Implement OpenPGP

Introduction

Welcome to the Implement OpenPGP Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

• Installation of OpenPGP
• OpenPGP Certificate Creation and Distribution
• OpenPGP Signing and Importation
• OpenPGP Verification, Encryption and Decryption

After completing this lab, you will be able to:

• CAS-003 4.3 Given a scenario, integrate and troubleshoot advanced authentication and authorization technologies to support enterprise security objectives
• CAS-003 4.4 Given a scenario, implement cryptographic techniques.

Exam Objectives

The following exam objectives are covered in this lab:

• Download Gpg4Win
• Use PowerShell to Setup Shares
• Install Gpg4win
• Create a Certificate
• Perform Certificate Inspection
• Distribute Public Certificates
• Sign Emails
• Public Certificate Importation
• Verify and Encrypt E-Mail
• Decrypt Emails

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Installation of OpenPGP

OpenPGP is becoming one of the most important and respected methods of encrypting information, especially when it comes to email. OpenGPG comes with a complete method of application in Win4GPG. The tools provided help to perform the certificate creation, encryption and decryption with Outlook plugins automatically installed.

Learning Outcomes

After completing this exercise, you will be able to:

• Download Gpg4Win
• Use PowerShell to Setup Shares
• Install Gpg4win

Exercise 2 - OpenPGP Certificate Creation and Distribution

OpenPGP certificates have Public Key technology behind them. The idea is that there is nothing secretive about the method, which adds to the fact that it has been tested countless times by the public for weaknesses, and thus far has not been broken. Essentially, there are two keys. One is secret and held by the creator, the other is public and meant for distribution to anyone who wishes to communicate privately with the creator.

Methods of key distribution regard the obvious emailing the public key to the recipient for correspondence, uploading to a certificate server or simply handing the key over on portable media like a USB device.

Learning Outcomes

After completing this exercise, you will be able to:

• Create a Certificate
• Perform Certificate Inspection
• Distribute Public Certificates

Exercise 3 - OpenPGP Signing and Importation

OpenPGP can be used for signing emails to effectively place a unique signature on the email to help with verification of the sender but also of the actual certificate itself. The act of signing is effectively a digital signature. The idea is to have the message readable to everyone, but the clever part is checking whether the message has been changed by someone other than the author of the email, thereby helping to thwart man-in-the-middle attacks and maintain the message integrity.

When working for a large business, there will be multiple employees who will have their own certificates. Kleopatra helps to organize and provide a database of those certificates, which greatly assists when writing emails to different members of staff. Also, Kleopatra automatically selects the correct certificates for correspondence.

Learning Outcomes

After completing this exercise, you will be able to:

• Sign Emails
• Import Public Certificate

Exercise 4 - OpenPGP Verification, Encryption and Decryption

A key part of OpenPGP is encryption and decryption of messages to protect against spying eyes, whether that be internal to a company, or external from the company networks. OpenPGP provides an excellent method of using certificates to mask email content and even attachments, preventing them from being obviously viewed by unauthorized personnel.

Learning Outcomes

After completing this exercise, you will be able to:

• Verify and Encrypt E-Mail
• Decrypt Emails