stuff. I mean, how many ways can you get a secret key to someone without an eavesdropper snatching it en route? Not many. So some guy at Bell Labs came up with the genius idea of a system that would generate two numbers based on a certain kind of mathematical problem. When one of the numbers was used to encrypt data, only the other number generated with it would decrypt it. Woa! It was expanded upon by some cryptographers in Britan, and then some guys at Stanford came up with an even better idea (not even knowing about the previous work!). I'll tell you about those people in a sec. So you would generate the two numbers you'd use as keys (called a key pair). Give everybody in the universe one of the keys, and keep the other one on a floppy disc in your ventilation duct or your underwear drawer or somewhere else really private. Anyone who encrypted a message to you with the key that you gave them would be making a ciphertext that nothing in the world could decrypt except the key you have hidden between your undies and your socks. Nowadays there are a few different systems that use this clever little scheme hiding in your underwear. You can imagine how popular it is, no need to sneak around slipping floppies under doors and all that irritating cloak and dagger stuff. You download and install the software, generate the keys, and start emailing people your public key. If somebody encrypts something with your public key, only your private key can decrypt it. When you want to email someone an encrypted message, you get their public key. If you encrypt a message with somebody else's public key, only their private key can decrypt it. Reeeeeeaaaallll simple. Little secret: about fourteen years before these guys invented this system, the US government was talking to military cryptodudes and the NSA about this same problem but with nuclear missile signaling systems. They wanted some way of getting encrypted messages to the missile's computers in a way that wouldn't give anybody else the chance to get the key. So the NSA is saying that they had public key stuff a while back. Here's some of the NSA info and also information on the web about the Bell Labs papers and British discoveries about Public Key crypto way back in like 1970: http://www.cesg.gov.uk/ellisint.htm http://jya.com/nsam-160.htm. D. What's a Diffie-Hellman and who's RSA? Check it out, those are just different kinds of systems and keys. Diffie-Hellman keys are generated using a specific method for public key crypto, and RSA keys are generated using a completely different method for public key crypto. The basic public key thing is the same, but the two systems come up with the keys in a different way and go about the crypto thing using different algorithms. Whitfield Diffie, Ralph Merkle and Martin Hellman independently thought up a great way of generating a key pair in 1976 using a really tripped out math problem called the "discrete logarithm" problem. I ain't even going near explaining that, it's gonna hafta wait. Then the next year, some more brainiacs named Ron Rivest, Adi Shamir and Leonard Adleman invented the RSA scheme that essentially does the same job but based on a different mathematical problem called the "Integer Factorization Problem." Again, not touchin' it with a ten-foot pole. I'll go into it later. Much later. So keys created using Diffie, Merkle and Hellman's method are still called "Diffie-Hellmans." In fact, the newer ones are getting more popular because they can be used for digital signatures and everything. RSA still does all this stuff too and also is a big huge company. Funny thing: The early public key discoveries made at Bell Labs and in Britain's crypto unit from 1970 through 1974 used these SAME math problems. Then the others came up with them later on out of nowhere without even seeing the older work. Freaky huh? _______________________________________________________________________ Where are those back issues of GTMHHs and Happy Hacker Digests? Check out the official Happy Hacker Web page at http://www.happyhacker.org. We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. So don't email us about any crimes you have committed! And don't expect us to come to your rescue if you crash 100 million computers with some new Java virus you just unleashed. To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless Hacking, please email hacker@techbroker.com with message "subscribe happy-hacker" in the body of your message. Copyright 1998 Tim "No Sinister Nickname" Skorick . You may forward, print out or post this GUIDE TO (mostly) HARMLESS HACKING on your Web site as long as you leave this notice at the end. _________________________________________________________ ____________________________________________________________ GUIDE TO (mostly) HARMLESS HACKING Vol. 3 No. 8, Part 2 The