This is a Clilstore unit. You can link all words to dictionaries.

U1P1- ENCRYPTION WITH KLEOPATRA 4ESO

UNIT 1 SECURITY AND PRIVACY.

 

INTRODUCTION

 

In this part of the unit we are talking about how to make sure, the communications through a shared channel, like internet, where there are many bad guys, who might intercept the messages, read and modify them, and even usurp the identity of other people with evil intent.

In the activity 1, we will learn how to ensure that nobody except the legitimate receiver will read your communications using encryption

In the activity 2, we will learn how to ensure that the message has not been intercepted and modified by a third person, using digital signature

In the activiy 3, we will learn how to ensure that the sender is identified in a reliable way using certificates from an Certifying Authority

 

All these elements are meant to make sure the communications from a legal standpoint. This concept is also known as to provide LEGAL SECURITY to the Internet

 

ACTIVITY. 1 FILE ENCRYPTION

 

In this activity you will learn how to use Kleopatra, an asymmetric encryption program based on P.G.P., to make a couple of public-private keys, and exchange them with a classmate so that you can encrypt text files with a secret message that only your classmate will be able to read.

 

This activity must be carried out between two students. So, choose a partner among your classmates.

 

INTRODUCTION

 

Nowadays Internet is extremely insecure, and any information moving through the net can be intercepted by third parts. This includes confidential information as the transmission of our personal data, our bank account credentials, and login and passwords.

 

When it comes to transmit data through internet there are two big problems:

How to make sure that the data travelling through a public network are hidden for anybody safe the addressee. This can be done through encryption of the message.

How to authenticate that both, the sender and the receiver are they themselves. This is done through digital signature. We will practice the use of digital signature in activity 2

How to make sure that the document have not been intercepted, while travelling for the net, and modified by a third part. This is done through digital signature. We will practice the use of digital signature in activity 2

ENCRYPTION

To encrypt is to transform a readable message in something unreadable for everybody except the legitimate receiver. The opposite process, which allows the receptor to decode the unreadable message turning it readable is called to decrypt.

 

 

 

There are two types of encryption: symmetric and asymmetric.

 

SYMMETRIC OR SINGLE KEY ENCRYPTION

It uses a single key that must be known by the sender and the receiver, both to encrypt and decrypt.

 

 

 

Symmetric encryption is simpler and easier to implement but has to overcome a fundemental problem: privacy depends on the secret of the key…. How to send the key through a shared channel preventing it to be intercepted by others

 

 

ASYMMETRIC OR PUBLIC-PRIVATE ENCRYPTION

 

In this case we are using a couple of different but mathematically related keys (instead of one single key). The Public Key will be used to encrypt the message, in such a way that only can be decrypted with the other key, the private key.

 

Both speakers exchange their public keys

The sender encrypts the message with the receiver's public key. You must realize that this key only can be used for encryption. Once the message is encrypted, not even the sender can decrypt it, because he only knows the public key, and this is useless for decryption.

The sender sends the message through the network.

The receiver decrypts the message with the his private key (the receiver's private key)

 

Asymmetric encryption ensures privacy when the message must be transmitted by a shared channel, but is more costly and complex than symmetric encryption

 

From now on, to avoid confusions we will use the terms single key encryption (SK) and public-private key encryption (PPK) instead of symmetric and asymmetric

 

HOW KLEOPATRA WORKS

 

Kleopatra uses a slightly different procedure. As public-private key encryption (PPK) of the whole message is very costly, it uses single key encryption (SK). This means that the single key must be transmitted through the shared network from the sender to the receiver, and to ensure its privacy, the single key is encrypted using PPK encryption.

 

Kleopatra uses a Public-Private key encryption algorithm called PGP (Pretty Good Privacy). Actually this is the universal algorithm used by most encryption systems

 

Sender and receiver exchange their public keys

The sender chooses a random single key called the session key.

