The content from this blog post will be used in the hashcat tutorial for the digital forensics course. My plan is to demonstrate creating a gpg master key, and subkey from it, then backing up everything, deleting the master secret key, and re-importing the secret subkey. For the hashcat post, I will demonstrate how to break a weak secret key symmetric password with hashcat and John the Ripper modules and be able to decrypt messages using it.
to avoid getting confused before you start reading. PGP stands for Pretty-Good-Privacy, which is a software program for key encrypted messaging and signing. GPG is the GNU Privacy Guard, which implements OpenPGP into a software program.
This blog post will not be any better (will be probably worse) than other resources that I've found online when it comes to secure practices for managing and backing up keys.
This post will borrow from a bunch or resources in no particular order with regards to the creation of subkeys and the secure backup of those keys. If you want to go into the weeds with secure key generation and really understand what's going on with GPG. The links that I thought were really good are below:
▶[https://drduh.github.io/YubiKey-Guide/] ◉───╡ Talks About Complete GPG Key Generation. ▶[https://mikeross.xyz/create-gpg-key-pair-with-subkeys/] ◉───╡ Simple GPG Subkey Generation. ▶[DenshiVideo's GPG guide] ◉───╡ Covers Encryption, Decryption, and Key Creation. ▶[https://alexcabal.com/creating-the-perfect-gpg-keypair/] ◉───╡ Secure Backup of GPG Master Keypair Plus More Information. ▶[Visual Guide to GPG] ◉───╡ Alleviates Some Confusion About GPG Visually. ▶[https://www.gnupg.org/gph/en/manual.html] ◉───╡ Official GPG Manual. ▶[https://keys.openpgp.org/about/usage] ◉───╡ Uploading Keys to an OpenPGP Keyserver.
To create the master key that is going to be used to create any subkeys. You can run the following command:
gpg --full-generate-key
you should get the option to select ECC, DSA, or RSA. You should probably select either ECC or RSA. Pick the highest keysize available for whatever you pick. If you picked ECC, you can probably pick whatever curve you want, default is fine.
The details you want to add to the key are up to you, however it is good practice to not merely rely on the key details to verify a key. Always verify the fingerprint of the key you will be encrypting data with.
It is probably good to set an expiry date for the master key and set a reasonable timeframe. Not setting an expire date is basically saying that nothing bad will ever happen that key in the forseable span of galactic existence.
I will show how to move the expiry date for the key forward in time to not have it expire at the bottom of the next section.
when you're done with all of the key details, press the O key and it should prompt you for a password. This is the symmetric encryption that your private key gets in case your device gets stolen. Without this password, someone will not be able to use the key.
After you've made a hopefully secure password, you will want to generate some random output for GPG to use to make random data. This could be swinging your mouse around like a maniac or rubbing your face on your keyboard while you're in a text editor to hit all of the keys at once. CloudFlare uses pictures of lavalamps for their generation of keys, but the face method is totally 100% better and guaranteed to work every time. (Disclaimer: Claims issued about the "face rubbing" method of key generation by the author are not 100% effective as previously stated. Use at your own risk.)
Did you go ballistic on your peripheral device of choice? I hope so! Now it's time to repeat the process for the generation of the subkey. To do this, you will need to edit the existing keypair to add the subkey.
To see your current keys in your keyring, run the following command:
gpg --list-keys
you should now see the fingerprints of all of the keys in your keyring. Find the key that you made and copy the fingerprint.
Now you should run this command to edit the keypair for the fingerprint you copied:
gpg --edit-key <your_key_fingerprint>
you should now be put into a gpg> prompt which you can type the following in:
gpg> addkey
you should get the same prompt to select the kind of key you want. For this key, you should pick whatever key type you want, RSA or ECC, but make sure it is the (encrypt only) option. The same procedure for the creation of the previous key should be followed for this key depending on the use of this subkey.... Facerolling included...
you should also make another subkey for signing (sign only) This is to not accidentally decrypt something for someone which was meant to only be signed.
Finally, you should type save in the gpg prompt which should put you back to your bash prompt.
gpg> save
To change the expiry date for the subkey or master key, you will need to use the gpg --edit-key option and then change the expire date like this:
gpg --edit-key <your_user_id>
the keynum entry will start from 0 and increment upwards by 1 for each key in your ring.
gpg> key <keynum>
gpg> expire
You can then pick the expire time as shown in the output. An example would be setting the key expire date to five years from now.
gpg> 5y
Finally, you will want to save your changes by typing save in the gpg> prompt
gpg> save
Now you have changed the expire date for your keys.
In the event that your master keys get stolen from you, you will need a way to revoke the master keys and let others know that key is toast. A revocation certificate generated for the master keys can help with that.
To do this, we will use the --gen-revoke command to generate a revocation certificate for us like this:
gpg --output <your_key_id>.revocation-certificate --gen-revoke <your_key_id>
You now have a revocation certificate to use to revoke your master keys. I will next explain how to back up your keys and remove your master keypair from the machine you generated it on.
If you've followed me this far, you should now have three keys, a public key, private key, and individual subkeys used for encrypting and signing stuff. You should also have a revocation certificate for your master keypair.
These keys can now be backed up to a USB or other form of storage media of your choice. If you followed the cryptsetup blog I did, put them there! To export your keys, for my situation, I made a subkey for encrypting and a subkey for signing, inside of a /tmp directory I created for gpg using the command:
mkdir -p /tmp/gpg
I will run the following commands for gpg:
gpg --export --armor <your_key_id> > <your_key_id>-publickeys.gpg gpg --export-secret-keys --armor <your_key_id> > <your_key_id>-secretkeys.gpg gpg --export-secret-subkeys --armor <your_key_id> > <your_key_id>-secretsubkeys.gpg
the --armor option will basically turn your GPG to readable ASCII and put some "BEGIN" and "END" blocks above and below the output. This allows you to basically just read your key in ASCII instead of interpreted ASCII where everything looks like word puke.
