Download - OpenPGP Message Format
Java Privacy Guard
An Implementation of theOpenPGP Message Format in Java
Stefan More,Advisor: Dieter Bratko, Peter Lipp
June 13, 2014
Overview
1. Problem Statement
2. openPGP
3. Java Privacy Guard
4. Summary & Outlook
Stefan More, Bakk@IAIKJune 13, 20142
Problem Statement
Message Confidentiality
Message Integrity
Sender Authentication
Anonymity
End to End
Stefan More, Bakk@IAIKJune 13, 20144
openPGP
Stefan More, Bakk@IAIKJune 13, 20145
PGP History
Pretty Good Privacy
1991: PGP created by Phil Zimmermann
most widely used email encryption software [6]
1998: PGP 5 standardized: openPGP (RFC 4880)
2010: PGP assets sold to Symantecfor $ 300.000.000 (Enterprise Security)
Stefan More, Bakk@IAIKJune 13, 20146
Standard: openPGP (RFC 4880 etc.)
Implementations:
PGP (Zimmermann, Symantec)GnuPG / GPG (GNU)APG (Android)End-to-End (Google Chrome)Bouncycastle (Java)Java Privacy Guard (IAIK-JCE)
Stefan More, Bakk@IAIKJune 13, 20147
openPGP
Combines Symmetric-Key Cryptographyand Public-Key Cryptography
+ Hashing
+ Data Compression
+ Trust Model
Stefan More, Bakk@IAIKJune 13, 20148
Revisiting Problem Statement
Message Confidentiality: Encryption
Message Integrity: Digital Signatures
Sender Authentication: Web Of Trust
Anonymity? Tor, I2P, . . .
Stefan More, Bakk@IAIKJune 13, 20149
De-/Encryption
Encrypt Data with Random Symmetric-Key,encrypt Symmetric-Key with Public-Key
Multiple Receiver: Encrypt Data only once
Symmetric Cipher: AES, IDEA, 3DES, CAST5, . . .Keysize ≥ 112 bits [7]
Public-Key Cipher: RSA, ElGamalKeysize ≥ 2048 bits [7]
Stefan More, Bakk@IAIKJune 13, 201410
Stefan More, Bakk@IAIKJune 13, 201411
Stefan More, Bakk@IAIKJune 13, 201411
Stefan More, Bakk@IAIKJune 13, 201411
Stefan More, Bakk@IAIKJune 13, 201411
Digital Signatures
Hash Message Body & Sign Hash with Private Key
Sign Other Keys (→ Trust Model)
Hash Algorithms: SHA-2, SHA-1, RIPE-MD/160, MD5
Signature Algorithms: RSA, DSA
Stefan More, Bakk@IAIKJune 13, 201412
Web Of Trust
Decentralized Trust Model(Can be centralized)
No Certificate Authority
Transitive Trust
Pathfinder: pgp.cs.uu.nl/doc/faq.html
Key-Set Analysis: pgp.cs.uu.nl/plot
Stefan More, Bakk@IAIKJune 13, 201413
Java Privacy GuardopenPGP in Java using IAIK-JCE
Stefan More, Bakk@IAIKJune 13, 201414
Java Privacy Guard
Full Implementation of RFC 4880 (not yet)
Compatibility to other PGP Implementations
Simple API & Extended API
Key Management
Crypto provided by JCA (default: IAIK-JCE)
Stefan More, Bakk@IAIKJune 13, 201415
openPGP Structure
Packets:
Internal StructureContain actual Data (+ Metadata)
Transferable:
Consists PacketsMessage, Keys, Signature, Keyring, . . .
Stefan More, Bakk@IAIKJune 13, 201416
-----BEGIN PGP MESSAGE -----
Comment: GPGTools - http :// gpgtools.org
hQIOA5v3tWTQmvtJEAf/QPf5FuQMZpG+cKylmm819K2eoIv75nxTSk25tLwVkGMi
IR0xOVCkTV+PNgi7aSbhNxBZ6dMJougl1cGx/XtKZ3bQ2gli5h+pxzGnRhTBzu2n
BWh361unf42D9cIWV3ME+f18rZynp4EdBDk6NENdPiaV0odMdlxoDbPmrrdEzM5F
ozjm6c9RJD7gDQ4KVfy13eiSX+MSgsbdMeDk0EgqwzczHl /5 ATWFMh3x+uDZ0mop
6NXlX3rvzFoA9NkiDR0CDcYuTXspfDt6JJyDYRlgm4KEaBbP+Eh6rZK4vBIq/Bkj
KK9ZwKZOtkljtMvGYWV9AD2CStOrP5lT7wFM/IAEAwf/RvAq6ixUhqjGExrcxc68
6NB1Ka1zp4FfMYH9I3IKKQTjIVbgCqINil4hvaqUBdF7YXc/gS0skWKztqUqEKky
BIW8pmKw0+AIHuHQUtebSnd/y3LmQhlMj/WjnTEK2DeirU5e05YzKnSdZMRBDAEg
GMFSs9gNgYBvrh1LQhXCdwwga05s5sOFPk4lRMAjm1eKjny74OpBv0Ze4UKWeG /4
DLhPAa5n0GZWVZ81UK5xeQEuWoH2BTtbUJ32yxFDrCFUNqRBJh67AiXQeT3gzkp7
cmjxdvSZLQd94mOChWvPAqxgG4w0SPSeJVaiDDVj0P24Lt+yHBSMOaxi3k7vWJwW
moUCDAO1gB/YJnRgOQEP/iIX3/GYPJvegETBEV8z8ug36TLlqx6VDK2B6wp7C9BB
E0FfIKa6vVDmUt7FOtzHIfcu1by9U0NAt4IzIs8gO9P ++ vI72qwyjJmapkdJ6TOk
w8pJn8sweV/rNT5NoYjhG10ErxtzhspQCykt8d3hx4mCoBxDYtJl6fDLceji/YJV
2tI0/0 I8wiKsl/EkO817/BgjnLKQvVctqiHBlo5o4YxyxWycXVVdkctAtH4NWO0H
dmr76stfCFPQTo24Fjd /1 fi8rIcHVJIv+yuEd1ZkBw/BibaCkBCseNXJUVsedEAC
0rGcCCT56gQuGrzlmRbptvzgr2WQ+qYZJwmomZqeF4xP81A9rbWaDINr5/slkRIZ
ie9HV+6 krAaDJ9iEAJcK0yorkznFszW6+uynljZ+sWn72Ff/UBVSktYF+J8zDISI
e/6 NpeEvgL5EByrY/LEXeCzPjok3JCt7wZhqjdcrDJLveYfw2StGunxhfl33wRqx
kBG0G49ba+v3fyOTSqjlA5yekZ6YkQJaQIfLCa1Guierw9oFKAENMx1xzfL4TJWW
RGx54xBUmMblZPVIDgE5cWVqmaZoRH5SvlEQEi9lW8yuGVvdJfdLHdPsRSxRPwz4
fDHfpYLYM9Kj5My3inYd9NmIvWoFTFgHJuy3B3pd4pPXLxjgA+Qo3ncCneQkluDe
ySG6c8b+hCyl9b4S/qBnzPumxCVZ1FUvubuAboMgGno0hd8=
=2IUj
-----END PGP MESSAGE -----
Stefan More, Bakk@IAIKJune 13, 201417
tag: Public-Key EncryptedSession Key Packetlength: 526version: 3keyId:“9BF7B564D09AFB49”publicKeyAlgorithm:“Elgamal (Encrypt-Only)”encryptedSessionKey
tag: Public-Key EncryptedSession Key Packetlength: 524version: 3keyId:“B5801FD826746039”publicKeyAlgorithm:“RSA (Encrypt or Sign)”encryptedSessionKey
tag: Symmetrically Encrypted Data Packetlength: 33Encrypted Data
Stefan More, Bakk@IAIKJune 13, 201418
Load & Decrypt PGP Message
IAIK . addAsProvider ( ) ;
PGPMessage pgpMessage = parseMessage ( i s1 ) ;PGPPrivateKey pr ivKey = parsePr ivatekey ( i s2 ) ;
PGPCipher c ipher = new PGPCipher ( ) ;c ipher . i n i t ( PGPCipher .DECRYPT MODE, p r i vkey ) ;
byte [ ] c l e a r t e x t = c ipher . doFina l ( pgpmessage ) ;
Stefan More, Bakk@IAIKJune 13, 201419
Summary
Studied RFC 4880 & IAIK-JCE
Implemented:
Reading ASCII-Armor (Base 64 + CRC24)Parsing PGP Message Objects (Packets)Key Management (Simple Keychain)Message Decryption (RSA & ElGamal)Signature Validation (RSA & DSA)Decompression
Stefan More, Bakk@IAIKJune 13, 201420
Outlook / Future Research
Message Encryption and Signature Validation
Missing parts of RFC 4880 (Partial body length, . . . )
RFC 6637: ECC
Keyservers?
Stefan More, Bakk@IAIKJune 13, 201421
Thank You for Your AttentionQuestions? Remarks?
Stefan More, Bakk@IAIKJune 13, 201422
[1] Laura Poitrashttps://commons.wikimedia.org/wiki/File:Edward_Snowden-2.jpg
[2] Glenn Greenwald https://en.wikipedia.org/wiki/File:Glenn_greenwald_portrait_transparent.png
[3] Katy Scogginhttps://commons.wikimedia.org/wiki/File:Laura_Poitras_2014.jpg
[4] Regionales RechenZentrum Erlangenhttps://commons.wikimedia.org/wiki/Category:RRZE-Icon-Set
[5] The Opte Project http://www.opte.org/the-internet
[6] http://www.philzimmermann.com/EN/background/index.html
[7] Recommendation for Key Management, Special Publication 800-57 Part 1Rev. 3, NIST, 07/2012. http://www.keylength.com/en/4/
[8] http://cirw.in/gpg-decoder
Stefan More, Bakk@IAIKJune 13, 201423
Oracle and Java are registered trademarks of Oracle and/or its affiliates.Google and Chrome are registered trademarks of Google and/or its affiliates.Other names may be trademarks of their respective owners.
Stefan More, Bakk@IAIKJune 13, 201424