LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-06-2013, 02:47 AM   #1
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Rep: Reputation: 49
encrypting message using only a public key


Sorry to bother, but I was wondering if a mod might move my topic into this forum:
http://www.linuxquestions.org/questi...il-4175452903/

The basic idea is that I want to determine how to take a simple text message (possibly containing sensitive information) and encrypt it using someone's public key.
 
Old 03-06-2013, 09:07 AM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
From reading the thread you linked to, it looks like your still looking for a solution?

Here is a simple example using gpg, which in my opinion is much easier than SSL and Mime. I used the example of sending an email to "slackbuilds" since I have their public (only) key
Code:
$ echo 'Hello, World!' > hello.txt
$ cat hello.txt
Hello, World!
$ gpg -e -a hello.txt
You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID.  End with an empty line: slackbuilds
gpg: C575D49B: There is no assurance this key belongs to the named user

pub  2048g/C575D49B 2007-01-27 SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>
 Primary key fingerprint: D307 6BC3 E783 EE74 7F09  B8B7 0368 EF57 9C7B A3B6
      Subkey fingerprint: 2415 DC27 B7A0 F5D6 5806  E4C4 91E4 645F C575 D49B

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y

Current recipients:
2048g/C575D49B 2007-01-27 "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>"

Enter the user ID.  End with an empty line:
$ ls hello.txt*
hello.txt  hello.txt.asc
$ head -n 10 hello.txt.asc
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.4.10 (GNU/Linux)

hQIOA5HkZF/FddSbEAgAkWt2wM1MZhI6DaDIF1G8FPRFZrFOMavA6G4TR/VE2fhf
c32YKbwReKS4clNxdbhlhPT+GnS73dV3fFE4/LAY1fiSq9MNDi+O5sSE5MEUYZjH
rRblLeZZeZOq7mGThL6f3q7vUnGKW1M/n4c44ZuhyIyJBu0nDmoSpfK55ecGU6ym
6FUi7W5z3SvXKRiVbSR6ynn25BRi7H+qXSduLJpO1CbG4fnNst4E+xGxknUgo0Aj
iC/ii3oXZqkijXY0lXomjp4r3W2V1SWkC5zXcp+sWVrNqiql2FWX2ht0y5YX3iR5
0H/S84w1dyLtetPxgxr/wqcr+kjGeI5liiZ8G8btWgf+JuhE0ys0mFLmQ5WE8YOU
osqabZfo0XfkIk8rGOGhTfRy1dn1J7Kajwo575WKDC8C4dQpt3Brt2l1T64/TSGa
 
Old 03-06-2013, 01:40 PM   #3
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Slack14_64_Multilib
Posts: 3,067
Blog Entries: 4

Rep: Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741
http://www.madboa.com/geek/gpg-quickstart/#tosomeone
 
Old 03-06-2013, 01:49 PM   #4
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
I appreciate the responses, but the goal here is not to login via SSH and use gpg vid command line. I have some facility with gpg and have seen that madboa page before.

What I'm trying to do is concoct a PHP script which will provide a way for a developer to email potentially sensitive information securely to one or more intended recipients by encrypting it with their public key. I believe this is communicated in the other thread. The main issue is that gpg requires interaction and you have to maintain a keyring, etc. I was much rather hoping to skip all the keyring maintenance, all the prompts, etc., and just encrypt a text message using a public key.
 
Old 03-06-2013, 05:07 PM   #5
BlackRider
Member
 
Registered: Aug 2011
Distribution: Slackware
Posts: 261

Rep: Reputation: 82
There is no way I know of to skip the keyring maintenance you want to avoid with GPG, other than using symmetric encryption only.
 
Old 03-06-2013, 05:32 PM   #6
cjturner
LQ Newbie
 
Registered: Nov 2006
Posts: 8

Rep: Reputation: 1
PKI might not be the solution you are seeking here. Perhaps you could explain your security requirement in a little more detail.
 
Old 03-06-2013, 05:59 PM   #7
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
Quote:
Originally Posted by cjturner View Post
PKI might not be the solution you are seeking here. Perhaps you could explain your security requirement in a little more detail.
The primary motivation for wanting this is that I'm working on a PHP script that handles Instant Payment Notifications. While this page is securely hosted (and only makes secure HTTPS connections to verify that any posts are valid) and furthermore does not ever traffic in sensitive payment information such as account numbers, etc., I would like to be able to notify a developer when an unexpected error occurs by emailing the POST data to the developer's email address. It seems a simple enough affair to set up one's mail client to send and receive encrypted messages, it seems that simply using somebody's public key to encrypt a message is unexpectedly difficult.