Magical Mystical Crypto-Primer ____________________________________________________________ by Tim "No Sinister Nickname" Skorick V. WHAT'S THE EASIEST WAY TO GET INTO ALL THIS? (or "Phil Gets Paid") A. PGP and where to get it Awright, some of you cipherpunks knew this was coming. By far the easiest way to play around with cryptography is by getting your own free copy of PGP. PGP stands for "Pretty Good Privacy" and was created a while back by a real fun math teacher named Phil Zimmerman. It was only command-line-based, meaning you had to do those annoying dos-like commands and switches and all that and there's wasn't any windows-type point and click. They (him and his friends) finally came up with a windows version but then promptly sold the whole thing to a company called Network Associates. ~~~~~~~~~~~~~~~~~~~~~~~~ Go Get It! ~~~~~~~~~~~~~~~~~~~~~~~~ Go to http://bs.mit.edu:8001/pgp-form.html This is the Massachusetts Institute of Technology website where you can still get PGP version 5.0 for Windows. Now you could get the *new* PGP version 5.5 from http://www.nai.com/products/security/pgpfreeware.asp but that version will only let you send and get messages encrypted with a Diffie-Hellman key, and not an RSA key. If you want to play with both, you have to get the older freeware. Now either way, you're going to have to fill out a questionnaire at least promising that you're located in the USA and that you aren't going to email a copy of the software to "Bob the UnaHacker" in some terrorist country. I'm going to explain that in a little bit. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Okay, let me assume for the sake of easiness that you're going to be running PGP on some flavor of windows or possibly on a mac. Doesn't matter which, it'll work the same on most of them. 1. Install it on your computer. 2. When it asks you which key type you want to generate, start with Diffie-Hellman just for the heck of it. 3. When it asks you for the size of key you want, just pick the biggest (heck, ya might as well). 4. You then get to pound random data out of your keyboard and then watch this fun little animation thingy. 5. So it finishes. The first thing you'll notice is that they automatically give you the keys of just about everybody who has ever worked at or near PGP. No biggie. You're good to go with the cryptofun. A. Playing with PGP First things first: your clipboard is your friend. Oh yes, make friends with your clipboard. Verrrrrry important. Take him out to dinner, date his sister, tell him he's cool. You'll be using him quite a bit. What makes PGP so user-friendly isn't only that it works with all these different operating systems ... it also uses only the most idiotically simple parts of all these operating systems. You know what the "copy" and "paste" functions are on most computers, right? To "copy" you hit Ctrl-C and it writes stuff that you selected onto your clipboard, and "paste" is just Ctrl-V and it copies the stuff back onto your document wherever you want. Your clipboard is just the way-station, so where better to use encryption and decryption functions? So remember: 1. To mess with the data, get it onto your clipboard. 2. To look at what you did to it, move it from your clipboard onto a document somewhere. If you ever want to see what's on your clipboard at the moment, go to the PGP menu and select the thing that says "Launch Associated Viewer." The encryption fun goes like this: 1. Type some goofy simple little letter to yourself: Dear Tim, quit doing that with your eyes or they'll freeze that way. 2. Highlight all the text with your mouse. 3. Hit Ctrl-C. (it just copied the letter onto your clipboard) 4. Select from your PGP menu "Encrypt clipboard." 5. When it shows you all your public keys of people to write to, choose your own. 6. Drag and drop your name onto the "recipient" list. 7. Hit "ok." (it just encrypted everything on your clipboard but left the ciphertext there) 8. Go back to your document. 9. Click somewhere down below the plaintext you already typed. 10. Hit Ctrl-V to paste. SPLAT! 11. Look at that mess! -----BEGIN PGP MESSAGE----- Version: PGP for Personal Privacy 5.0 MessageID: B7gCHs7p6DU/TxZ7XFDbRklmHhdaWbBU qANQR1DBw04Djbfak/0G+g0QEACBqiGqyQEM8itHm0VGIvPovTWQwV27ARi/kScm Ffk+ekdHKelizo52sAzCN35+5JvO9F+rPTjgIOnDynhflfDoMc8sFJggrU+srXPR MQR6X53eOmYZOBQmXcg8GiVRgl+RyN1ZlqiKPV05Edl/UjueyE6koTeQRhbcUtRq BPLloA26jZcklJZu1lvPvkoAjxq+OuZKWNmlXQziTGMtTtgxDmtF7zZ6wZNCV652 CNGeIZVTMCC8ZAZ91lDq2qKq9fRzIVAyW0K0xMlMBMqTMhJCBScWr6iCCKnOwhFW OFRRByfOhX5bMiddET8SbL40Qfyc9lLG+xEGuOw6O5xMT5aQdWiSog4idrrBd61K KjUUglfeDFsni2lqGeUkt/nUcEnMhAApZoXxoKQ6wzZUipOxrMhWeQB8vLNTNmQc 5sPZEapLEioftjh9axL+lF2Z/9XAy0+UnUsjtw7OMhxyvhZWjjQNEko8OvaW7pL0 6eaXooE909ESkRKvkP2CATTVeTinXQk4kSH24SFwDaYxLDMJtGv88jOinKmBhOa0 c3UGKEfRliOgxqq18M6KdJtVOOLzTeiPuKmkwtgOXnt7ky7V1cy61kiBPWjme8Hs