You should then move these keys to the external storage device:
sudo mv <your_directory_and_keyfilename> /mnt/<your_encrypted_usb_mountpoint>
In the Alex Cabal guide, Alex recommends to move the revocation certificate to a different piece of media than where your master keypair and other subkeys are stored.
I'd go a little further to say this revocation certificate should be put on another piece of encrypted media which has a completely different password to access it.
For sensitive data, try to follow the 3-2-1 data backup strategy, it can save a lot of time and stress if things go wrong.
you will now want to delete the secret keys of the fingerprint off of your machine and import only the sub secret key back on the computer from your external storage.
gpg --delete-secret-keys <your_fingerprint>
gpg --import <path/to/your_key_id-secretsubkeys.gpg>
when you run "gpg --list-secret-keys" again, you should see only one entry with the "sec#". This means there is only one secret subkey available to use."
remember to delete the keys that you exported to your local machine and copied to the external storage. Shred them, SRM them, doesn't matter.
If you're not using a hard-drive for storage, you probably know that it isn't easy to actually delete a file off of an SSD or NVME completely. Most of the manufacturer software for wiping SSD's is closed-source and can not be trusted, this can be circumvented by not even writing anything to the drive in the first place by mounting a ramfs type (temporary storage using RAM) to a mountpoint and exporting your keys there, you would then copy these keys to the external storage and finally remove the keys from the ramfs, unmount the ramfs, and remove the mountpoint.
If you want to do this, the "Transforming your master keypair into your laptop keypair" section of the Cabal guide shows you. This method of secure extraction is also good for different things like password databases or other files.
You should now have only the subkeys in your keyring. All your exported keys generated on the original system should be moved to external media and shredded to nothing, the same goes for the revocation certificate.
To encrypt something, the --encrypt flag should be used. For this example, let's encrypt a file using our own public subkey.
We will need to set the recipient as our key id like this:
gpg --encrypt -r <your_key_id> <file_to_encrypt>
this will encrypt the file using our public key. Now you should have a <file_to_encrypt>.gpg file in the same directory.
as mentioned before, if you want to make this file a ASCII only thing, you can add the --armor option. This is the basis for sending emails using pgp through gpg.
PGP signing is used to show authenticity that the author of a certain message is actually who they say they are. There are different options for signing stuff. You can sign a message or sign a file. First, I will demonstrate how to sign a file with the new signing subkey that was made.
To sign a file, you can run the following command:
gpg --sign <your_file>
That's literally it, check the directory you're currently in and there should be a signature file.
if you have multiple keys (and this works for encrypting too.) and you want to sign something with a specific key, you can add the -u flag and specify the key ID of the key you want to use. Like this:
gpg --sign -u <your_key_id> <your_file>
Finally, if you want to encrypt, sign, and ascii armor your message all at the same time you can run the following command:
gpg -e -s -a -u <your_key_id> -r <your_key_id> <your_file>
With this out of the way. We can move to decrypting.
To decrypt, you can just run:
gpg --decrypt <your_encrypted_file>
If you have multiple keys, you should not need to specify the specific key to decrypt the file, GPG should do this automatically. But if there's a real problem. I think you can specify gpg to try all secret keys in your keyring to decrypt the file.
When exporting your key, you only want to export the public key. You can do so by running the same export command before. Making sure the specify the --armor option to be able to email this to someone for example.
gpg --armor --export <your_key_id>
you can then copy the output and put it somewhere. On a website, in an email for initial exchange, or do something else with it. QR codes maybe?
If you don't have someone to actually exchange keys with. You can exchange keys with me. If I'm able to get everything on my end working, then I'll totally send you an "All good!" email.
On the main page of this website. My email address and PGP key will be listed there for you to import into your keyring. You can then send me your public key and we can exchange a message.
Finally, let's talk about how to revoke your keys in the event they get stolen.
So you just got mugged for all your Doubloons and you want to make sure they can't start sending PGP messages using your key to all your friends to lure them into that dark alley to mug them too! How would we go about revoking our master key, and in association, our subkeys?
First, you need to go dig that USB out of your Attic and decrypt it. Then you will import the master keys and all other subkeys. From there, just as the Cabal guide shows in the "In case of emergency" section. You will use the gpg --edit-key option and specify the key ID of your secret key. Then you will select each subkey and revoke it. This can be done by typing key <keynum> and then typing revkey. Finally, you will select the reason for revokation, type save and distribute the key to a keyserver.
if you want to upload your key to a keyserver, you can head over to https://keys.openpgp.org/about/usage and look at the steps for how to upload your key. To summarize what is on that page, there is two options for upload, using GPG, and manual website upload. Pick what you want.
That's basically it for using OpenPGP and GPG to generate keys, exchange them, and encrypt and decrypt messages with them.
Something that peaked my interest is the use of another encryption software suite called AGE, which stands for "Actually Good Encryption" This is meant to simplify the encryption and decryption process and uses the same trusted algorithms as normal GPG. I might do a post on the utilization of that at a later point in time. If you were interested how I found out this existed, originally it was from https://sdomi.pl/, they do some cool business with bash and they happen to use it for secure communications. (You do sweet stuff, thank you for posting about it.)
the next activity for this website should be in the digital forensics course. I'll show how to use hashcat and John the Ripper's translation modules to decrypt a weak GPG private key password and then we can pose as that user when sending emails.
Remember, this post was a giant mash of other people's stuff. If you want more in-depth knowledge on anything I have talked about in this post, you should consult your search engine or the links at the top of the post.
That's all for now. Until next time.