I'd like to use public-key cryptography so that a server compromise would not necessarily reveal any important keys (such as might be used in symmetric encryption). The basic idea is that the server would be able to send an encrypted message to the developer (or someone else) without needing any especially sensitive data.

I'd like to avoid manipulating a keyring so that deployment of such an emailing script is easier. It would be ideal if the PHP script that sends this message would be configurable with just a few bits of information:
1) the recipient's email address
2) the recipient's public key
3) maybe some SMTP credentials to send the mail via SMTP gateway.
 
Old 03-08-2013, 12:57 AM   #8
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
OK so I pulled out my copy of Bruce Schneier's Applied Cryptography (an really good book) and has a very helpful section on Privacy-Enhanced Mail(PEM) which I've been looking at. Turns out PEM is not just way to encrypt things but it describes a variety of privacy-related protocols. To summarize Schneier:
Quote:
PEM is the Internet Privacy-Enhanced Mail standard adopted by the Internet Architecture Board (IAB) to provide secure electronic mail over the Internet...The PEM protocols provide for encryption, authentication, and key management.
The basic idea is that it describes protocols for sending encrypted and/or signed messages while also describing what has gone into encrypting and/or signing them. It supports both symmetric and public key encryption. The Wikipedia link above says that it was not widely adopted due to its reliance on a centralized root CA.

I think this cocktail of encryption-plus-protocol is what I'm after. Schneier also has a section on PGP (which uses web-of-trust rather than centralized CA) but details about the protocol look pretty light.

Seems to me that if I want to have PHP sending these messages, I will probably have two choices:
1) concoct awkward CLI stuff in PHP and use exec to manipulate key rings and such to get gpg to encrypt my messages (and then take care to shred and/or cleanup the file system to make sure my sensitive messages don't hang around
2) use mcrypt or some other PHP extension to encrypt my messages and then write PHP code to build out the appropriate email-friendly protocol aspects described by PEM and/or PGP such that the message, when it arrives at somebody's mail client, will be decipherable by something like Enigmail or some other secure mail client/plugin.

Surely someone has done this before?
 
Old 03-08-2013, 01:02 AM   #9
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
For option 1 above, these functions look pretty useful:
http://www.php.net/manual/en/function.gnupg-encrypt.php
 
Old 03-08-2013, 08:45 AM   #10
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
You might also be able to use the PHP execute function to call GPG to perform the encryption. I don't see anyway around maintaining a keyring, at least a public one as you will need the public key for each recipient that you want to send to.

A while back, I was working on a similar project for a payment system that I wanted to submit the information for processing via an encrypted mail. One of the problems I ran into was the need for temporary files to work the encryption on. This was a weak spot in the system that could be potentially exploited and I abandoned the idea. However you go about it, the best idea is to not store sensitive information on your system at all, and what little of it you do have to not write to disk.
 
Old 03-08-2013, 01:31 PM   #11
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
Quote:
Originally Posted by Noway2 View Post
You might also be able to use the PHP execute function to call GPG to perform the encryption.
I'm inclined to use the PHP extension for the simple reason that it would be easier than concocting all the exec commands myself.

Quote:
Originally Posted by Noway2 View Post
I don't see anyway around maintaining a keyring, at least a public one as you will need the public key for each recipient that you want to send to.
This is disappointing as I was hoping to merely provide the location of a file containing a public key and have my routine encrypt away, but I think I can live with the idea of a keyring. I expect it might be feasible to maintain a keyring for each application.

Quote:
Originally Posted by Noway2 View Post
One of the problems I ran into was the need for temporary files to work the encryption on. This was a weak spot in the system that could be potentially exploited and I abandoned the idea. However you go about it, the best idea is to not store sensitive information on your system at all, and what little of it you do have to not write to disk.
Agreed! And thanks for pointing that out. In reading Schneier, I happened across a discussion about scrubbing a file system -- a lengthy process. Schneier quotes a passage from the National Computer Security Center:
Quote:
Originally Posted by NCSC
Overwriting is a process by which unclassified data are written to storage locations that previously held sensitive data....To purge the ...storage media, the DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101, followed by 1100 1010, then 1001 0111. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on different DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data.
I think all those multiple overwrites are intended if you are worried about someone actually physically obtaining your storage media. I wonder if the linux shred command would be sufficient?
 
Old 03-08-2013, 02:03 PM   #12
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
Originally Posted by sneakyimp View Post
I think all those multiple overwrites are intended if you are worried about someone actually physically obtaining your storage media. I wonder if the linux shred command would be sufficient?
If your using traditional magnetic media, the shred and overwrite commands will do an excellent job of making data practically irretrievable, even with a simple overwrite or two. By practically I mean without special and expensive forensic tools to where the common criminal is not a concern. If you have an SSD or other flash based material, these tools can be spotty at best because of things like the wear mechanisms.

