This is a Clilstore unit. You can .
In this part of the unit we are talking about how to make sure, the communications through a shared channel, like internet, where there are many bad guys, who might intercept the messages, read and modify them, and even usurp the identity of other people with evil intent.
In the activity 1, we will learn how to ensure that nobody except the legitimate receiver will read your communications using encryption
In the activity 2, we will learn how to ensure that the message has not been intercepted and modified by a third person, using digital signature
In the activiy 3, we will learn how to ensure that the sender is identified in a reliable way using certificates from an Certifying Authority
All these elements are meant to make sure the communications from a legal standpoint. This concept is also known as to provide LEGAL SECURITY to the Internet
In this activity you will learn how to use Kleopatra, an asymmetric encryption program based on P.G.P., to make a couple of public-private keys, and exchange them with a classmate so that you can encrypt text files with a secret message that only your classmate will be able to read.
This activity must be carried out between two students. So, choose a partner among your classmates.
Nowadays Internet is extremely insecure, and any information moving through the net can be intercepted by third parts. This includes confidential information as the transmission of our personal data, our bank account credentials, and login and passwords.
When it comes to transmit data through internet there are two big problems:
How to make sure that the data travelling through a public network are hidden for anybody safe the addressee. This can be done through encryption of the message.
How to authenticate that both, the sender and the receiver are they themselves. This is done through digital signature. We will practice the use of digital signature in activity 2
How to make sure that the document have not been intercepted, while travelling for the net, and modified by a third part. This is done through digital signature. We will practice the use of digital signature in activity 2
To encrypt is to transform a readable message in something unreadable for everybody except the legitimate receiver. The opposite process, which allows the receptor to decode the unreadable message turning it readable is called to decrypt.
There are two types of encryption: symmetric and asymmetric.
It uses a single key that must be known by the sender and the receiver, both to encrypt and decrypt.
Symmetric encryption is simpler and easier to implement but has to overcome a fundemental problem: privacy depends on the secret of the key…. How to send the key through a shared channel preventing it to be intercepted by others
In this case we are using a couple of different but mathematically related keys (instead of one single key). The Public Key will be used to encrypt the message, in such a way that only can be decrypted with the other key, the private key.
Both speakers exchange their public keys
The sender encrypts the message with the receiver's public key. You must realize that this key only can be used for encryption. Once the message is encrypted, not even the sender can decrypt it, because he only knows the public key, and this is useless for decryption.
The sender sends the message through the network.
The receiver decrypts the message with the his private key (the receiver's private key)
Asymmetric encryption ensures privacy when the message must be transmitted by a shared channel, but is more costly and complex than symmetric encryption
From now on, to avoid confusions we will use the terms single key encryption (SK) and public-private key encryption (PPK) instead of symmetric and asymmetric
Kleopatra uses a slightly different procedure. As public-private key encryption (PPK) of the whole message is very costly, it uses single key encryption (SK). This means that the single key must be transmitted through the shared network from the sender to the receiver, and to ensure its privacy, the single key is encrypted using PPK encryption.
Kleopatra uses a Public-Private key encryption algorithm called PGP (Pretty Good Privacy). Actually this is the universal algorithm used by most encryption systems
Sender and receiver exchange their public keys
The sender chooses a random single key called the session key.
The message is encrypted with the session key, (symmetric encryption or SK encryption)
The single key (that is, the session key) is encrypted using the receiver's public key and PPK encryption. Then the encrypted singled key is added as a head to the message main body.
The encrypted message is sent through the network
The receiver decrypt the head of the message using his private key. This way he gets the session key, that is the asymmetric key
Once the receiver has the asymmetric key, it can decrypt the message body
In cleopatra a couple private-public key is called a certificate
The first thing you have to do is to create a couple of public and private keys
Here we can select on Make a backup of your key pair in order to make a backup copy of the PP keys in a file. Select a location in the hard disk and a file name to store in it the key. Then click on OK and later on Finish
The next step is to store our public key on a file and send it by e-mail to your classmate. You can also use an USB or shared folder in the network or in the cloud.
Select the certificate you have just created.
Select the menu option export certificate
Select a location in the hard disk and write a name for the file
This file ended in is your public key. Now you have to send it to one of your classmates. This will allow you to send encrypted files to him/her. This doesn't allow you to decrypt encrypted files he/she might send to you.
In order to decrypt your classmate's answers, he/she must send you his/her public key, and you have to import it
Let's do it. Assuming you have received a .asc file containing your classmate's public key.
Click on Import Certificate
Select the .asc file received from your classmate
Open a text file using gedit (Aplicaciones→accesorios→gedit) and write a secret message. Then save it.
Click on File/Sign Encript and select the text file you have just written
Select the option encrypt
Select the imported certificates tab
Now select the receiver public key ( that is, the certificate of the classmate whom you are sending the encrypted message)
Done the encrypted message has gpg
Make a screen capture at this moment and upload it to the activity moodle
Now, send this encrypting file to your clasmate. (We are assuming you have sent your public key file (the .asc file) to him/her before.
Your partner should also had passed his/her encrypted file. Let's see how to decrypt it
Select your partner's encrypted file and click on the decrypt boton
Now Kleopatra ask you the secret phrase-password you input when you generated the certificate.
The file will be decrypted when you click ok.
MAKE AN SCREEN CAPTURE AND UPLOAD IT TO THE ACTIVITY MOODLE
In this activity you must send a encryted file to your teacher, and he must be able to decrypt it
Prepare a text file using gedit. Write your name, surname, and some personal trivia, like your favourite food and sport.
Save your file with your name. Example: Secreto de Antonio Pérez.txt
To encrypt this message in a way the teacher could decrypt it, you have to use the teacher public key. So, import the teacher's public key. You can download the .asc file from Moodle.
Encrypt the message using the teacher's public key
Upload the encrypted file to moodle
TO INSTALL KLEOPATRA
First install the linux standard openPGP program:
Ensure you have enabled the Universe sources. If not add
deb http://us.archive.ubuntu.com/ubuntu vivid main universe
sudo gedit /etc/apt/sources.list and update sudo apt-get update sudo apt-get install gpa gnupg2
Then install Kleopatra
sudo apt-get install kleopatra
Short url: http://multidict.net/cs/4508