| 1 | = PGP (Pretty Good Privacy) = |
| 2 | |
| 3 | - GnuPG: GnuPG forms the heart of Gpg4win – the actual encryption software. |
| 4 | - Kleopatra: The central certificate administration of Gpg4win, which ensures uniform user navigation for all cryptographic operations. |
| 5 | |
| 6 | You can use your host machine for this. Download Gpg4win (GNU Privacy Guard for Windows) from [https://www.gpg4win.org/index.html here] |
| 7 | |
| 8 | == Installation == |
| 9 | |
| 10 | - Open the windows installer file and click '''Next''' |
| 11 | - The next page displays the licensing agreement. Make an Exception for this Lab and click next without reading the license. |
| 12 | - Select GnuPG, Kleopatra, GpgOL, and GpgEX as applications to install and click next |
| 13 | - Click '''next''' in all the other steps. |
| 14 | |
| 15 | == Create Certificate == |
| 16 | - Open Kleopatra |
| 17 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/kleo.png)]] |
| 18 | |
| 19 | - Click on File > New Key Pair. |
| 20 | - In the following dialog you select the format for the certificate. You can choose from the following |
| 21 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/kleo1.png)]] |
| 22 | |
| 23 | - Create personal OpenPGP key pair. |
| 24 | - Now enter your name and e-mail address in the following window. |
| 25 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/kleo2.png)]] |
| 26 | |
| 27 | - Click '''Advanced Settings''' and Tick the '''Valid Until''' check box |
| 28 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/kleo3.png)]] |
| 29 | |
| 30 | - You will see a list of all of the main entries and settings for review purposes. If you are interested in the expert settings, you can view these via the '''Show All details''' option. If everything is correct, click on '''Create''' |
| 31 | - Now to the most important part entering your passphrase! To create a key pair, you must enter your personal passphrase. Choose a passphrase which is easy-to-remember but hard to break secret passphrase. You can't recover this passphrase if you lost it. Confirm the passphrase and click '''Create''' |
| 32 | - Now your OpenPGP key pair is being created. This may take a couple of minutes. |
| 33 | - As soon as the key pair creation has been successful, you will see the following page. |
| 34 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/kleo4.png)]] |
| 35 | |
| 36 | - Click '''finish''' |
| 37 | - You will see the created key entry on the |
| 38 | The 40-digit “fingerprint” of your newly generated OpenPGP certificate is displayed in the results text field. This fingerprint is unique anywhere in the world, i.e. no other person will have a certificate with the same fingerprint. Actually, even at 8 digits, it would already be quite unlikely that the same sequence would occur twice anywhere in the world. For this reason, it is often only the last 8 digits of a fingerprint that are used or shown, and which are described as the key ID. This fingerprint identifies the identity of the certificate as well as the fingerprint of a person. |
| 39 | |
| 40 | == Key servers == |
| 41 | |
| 42 | - You can upload your public key to a key server so that the public can access it. You can submit your public key to a keyserver by selecting the key entry and click '''file > Publish on keyserver'''. |
| 43 | - Or you can submit it manually. For that first export the public key by selecting the key entry and do to '''File > Export'''. Select the location to save and click '''Save''' |
| 44 | - Go to the saved location and open the key file in a notepad. Copy everything |
| 45 | - Open a browser and go to '''keyserver.ubuntu.com''' and paste the key in '''Submitting a new OpenPGP Key''' text field. Click the '''Submit'''. |
| 46 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/keys.png)]] |
| 47 | |
| 48 | - You should get a '''1 key(s) added successfully''' message. |
| 49 | - Go back to the '''keyserver.ubuntu.com''' and search your key by giving the Name(Name you given when creating the key pair) in the '''Search String:''' text box and clicking '''Search''' |
| 50 | |