You mentioned reading Schneier. I have been reading his latest book, Liars and Outliers and really enjoying it. It has been out long enough to be available via inter-library loan now too.
 
Old 03-10-2013, 09:29 PM   #13
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,226

Rep: Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023Reputation: 2023
Re the keyring, I think you may be worrying over nothing. You're only storing Public(!) keys, so there's no problem with having it sit on the disk, or even be exposed to the world; that's what they are for.
Its only Private keys that require protection.
The keyring is just the equivalent of a big file with all the Public keys stored in it; not that different from your file-per-key.

Note that each user can have their own keyring, so you can do it that way if you want to keep them physically separate.
You'd have to allow your PHP to suexec to each required user (or maybe put them all in the same group and use group perms for php access).
 
Old 03-11-2013, 11:29 AM   #14
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,259

Rep: Reputation: 1078Reputation: 1078Reputation: 1078Reputation: 1078Reputation: 1078Reputation: 1078Reputation: 1078Reputation: 1078
I'm quite confused by this thread. To send a message to someone, you need to know their public key. Only they, with their private key, can decrypt it.

Message-signing requires knowledge of the signer's public key. Successful decryption of the message signature indicates that the possessor of the corresponding private key must have created that signature.

However ... the concept of what you are wanting to do is not a good one, and I daresay that PayPal would put the kabosh on your account if they caught wind of it. The notification should, yes, be encrypted (so that eavesdroppers can't detect whether a notification succeeded or failed), but it should not contain detailed information. The technician should have to log-in himself to see details.

Software support for Privacy-Enhanced Mail (PEM) is not hard to come by, e.g. in Perl or any other "real" programming-language tool. If you're for example trying to pony something up with bash-scripting, you're going about this the wrong way.
 
Old 03-11-2013, 12:06 PM   #15
sneakyimp
Member
 
Registered: Dec 2004
Posts: 791

Original Poster
Rep: Reputation: 49
I appreciate the input here. I'm a bit over extended at the moment and so I've not been able to get into this as much as I would like.

Quote:
Originally Posted by chrism01 View Post
Re the keyring, I think you may be worrying over nothing. You're only storing Public(!) keys, so there's no problem with having it sit on the disk, or even be exposed to the world; that's what they are for.
Its only Private keys that require protection.
The keyring is just the equivalent of a big file with all the Public keys stored in it; not that different from your file-per-key.
I'm aware of all this and have tinkered with using GPG in a variety of ways. What I'm moaning about really is the need to maintain a keyring in a server context -- it makes deployment more involved if I'm trying to do this in a PHP script. It would be ideal if my PHP script could just refer to a text file for the public key of the intended recipient. If I must also take steps to import this public key into yet another file and possibly take other configuration steps (like setting a level of trust, etc.) then it gets more involved.

I'm also somewhat confused about formats for public keys. It would appear that the public key I exported using gpg4win (the more-or-less official distro of gpg for windows AFAIK) is not a *certificate* which is what gpg seems to want. I'm still trying to sort out the difference between x.509, PEM, and SSL certs.

Quote:
Originally Posted by chrism01 View Post
Note that each user can have their own keyring, so you can do it that way if you want to keep them physically separate.
You'd have to allow your PHP to suexec to each required user (or maybe put them all in the same group and use group perms for php access).
Again, this is server config I'd like to avoid. Ideally I would just have a script that refers to a key file and takes care of using it to encrypt something. It's bad enough that I'll probably have to install the GNUPG PECL extension. That each use would then need to maintain their keyring somehow seems like still more configuration blah-blah.

I realize that maintaining a keyring has in large part to do with scrutinizing the trust levels and legitimacy of recipients (a big part of security to be sure!) but would like to reiterate that this encryption thing for me is largely motivated by a desire to email *myself* or *close associates* an encrypted message such that a) any sensitive information would be encrypted end-to-end while in transit and b) there would be no need for any sensitive keys or anything on the server -- just my public key.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH skips public key authentication for a key, but works with another key simopal6 Linux - General 1 07-06-2011 08:33 AM
Putty/SSH login failed when using RSA public key: 'Server refused our key' itsecx@gmail.com Linux - Server 10 10-04-2010 01:19 PM
Revoking GPG key with only passphrase and public key djib Linux - Security 2 03-13-2007 03:20 AM
GPG Data, Secret Key but no Public Key? Aeiri Linux - Software 5 07-20-2004 06:00 PM
RSA public key encryption/private key decription koningshoed Linux - Security 1 08-08-2002 07:25 AM


All times are GMT -5. The time now is 04:54 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration