The module "Implementing OpenPGP" provide you with the instructions and devices to develop your hands-on skills in the following topics: Installation of OpenPGP, OpenPGP Certificate Creation and Distribution, OpenPGP Signing and Importation, OpenPGP Verification, Encryption and Decryption.
The module Implementing OpenPGP provide you with the instructions and devices to develop your hands-on skills in the following topics.
- Installation of OpenPGP
- OpenPGP Certificate Creation and Distribution
- OpenPGP Signing and Importation
- OpenPGP Verification, Encryption and Decryption
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- Implement and manage engineering processes using secure design principles
- Understand the fundamental concepts of security models (e.g., Confidentiality, Integrity, and - Multi-level Models)
- Apply cryptography
- Apply secure principles to site and facility design
Exercise 1 - Installation of OpenPGP
OpenPGP is becoming one of the most important and respected methods of encrypting information, especially when it comes to email. OpenGPG comes with a complete method of application in Win4GPG. The tools provided help to perform the certificate creation, encryption and decryption with Outlook plugins automatically installed.
Exercise 2 - OpenPGP Certificate Creation and Distribution
OpenPGP certificates have Public Key technology behind them. The idea is that there is nothing secretive about the method which adds to the fact it’s been tested countless times by the public for weaknesses and thus far has not been broken. Effectively there are two keys, one is secret and held by the creator, the other is public and meant for distribution to anyone who wishes to communicate privately with the creator.
Methods of key distribution regard the obvious emailing the public key to the recipient for correspondence, uploading to a certificate server or simply handing the key over on portable media like a USB device.
Exercise 3 - OpenPGP Signing and Importation
OpenPGP can be used for signing emails to effectively place a unique signature on the email to help with verification of the sender but also of the actual certificate itself. The act of signing is effectively a digital signature. The idea is to have the message readable to everyone but the clever part is checking whether the message have been changed by someone other than the author of the email, thereby helping to thwart man in the middle attacks and maintain the message integrity.
When working for a large business there will be mulita employees who will have their own certificates. Kleopatra helps to organize and provide a database of those certificates which greatly assists when writing emails to different members of staff and having Kleopatra automatically select the correct certificates for correspondence.
Exercise 4 - OpenPGP Verification, Encryption and Decryption
The ‘piece de resistance’ of course is encryption and decryption of messages to protect against spying eyes whether that be internal to a company or external from the company networks. OpenPGP provides an excellent method of using certificates to mask email content and even attachments preventing them from being obviously viewed by unauthorized personnel.