The message is encrypted with the session key, (symmetric encryption or SK encryption)

The single key (that is, the session key) is encrypted using the receiver's public key and PPK encryption. Then the encrypted singled key is added as a head to the message main body.

The encrypted message is sent through the network

The receiver decrypt the head of the message using his private key. This way he gets the session key, that is the asymmetric key

Once the receiver has the asymmetric key, it can decrypt the message body

 

ACTIVITY 1

EXCHANGE OF FILES THROUGH THE NET SECURED SYMMETRIC ENCRYPTION

 

In cleopatra a couple private-public key is called a certificate

 

The first thing you have to do is to create a couple of public and private keys

 

 

 

 

 

 

 

Here we can select on Make a backup of your key pair in order to make a backup copy of the PP keys in a file. Select a location in the hard disk and a file name to store in it the key. Then click on OK and later on Finish

EXCHANGE OF PUBLIC KEYS

 

The next step is to store our public key on a file and send it by e-mail to your classmate. You can also use an USB or shared folder in the network or in the cloud.

Select the certificate you have just created.

Select the menu option export certificate

Select a location in the hard disk and write a name for the file

 

 

This file ended in is your public key. Now you have to send it to one of your classmates. This will allow you to send encrypted files to him/her. This doesn't allow you to decrypt encrypted files he/she might send to you.

 

In order to decrypt your classmate's answers, he/she must send you his/her public key, and you have to import it

 

Let's do it. Assuming you have received a .asc file containing your classmate's public key.

Click on Import Certificate

Select the .asc file received from your classmate

 

 

 

PART 1. EXCHANGE ENCRYPTED MESSAGES WITH YOUR CLASSMATE

 

ENCRYPT A MESSAGE IN A FILE

 

Open a text file using gedit (Aplicaciones→accesorios→gedit) and write a secret message. Then save it.

Click on File/Sign Encript and select the text file you have just written

 

Select the option encrypt

 

 

 

Select the imported certificates tab

 

Now select the receiver public key ( that is, the certificate of the classmate whom you are sending the encrypted message)

 

 

 

Done the encrypted message has gpg

 

 

Make a screen capture at this moment and upload it to the activity moodle

 

Now, send this encrypting file to your clasmate. (We are assuming you have sent your public key file (the .asc file) to him/her before.

 

TO DECRYPT MY CLASSMATE'S ENCRYPTED MESSAGE

 

Your partner should also had passed his/her encrypted file. Let's see how to decrypt it

 

Select File->Decrypt.

Select your partner's encrypted file and click on the decrypt boton

 

Now Kleopatra ask you the secret phrase-password you input when you generated the certificate.

The file will be decrypted when you click ok.

MAKE AN SCREEN CAPTURE AND UPLOAD IT TO THE ACTIVITY MOODLE

 

Call your teacher in order to assess the activity.

 

 

PART 2. EXCHANGE ENCRYPTED MESSAGES WITH YOUR TEACHER

 

In this activity you must send a encryted file to your teacher, and he must be able to decrypt it

 

Prepare a text file using gedit. Write your name, surname, and some personal trivia, like your favourite food and sport.

 

Save your file with your name. Example: Secreto de Antonio Pérez.txt

To encrypt this message in a way the teacher could decrypt it, you have to use the teacher public key. So, import the teacher's public key. You can download the .asc file from Moodle.

Encrypt the message using the teacher's public key

Upload the encrypted file to moodle

 

TO INSTALL KLEOPATRA

 

First install the linux standard openPGP program:

Ensure you have enabled the Universe sources. If not add

 

deb http://us.archive.ubuntu.com/ubuntu vivid main universe

 

to /etc/apt/sources.list

 

sudo gedit /etc/apt/sources.list

and update 

sudo apt-get update

sudo apt-get install gpa gnupg2

Then install Kleopatra

 

sudo apt-get install kleopatra

 

 

 

Short url:   http://multidict.net/cs/4508