| 51 | == Importing keys from keyservers and Signing == |
| 52 | |
| 53 | - Go to the '''keyserver.ubuntu.com''' and search your neighbors key by giving the Name(Name he has given when creating the key pair) in the '''Search String:''' text box and clicking '''Search''' |
| 54 | - Once it appears. Click on the '''fingerprint''' and you will get the public key. '''Copy''' the whole key as shown. |
| 55 | {{{ |
| 56 | -----BEGIN PGP PUBLIC KEY BLOCK----- |
| 57 | Version: SKS 1.1.6 |
| 58 | Comment: Hostname: keyserver.ubuntu.com |
| 59 | |
| 60 | mQINBFsaNl0BEADibv71gRdknEQ5dOz++rSaeu/91ayWpfavrYMdfyO69vQsXTwOuCFTVu8n |
| 61 | jyiPWTB563KANCdybIbHDg88SwmXi5XZgEI+6oOJ5//EGLJCiBbXRLEnn1lAjgOqgem4Vgfn |
| 62 | ... |
| 63 | ... |
| 64 | 21nn8fliGBWbCFI4aeqLjr/dJ6Mdwu/1Zvr3lP0ZcN6+bP7pMwuV/91rxRJ0wgd14har5h4Z |
| 65 | nPavHdfKuyHCEX+VRUUPMDQE3P688zCcsz/gRz5D8sa/h0N77tOTCAhS8tJsLzgxffpAEHpq |
| 66 | 9A== |
| 67 | =ynpw |
| 68 | -----END PGP PUBLIC KEY BLOCK----- |
| 69 | }}} |
| 70 | - Open a note pad, '''Paste''' the key and '''Save''' the file. |
| 71 | - Go to Kleopatra interface and go to File>Import. Select the Saved txt file that contains your neighbors Public key |
| 72 | - You will get the following window. Click '''Yes''' |
| 73 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/sign.png)]] |
| 74 | |
| 75 | - Then the system will ask you to Sign the the key. Check the User IDs and check the '''I have verified the fingerprint''' check box. Click '''Next''' |
| 76 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/sign1.png)]] |
| 77 | |
| 78 | - You will ask for your passphrase. Enter the passphrase and Click '''Certify''' |
| 79 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/sign2.png)]] |
| 80 | |
| 81 | == Sending signed e-mails and encrypted messages == |
| 82 | |
| 83 | - Go to Kleopatra interface Select your key entry and go to '''File>Export Secret Keys'''. |
| 84 | - Give a location in the next window and Click the ASCII armor check box. Click '''OK'''. Note the location where you save |
| 85 | - Open Firefox or Chrome browser. and go to https://www.mailvelope.com/en |
| 86 | - Get the mailvelope Add-on and allow it in your web browser. |
| 87 | - Now you will see the mailvelope icon on your browser. Click on it and Again click on '''Configure Mailvelope''' tab |
| 88 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/maileve.png)]] |
| 89 | |
| 90 | - You will get the Configure page. Go to Key Management and Click '''Import Keys''. |
| 91 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/maileve1.png)]] |
| 92 | |
| 93 | - Click '''Select a key text file to import''' Button. Locate the private key you exported from Kleopatra and click '''Open'''. |
| 94 | - Search your Neighbors key from the Key search text box. Once you get it to click on the fingerprint and you will get the following output. Click on the '''key icon''' and the Public key will be saved. |
| 95 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/maileve2.png)]] |
| 96 | |
| 97 | - Now go to '''Display Keys''' and you will see the imported keys. And Primary key will be the '''private key''' |
| 98 | Now you have set up Mailvelope you can try sending mails. |
| 99 | - Open mail from the browser. Compose a mail and you will see the following button. Click on it. |
| 100 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/email.png)]] |
| 101 | |
| 102 | - And you will get '''Compose Email''' window. |
| 103 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/email1.png)]] |
| 104 | |
| 105 | - Give your neighbors an email in the Add recipient text box. (It will automatically suggest you as you have your neighbors public key) and type a message in the text field |
| 106 | - Click '''Options''' and check the '''Sign message with key:''' check box. |
| 107 | - Click the encrypt Button and you will be directed back to the original compose mail window with a PGP Message. |
| 108 | [[Image(https://ws.learn.ac.lk/raw-attachment/wiki/netsec2018pgp/email2.png)]] |
| 109 | |
| 110 | - Send the e-mail. See whether your neighbor can decrypt the message. |