Wednesday, September 6, 2017

21 - Linux Security: digital signature with GPG2


- Layout for this exercise:

* Note: this exercise is based on the previous one, where a pair of asymmetric keys were generated with GPS2 and RSA algorithm:

1 - Introduction

- A digital signature is a mathematical scheme for demonstrating the authenticity of digital messages or documents.

- A valid digital signature gives a recipient reason to believe that the message was created by a known sender (authentication), that the sender cannot deny having sent the message (non-repudiation), and that the message was not altered in transit (integrity).

- Digital signatures are a standard element of most cryptographic protocol suites, and are commonly used for software distribution, financial transactions, contract management software, and in other cases where it is important to detect forgery or tampering.

2 - Signing a file with the private key

- First of all, let's check that both parties (CentOS and Debian) are part of the same GPG2 public-key-cryptographic system:

- Let's create a text file at the CentOS device:

- Now CentOS' root user is going to signed this text file with its own private key, outputting a file with a .ds extension:

- The passphrase generated at the previous exercise is required:

- The .ds file is unreadable because it is encrypted:

- Connecting to the remote device Debian:

- Transferring the digitally signed document:

- marie user at Debian receives the document:

- Now marie at Debian decrypts the document using CentOS' root's public key, outputting a decrypted file:

- The content of the decrypted file matches the original document written by the root at CentOS, so the whole process has been successful:

- The fact that the document is signed or encrypted with CentOS' root's private key and decrypted with CentOS' root's public key ensures the authenticity of the author of the document. 

- In other words the digital signature provides the non-repudiation property that the sender is really the one who claims to be the sender of the document.

20 - Linux Security: asymmetric cryptography with GPG2 and RSA algorithm


- Layout for this exercise:

1 - Introduction to asymmetric cryptography and RSA algorithm

Public key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner. 

- This accomplishes two functions: authentication, which is when the public key is used to verify that a holder of the paired private key sent the message, and encryption, whereby only the holder of the paired private key can decrypt the message encrypted with the public key.

- In a public key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. 

- For this to work it must be computationally easy for a user to generate a public and private key-pair to be used for encryption and decryption. 

- The strength of a public key cryptography system relies on the degree of difficulty (computational impracticality) for a properly generated private key to be determined from its corresponding public key. 

- Security then depends only on keeping the private key private, and the public key may be published without compromising security.

- Public key cryptography systems often rely on cryptographic algorithms based on mathematical problems that currently admit no efficient solution, particularly those inherent in certain integer factorization, discrete logarithm, and elliptic curve relationships. 

- Public key algorithms, unlike symmetric key algorithms, do not require a secure channel for the initial exchange of one (or more) secret keys between the parties.

- Because of the computational complexity of asymmetric encryption, it is usually used only for small blocks of data, typically the transfer of a symmetric encryption key (e.g. a session key). 

- This symmetric key is then used to encrypt the rest of the potentially long message sequence. The symmetric encryption/decryption is based on simpler algorithms and is much faster.

- RSA (Rivest - Shamir - Adleman) is one of the public-key cryptosystems algorithm and is widely used for secure data transmission. 

- With RSA the encryption key is public and different from the decryption key which is kept secret (private). 

- In RSA the asymmetry is based on the practical difficulty of factoring the product of two large prime numbers.

- RSA is a relatively slow algorithm, and because of this it is less commonly used to directly encrypt user data. More often, RSA passes encrypted shared keys for symmetric key cryptography which in turn can perform bulk encryption-decryption operations at much higher speed.

2 - Randomness to generate entropy

The Random Number Generator or RNG is a mechanism in charge of producing pseudo random numbers. 

- These numbers are then used for generating SSH keys, random PIDs for processes, TCP sequence numbers, and UUIDs for example.

- Using encryption (file systems, mails, etc) consumes a lot of pseudo random numbers.

- To get good pseudo random numbers, you need some entropy, what is defined as randomness collected by an operating system.

- Such random number generators are needed for cryptography.

Entropy doesn’t come from a single source in the Linux kernel. This entropy may be provided by:

i) some internal sources like keyboard timings, network traffic, mouse movements, etc ...
ii) a specific processor instruction like RDRAND available in some processors.
iii) in case of virtual machines through the virtio-rng paravirtualized device.
iv) a dedicated, external, physical device.

- To allow applications to get pseudo random numbers, at least two kernel devices exist:

a) /dev/urandom gives standard quality numbers but when asking for a lot of pseudo random numbers its quality decreases.
b/dev/random provides high quality numbers but stops when entropy is poor.

Because of the blocking behaviour, lack of entropy may cause performance problems. 

- At the CentOS device, checking the entropy generated by the kernel it yields a low value:

- Installing the rng-tools package:

- Starting the rngd service:

- Feeding random data to /dev/urandom:

- Now the entropy reaches a higher value:

3 - Generating a pair of asymmetric keys

- Working at the CentOS device a pair of keys are generated:

- gpg2 offers different asymmetric algorithms. The default is RSA:

- Taking a key size of 2048 bits:

- Specifying never expiration for the keys:

- About the key identification, name, email and comment must be provided:

- A passphrase must be entered:

- As mentioned before random bytes must be generated:

- Finally the public and private keys are generated:

- Listing the keys:

- Exporting the whitelist public key and giving a name with .pub extension:

- Listing the exported public key:

- Checking that the key file type is public:

- As expected the content is unreadable:

4 - Sending the public key

- CentOS connects via SFTP with a remote user Debian:

- CentOS sends the public key to Debian:

- The remote user Debian has successfully received the public key:

- Debian imports the public key:

- Listing the key at Debian:

5 - Encrypting a text file with the public key

- Now, the remote user Debian creates a text file:

- Debian encrypts the text file with the public key previously sent by CentOS:

- Automatically an encrypted file is created:

- Debian connects to CentOS via SFTP:

- Debian sends the encrypted file to CentOS:

6 - Decrypting the text file with the private key

 - According to mentioned at the introduction, in a public key encryption system Debian  has encrypted a message using the public key of CentOS, and the message can be decrypted only with CentOS' private key. 

- CentOS has received successfully the encrypted file:

- Now, CentOS can decrypt the file with its own private key (entering the passphrase):

- The decrypted_secret.txt decrypted by CentOS matches the original secret.txt written by Debian so the whole process has been sucessful: