Protecting PGP keys

Security expert James Turnbull describes public and private PGP keys and hwo to protect yourself.

Can PGP keys be forged? How can I protect my key from duplication?

There are two answers to this question, depending on exactly what key you are talking about -- private or public. First, let's look at what PGP is: a public key encryption system.

In such systems there are two keys involved, public and private. It is assumed that any user's public key is readily available but that their private key is only known to them. PGP uses these public and private keys to ensure that messages between users are encrypted and, hence, private. An attacker capturing a message will not be able to decipher and read the message.

To provide this privacy, PGP uses a mathematical encryption algorithm to combine or encrypt your message with your recipient's public key. The recipient then has to use their private key to decipher and read your message. If you create keys of a sufficient size (generally a minimum of 2,048-bits these days) it's not practically feasible (warning - I am by no means a mathematician or a cryptographer) to break PGP encryption short of someone discovering a mathematical shortcut or possibly being the NSA.

PGP private keys can't be 'forged' as such but they can be stolen or duplicated. The weakness of PGP is the private key and the passphrase used to protect that key (you can't use your private key unless you input your pass phrase first). If you are careless with your private key then anyone with a copy of this key and the passphrase for the key can de-crypt your messages. So, keys can't be forged as such but if someone gets access to it then you risk having your security compromised.

So how to protect your keys? Well here are some starting points:

  1. Choose a good, strong passphrase
  2. Don't use the passphrase for anything else (login IDs, etc)
  3. Don't write down or share your passphrase
  4. Store your private key somewhere secure -- if it's on a host you share, then lock down the permissions on your key ring so only you can access it
  5. Don't email your private key

You can find an excellent and much more detailed discussion of this topic at http://senderek.de/security/secret-key.protection.html.

Now onto to public keys. Public keys can be forged and are vulnerable to what is called a 'man in the middle attack'. With PGP, it is a tricky attack to implement but it is feasible.

Let's take the scenario with Bob, who wants to exchange some private information with Alice. To do this, Bob is going to give Alice his public key, have her encrypt the message with his public key and deliver it to him. Bob can then de-crypt it with his private key and read the message. To get his public key to Alice, Bob emails it to her. An attacker, Peter, intercepts the email and substitutes a forged public key for Bob's real public key. Alice receives the forged public key, combines it with her message and emails it back to Bob. Peter intercepts the email and de-crypts and reads the message (having the private key for the forged public key). If Peter wants to maintain the ruse he could then encrypt the message with Bob's real public key and let it continue onto Bob. Otherwise he has the information he requires and can make whatever use of it. In either case, Bob or Alice would probably be unaware that Peter has read the message.

If you are worried about someone compromising your public key like this, then use a trusted and secure mechanism to exchange it. For example, exchange keys personally or via some secure medium. This can become very cumbersome if you have to exchange keys with large numbers of people or across large distances.

Another approach is to have your public key signed by a trusted third party. In this model, PGP users digitally sign each other's keys to validate the key belongs to the correct person. Usually this signing requires the person whose key is being signed to somehow prove their identity like with a driver's license or passport. Many organizations (open source groups for example) host key-signing parties and some companies (in banking or finance) even organize meetings to exchange/sign keys in a secure manner. Obviously, this only works if you trust the person or people who have signed the key.

You can read about key signing parties and related information at http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html.

This is a very simplistic explanation of the topic of PGP key security. I strongly recommend you read about PGP, security of keys and the secure use of PGP in more details before implementing anything. Bruce Schneier's excellent "Practical Cryptography" (ISBN 0-471-22357-3) is a good starting point.

This was last published in December 2006

Dig Deeper on Linux system security best practices

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.