vt0VvFbKitU/dVjfdnrlMKJccG/PgYFYJ/9YM4M5XpSimMNxppLgFCbum3buVnn4 wP82aA//YRq9hkFblfdBk0bIrjOB11O5zo7MCabbkIm+xrQtVM7EZ1AV/OQw1QpM CvAOIHfq1THi3wWGIU9npMvDnelSsJRpWl2kde2tUDYZWELjSFjPofysFXd02fc2 yGFG+6Eb0a3WzFwSjwVfZUhmUVRGnOVK/WIz+jIAJq08mAUoq9lE7LUblpBgZb3l 4G5iGZ8H0yskYRzzXg5rPV3dV8fyo4pasbJ8tVnQBYZQ7t0MFdl0x/xqBm9fDevX vTf/atvWBF9+Vp9QepRmZ+ehATYe1N4VBknylhV4SRFar4Sja4BYWVVjYP/k1M6Q jkQ9jTmulHml317IH9HLdilri8cDosDX6n02QMD6lw/uiWs+ohpgLXuMCqbPLR1L 9y5Kbj2gTdlNUs/3b5RUXRDNjtjqVFpgscgQWNUseZ10P214L6I+lqAIh3qb5gdC FrKb82fvJdcFwQZtam9JHooyiG11OSRrahdMf2u8C0YWrfCKIDhLEwEaY3lHtk9P GumJu+9cF6z2hWovHHJ5lvWlwNNOtxohSGxV/3R8F41cQXnUPkPNLxqbYzlqzoZ1 z3Q6dyQ2gBbnjKiQm/VfDpPyKdvkWktl2iR2kyVyDwbP0u8NBQTsbkQ2r9yMPM/3 PHQoT8ME5q3FLOgSirV1YnNQCkTCfOHGb37ZtZlVQYN00gjJVCnJWr8bh9jD19yt YOvixVgaym2dwCk6e+GBxKtKJ5KgpULANG/tJbY8MZjpw7IyDK6lgo1wmnn4NSjG JIGLXn8rk44KbT2Qo3SzZftRf8Y+1i49QQ5eEdrFmxz1vg== =md+y -----END PGP MESSAGE----- WOW! That digital oatmeal looks cooler every time I make it. Heh heh heh. Now at the risk of sounding like Magnum P.I., I know what you're thinking. You're thinking "AAUUUGH! I put my letter through a blender! Oh the humanity!" Just calm down. Remember, it's moronic to encrypt messages that can't be decrypted (this doesn't go for some password protecting ideas and for "digital signatures," but those aren't really messages and we'll chit chat about that in the next primer). At first glance, for all we know, that mess up there might just be random garbage. Guess what? We can prove that it ain't. You wrote the letter to yourself and encrypted it with your own public key, didn't ya? You have your private key and can decrypt the message even easier than you encrypted it! Ha ha ha HA! Here's what ya do: 1. Highlight the entire ciphertext, from the beginning of the "-----BEGIN PGP.." to the end of the " END PGP MESSAGE-----" 2. Hit Ctrl-C to copy it onto your clipboard. (I know it was already there from last time but let's pretend you just got this particular blob sent to you from somebody else) 3. Go to wherever your PGP menu is and click on "Decrypt/Verify clipboard" and put in your passphrase when asked for it. (When you see the box that says "Decryption Successful," that means that it just decrypted the stuff on your clipboard but left it there) 4. Go to your original document and click down past the stuff you already put there. 5. Hit Ctrl-V to paste. 6. Voila! Dear Tim, quit doing that with your eyes or they'll freeze that way. Ta-DUM! Isn't this a momentous occasion? I think I'm misty-eyed ... A. Getting someone else's public key This is easy. You find the text version of their key on either a website or from a text file or email or whatever. I showed you part of mine, it looks a lot like the encrypted mess we just saw. 1. Highlight the whole thing again, from the beginning of the " -----BEGIN PGP PUBLIC KEY ... " to the end of the " ... --END PGP PUBLIC KEY BLOCK-----." 2. Then hit Ctrl-C to copy the key to your clipboard. 3. Now go to the PGP menu and just pick the option that says "Add Key from Clipboard." 4. You'll see a window open up telling you that PGP saw the key and knows what it is, and you hit the "import" button. Simple, huh? A. What PGP really does It's a plain and simple truth that most secret-key programs run way faster than public-key systems. So PGP makes the best of both worlds. When you encrypt a message to someone with PGP, it first compresses the message to make sure it won't take up a whole lot of space. It then makes its own little secret symmetric key (like from DES or something) and encrypts the text with that (really fast) symmetrical algorithm. After that, it takes the receiver's public key and encrypts just the secret DES-type key. Since it's only encrypting a key, it goes way quicker than if it were encrypting the whole message. The PGP message is both of these blobs of ciphertext all crammed together. When the receiver's PGP program gets the message, it uses the private key of the recipient to decrypt the secret key from the blob first (goes quickly cuz it's just a key). It then uses the symmetric key it just deciphered to decrypt the rest of the message from the blob quickly, and decompresses the message the rest of the way into readable form. V. OTHER WAYS TO START USING CRYPTO A. Secure your Netscape connection - Part One: Your browser COULD be secure: Dude, it suuuuuuuucks that people haven't done this more often yet. Check it out. If you have the right version, Netscape can connect to cooperating web sites in a really secure way. Try it, instead of typing "http://", type "https://". That tells your net machine to try to connect with the server using its "Secure Sockets Layer." That's the part of your browser that can encrypt everything going between you and the server you're surfing to. You know the little key type thingy in the lower corner of your browser? It usually has a slash through it or shows an open lock or something. This means you are wandering around the web making non-secure connections. If you hook up a secure connection using "https" to a web server, it will show a complete key, or a closed lock, or various other "locked" looking things. >Oooooooh! Aaaaaah!