📔
eCPPTv2 Notes
  • About
  • 1-System Security
    • Architecture Fundamentals
      • Security Implementations
      • References
    • Assembler Debuggers and Tool Arsenal
      • Compiler
      • NASM
      • Tool Arsenal
      • References
    • Buffer Overflow
      • Finding Buffer Overflows
      • Exploiting Buffer Overflow
      • Security Implementations
      • References
    • Shellcoding
      • Types of Shellcode
      • Encoding of Shellcode
      • Debugging a Shellcode
      • Creating our First Shellcode
      • More Advanced Shellcode
      • Shellcode and Payload Generators
      • References
    • Cryptography and Password Cracking
      • Cryptography Hash Function
      • Public Key Infrastructure
      • Pretty Good Privacy (PGP)
      • Secure Shell (SSH)
      • Cryptographic Attack
      • Security Pitfalls
      • Windows 2000/XP/2k3/Vista/7/8 Passwords
      • References
    • MALWARE
      • Techniques Used by Malware
      • How Malware Spreads
      • Samples
      • References
  • 2-Network Security
    • Information Gathering
      • Search Engines
      • Social Media
      • Infrastructures
      • Tools
      • References
    • Scanning
      • Detect Live Hosts and Ports
      • Service and OS detection
      • Firewall/IDS Evasion
      • References
    • Enumeration
      • NetBIOS
      • SNMP
      • References
    • Sniffing and MitM Attacks
      • What is Sniffing
      • Sniffing in Action
      • Basic of ARP
      • Sniffing Tools
      • Man in the Middle Attacks
      • Attacking Tools
      • Intercepting SSL Traffic
      • References
    • Exploitation
      • Vulnerability Assessment
      • Low Hanging Fruits
      • Exploitation
      • References
    • Post Exploitation
      • Privilege Escalation and Maintaining Access
      • Pillaging / Data Harvesting
      • Mapping the internal network
      • Exploitation through Pivoting
      • References
    • Anonymity
      • Browsing Anonymously
      • Tunneling for Anonymity
      • References
    • Social Engineering
      • Types of Social Engineering
      • Samples of Social Engineering Attacks
      • Pretexting Samples
      • Tools
      • References
  • 3-Powershell for Pentesters
    • Introduction
      • Why PowerShell ?
      • References
    • PowerShell Fundamentals
      • Cmdlets
      • Modules
      • Scripts
      • Objects
      • References
    • Offensive PowerShell
      • Downloading & Execution
      • Obfuscation
      • Information Gathering & Recon
      • Post-Exploitation With Powershell
      • References
Powered by GitBook
On this page

Was this helpful?

  1. 1-System Security
  2. Cryptography and Password Cracking

Pretty Good Privacy (PGP)

4. Pretty Good Privacy (PGP)

Pretty Good Privacy is a computer program that provides cryptographic privacy and authentication created by Phillip Zimmermann in 1991. PGP is a windows tools commonly used to encrypt files, apply digital signature and enforce integrity. PGP and other similar products follow the OpenPGP standard for encrypting and decrypting data.

PGP encryption uses public key cryptography and includes a system which binds the public keys. Web of trust has made PGP widespread because easy, fast and inexpensive to use. Web of trust differs from trust chain. While trust chain is hierarchical, the web of trust looks like a web.

PGP supports message authentication an d integrity check. The model works as long as we are sure that the public key used to send the message belongs effectively to the intended addressee. We have to put trust in that binding because there's no CA confirming that.

OpenPGP is a set of standards which describes the formats for encrypted messages, keys, and digital signatures. GnuPG (PGP) is an open-source GPL implementation of the standards, and is the usual implementation found on GNU/Linux systems. Most of what you read about PGP applies also to GnuPG.

A PGPkey has several parts:

  1. Name of its owner

  2. Numerical value(s) comprising the key

  3. What the is to be used for (e.g. signing, encryption)

  4. The algorithm the key is to be used with (e.g. ElGamal, DSA, RSA)

  5. An expiration date (possibly)

Those fields are similar to those of an X.509 certificate. But a PGP key is not a certificate (no-one has signed it yet).

When using PGP, you will need to store:

  • Your own secret key (this will be stored encrypted with a passphrase)

  • You own public key and the public keys of your friends and associates (stored in clear)

The PGP software puts them in a file, called your keyring. Your private keys are in a file and stored encrypted with a passphrase. The public key don't have to be protected. The keyring also contains copies of other people's public keys which are trusted by you.

PGP can digitally sign a document, or actually a digest (e.g. SHA1) version of the document.

This is because:

  • It is more efficient; it only has to sign 160 bits instead of your while message, for remember that PK crypto is expensive

  • It means that the signature is a manageable length (160 bits can be represented easily in HEX)

If you want to encrypt a message, PGP will first generate a symmetric key and then encrypt the symmetric key with the public key. The actual message is then encrypted with the symmetric key. This is much more efficient and allows to have many addresses for the same message by encrypting different symmetric keys with the addresses public keys.

Thus, PGP puts together the ideas of the symmetric-key encryption, public-key encryption, and hash functions, and also text compression, in a practical and usable way to enable you to sign and/or encrypt email.

The algorithms PGP uses are:

  • RSA, DSS, Diffie-Hellman for public-key encryption

  • 3DES, IDEA, CAST-128 for symmetric-key encryption

  • SHA-1 for hashing

  • ZIP for compression

PreviousPublic Key InfrastructureNextSecure Shell (SSH)

Last updated 4 years ago

Was this helpful?