< If you don't see a change, or get a message saying "hey doofus, this isn't an https site," don't worry. Most websites aren't set up to let you connect securely, there's usually no reason to. You'll find the places with "https" addresses at online stores, banks, and other places where security would be needed. I mean, do you REALLY care how many people know you post to the Nine Inch Nails board seven hundred times a day? - Part Two: It probably ain't But even if you're connecting to a site that can do the whole secure thang, and even if you do connect and see the "locked" looking thing in the corner, you probably aren't any more secure than you were before. "Why" you ask? Cuz even then, the crypto connection that your browser is using is probably weak. - Part Three: Here's why it ain't Here's the skinny. Our U.S. government people consider crypto technology a weapon, because twenty years ago back in the cold war it was a dangerous thing for your enemy to have. The United States "Export Law" says that since it's considered a weapon, it's illegal to export out of the country. Why is it such a big freakin deal? Well, America has interests spread out all over the place, and we have spies who pay real close attention to what goes on all over the world, especially in terrorist countries. If terrorists start using strong crypto, we can't eavesdrop on them and maybe tell when they're gonna blow stuff up (Not that our spying on these people has kept them from blowing stuff up before now). Now before you get all in a frenzy, people have been trying to reach an agreement with our intelligence people for a while now.. There are a lot of bills in the House and the Senate trying to fix this, but no luck yet. I mean, heck, Congress has only been at it for about six years now, give em a little time ... So when you download a browser off the net, most people get stuck downloading what's called an "export-grade" web browser. That means one whose crypto stuff is weak enough for the government to feel okay about you exporting it. Don't buy anything off the web with those wimpy little browsers, cuz any cyber-moron that knows how to use a packet sniffer and a cracking utility can read your credit info that you buy stuff with. >Boooooo! Hissssss!< Part Four: Here's why that sucks Netscape can work with all the great crypto stuff out there through its Secure Sockets Layer but people are usually limited to 40-bit encryption stuff, which is really weak and super lame. Crypto stuff that weak has been cracked left and right. Heck, Bruce Schneier will even give you a SCREEN SAVER that can crack this type of encryption, and it even BRUTE FORCES IT!!!! Can you imagine how weak that is? Sheesh!! You can get it at http://www.counterpane.com/smime.html Part Five: Fix it! Help is here! >sound of trumpets< This super high-class software guy named Farrell McKay and some of his friends put together a little set of files called "Fortify" that you download right into your browser's home directory, run them, and they just strengthen the SNOT outta your browser. They pump it UP, my friends. Here's what you should do. First send me a million dollars. Then, go to the "Fortify" website at http://www.fortify.net/index.html. Then check what your connection security is for right now at the link that says "SSL checker" (Yes, that stands for "Secure Sockets Layer Checker"). It will tell whether or not your browser is set on "wimpy mode" or whether or not it can connect to a server in a safe way. It will even list all the different secure connections you could have along with what you actually have. If that page tells you that your connection is weak, go to the "download" page and get the version that's right for your computer (there isn't a version available for Macs yet). Stick the stuff in the directory that your browser is in and follow whatever other instructions there are. It's easy and really quick to do, and then you have to restart your browser. Now to check if it worked. Go back to the SSL checker at their site, you might have to hit reload. See what it says? Most versions should connect at a full 128-bit RC-4! Note: Remember the cryptogenius Ron Rivest who helped create RSA? RC-4 is one of his own special algorithms, and a sweet one at that. So, you can send and receive super-secret encrypted email that nobody can read, and you can connect with whopping 128-bit RC-4 to participating websites. This would be a good time to rub your hands together and cackle maniacally. Now I know you're hooked ... V. WRAP UP STUFF A. All that confuses is not crypto The biggest thing to keep in mind when you dig around for good crypto stuff to play with is this: Just because it has a fancy-schmancy name like "cryptographic module" and seems to screw up text real good doesn't mean that it is real cryptography. Even if it comes from a big name software company, it ain't necessarily worth your while. Real cryptography is incredibly difficult to make secure. Most of these companies churning out software packages that protect passwords and encrypt little documents and stuff don't bother with any kind of real work in that area. I won't even go into these wiseguys on the web and in hacker rags that write their own stuff and then try to sell you on it. Sheesh! Most of them have no idea what they're getting themselves into. Cryptography is just too tough and experts are few and far between. These warnings are covered a bit more in the web resources section later on. So ... B. Beware "kindergarten cryptography" Don't just take someone else's word for it. There are all kinds of interesting ideas floating around about new crypto stuff from people who only sound like they know what they're talking about. From hacker magazines, to newsgroup postings from alleged elite experts, to rave reviews in big computer magazines, everybody seems to know what crypto should be and where to find the good stuff. Ugh. It ain't the wares that the journalists rave about. It ain't the program that your favorite hacker writes. It ain't the impressive looking plug-in that your favorite software company tries to sell you. The "good stuff" is what survives the tests by the experts. Remember this: learn the names of the experts. Learn the names of the algorithms and cryptosystems. After a long, long, long time on the market and after a wayyyyy lot of tests, the algorithms and systems that live on are the good ones. And that's only for today. Breakthroughs in computing power have made more than one seemingly secure cryptosystem obsolete. Every algorithm that is untested or unreleased to the public, every algorithm that flies in the face of established mathematical law and number theory, every algorithm that claims to be great but isn't available to be proven is not cryptography, but kindergarten cryptography. Using kindergarten cryptography is even worse than using no cryptography at all. You know why kindergarten cryptography is so dangerous? Because it fools you into thinking it's cryptography, and you use it on private stuff that it isn't really going to protect. If you didn't try to use any crypto at all, at least you would know enough to save the private stuff for later and it would never be at risk! C. Words you get to throw around! Awright all you showoffs! You should be able to use all the words down there in quotes even if you can't necessarily give a total definition for some of them. Throw them around, get used to them. Better yet, use them in sentences - around your friends who don't know what they mean :) Yack away! You know that: "Cryptology" is made up of "Cryptography" (or "crypto") and "Cryptanalysis" and the guys that do that are "Cryptographers" and "Cryptanalysts." You know that the "Ceasar cipher" was an old way to "encipher" (or "encrypt") something and also to "decipher" (or "decrypt") something. Before you encrypt, the message is still "plaintext," and "ciphertext" is what it is when it's encrypted. A "substitution cipher" ain't the best "cryptosystem" anymore. "Algorithms" are step by step math processes, here's some: "RSA" "IDEA" "DES" "Blowfish" "CAST" "El Gamal" "RC-4" and they all HAVE to use a "key." "Binary" means made up of ones and zeros. A "passphrase" is a series of passwords. "Blocks" are chunks of text, "iterations" are separate encryption steps that your algorithm takes on the blocks. A "random number generator (RNG)" gives you good random numbers and nobody will "brute force" your key if it's big enough. "Protocol" means behavior. A "symmetrical cipher" is the same as "private key" crypto which is also called "secret key" crypto. These are the opposite of "asymmetrical ciphers" which are also known as "public key" crypto which you use a "key pair" for like "Diffie-Hellman" keys which are based on the "discrete logarithm problem" or "RSA keys" which are based on the "Integer Factorization Problem." If it's an asymmetrical cipher the "encryption algorithm" that turns plaintext into ciphertext is different from the "decryption algorithm" that turns ciphertext back into plaintext. "PGP" can use all these. "Secure Sockets Layer" is how your browser tries to use crypto but it's hampered by annoying "export law" that limits you to downloading "export-grade" encryption, which is weak. "Fortify" fixes that right up, and it ain't no "kindergarten cryptography." And - look way down at the last book suggestion - "steganography" is the art of hiding messages - usually encrypted ones - someplace where you wouldn't expect. V. WANNA LEARN MORE? A. Quick web stuff Real quick ways to get some more entry-level info, most are stuff in Acrobat format! 1. Go to the PGP user's manual that you downloaded with the software and thumb through to about page 81 in the manual for version 5.0, page 77 in version 5.5's manual. That has a great section on crypto stuff. If you're not sure where on your computer it is, go to the directory you put PGP in. Open the folders till you come to one with a bunch of files in it, and there should be a document there with a .pdf extension. That's it. 2. Hit RSA's website at http://www.rsa.com/rsalabs/newfaq/ and download their world famous cryptography FAQ. It's stellar. 3. Let's keep our learning well-rounded, go to Bruce Schneier's Counterpane website for two VERY important essays on understanding what cryptography, privacy and security are all about. They're both downloadable: "Why Cryptography Is Harder Than It Looks" http://www.counterpane.com/whycrypto.pdf.zip "Security Pitfalls in Cryptography" http://www.counterpane.com/pitfalls.pdf.zip A. Books to look for "Applied Cryptography" Second Edition by Bruce Schneier, John Wiley & Sons, 1996 This is hands-down the best place for you newer crypto people to start really digging in. Bruce wrote this book in plain English (but it has been translated into others too!), explaining everything really clearly. It's sometimes really funny and always easy to read. The book just covers everything. Absolutely everything. The price is a little hefty, but it's a big book and has the source code in C in the back for all you programmers who wanna start tinkering with programming crypto. Check out some more reviews, alternate language versions and other info at Bruce's site http://www.counterpane.com/applied.html "Handbook of Applied Cryptography" by Alfred Menezes, CRC Press, 1996 This one is a little tougher to find, but it's a really sweet layout of the math and algebra stuff underneath a lot of the secrets that make crypto strong. There's a big treat here, too. It talks about using crypto in places like the banking industry and in alarm systems and all manner of neato environments. It also has a lot of newer information about things happening in the crypto world lately. Look at the info and also a couple of chapters in Acrobat format at: http://www.dms.auburn.edu/hac/ "Decrypted Secrets" by F. L. Bauer, Springer Verlag, 1997 This one is a doozy. This was written from a really technical, but also historical perspective. Just don't let the columns of numbers and figures freak you out too bad at first. Some people might have trouble wading through all the math and number theory stuff, but you will be rewarded when you do. There are a ton of stories from history, like spies and wars and stuff since way back when. All of these stories are fascinating to read and are used to make you better understand why the basic rules of using crypto are the way they are. They show this by telling you all the funny ways that crypto people have screwed up in the past, and also by highlighting some of the smarter minds that made the really huge breakthroughs and discoveries. "Disappearing Cryptography" by Peter Wayner, Ap Professional, April 1996 This book is a little trippy. It deals more with some of the high-level privacy philosophy involved, and lays it out in a very interesting, if strange, way. Each section has a real simple description of what it talks about, followed by more technical math descriptions and then a programming example. Good to have, even though it deals more with hiding cryptography (a practice called "steganography") than it does with actual cryptography. _______________________________________________________________________ Where are those back issues of GTMHHs and Happy Hacker Digests? Check out the official Happy Hacker Web page at http://www.happyhacker.org. We are against computer crime. We support good, old-fashioned hacking of the kind that led to the creation of the Internet and a new era of freedom of information. So don't email us about any crimes you have committed! And don't expect us to come to your rescue if you crash 100 million computers with some new Java virus you just unleashed. To subscribe to Happy Hacker and receive the Guides to (mostly) Harmless Hacking, please email hacker@techbroker.com with message "subscribe happy-hacker" in the body of your message. Copyright 1998 Tim "No Sinister Nickname" Skorick . You may forward, print out or post this GUIDE TO (mostly) HARMLESS HACKING on your Web site as long as you leave this notice at the end. _________________________________________________________