Experiment No.

Aim:​ Explore the GPG tool of Linux to implement email security

Theory:
Pretty Good Privacy (PGP) is a data encryption and decryption computer program
that provides cryptographic privacy and authentication for data communication.
PGP is often used for signing, encrypting, and decrypting texts, e-mails, files,
directories, and whole disk partitions and to increase the security of e-mail
Communications.

PGP encryption uses a serial combination of hashing, data compression,

symmetric-key cryptography, and finally public-key cryptography; each step uses
one of several supported algorithms. Each public key is bound to a user name
and/or an e-mail address. The first version of this system was generally known as
a web of trust to contrast with the X.509 system, which uses a hierarchical
approach based on certificate authority and which was added to PGP
implementations later. Current versions of PGP encryption include both options
through an automated key management server.

GPG:
GNU Privacy Guard (GnuPG or GPG) is a free software replacement for
Symantec’s PGP cryptographic software suite. GnuPG is a hybrid-encryption
software program because it uses a combination of conventional symmetric-key
cryptography for speed, and public-key cryptography for ease of secure key
exchange, typically by using the recipient’s public key to encrypt a session key
which is only used once. This mode of operation is part of the OpenPGP standard
and has been part of PGP from its first version.

GPG allows for the secure transmission of information and can be used to verify that the origin
of a message is genuine. Below are few commands that can be used:

Commands:
1. Generate key pair
$gpg --gen-key
2. Create revocation certificate
$gpg --gen -revoke [email protected]
3. Import others public key
$gpg --import public_key_file
 4. Sign the key received from other person
$gpg --sign -key ​[email protected]
5. Send the signed key back to sender
$gpg --export --armor ​[email protected]
6. Import the received signed key
$gpg --import signed_key_file_name
7. List public keys
$gpg --list--keys
8. Update keys
$gpg --refresh-keys
9. Encrypt file for particular user
$gpg --encrypt --recipient ​[email protected]​ file.txt
10. Encrypt file for self
$gpg --encrypt --recipient ​[email protected]​ file.txt
11. Decrypt text/binary file
$gpg encrypted_file.gpg

Procedure:
Step1: Installation of gpg
$ sudo apt-get install gnupg

Step 2: Generation of Key

$ gpg --gen-key

Step 3: Listing Keys

$ gpg --list-keys

Conclusion:
GPG is used for authentication and privacy to messages over the internet. GPG
was originated to address the security concerns of plain email or text messages.
Gnupg is used to demonstrate usage of GPG.

Output:

Installation​:
root@kali:~# sudo apt-get install gnupg
Reading package lists... Done
Building dependency tree
Reading state information... Done
gnupg is already the newest version (2.2.20-1).
gnupg set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

Key Generation:
root@kali:~# gpg --gen-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: tambe

Email address: [email protected]
You selected this USER-ID:
"tambe <[email protected]>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? E

Email address: [email protected]
You selected this USER-ID:
"tambe <[email protected]>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O

We need to generate a lot of random bytes. It is a good idea to perform some other action (type
on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the
random number generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform some other action (type
on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the
random number generator a better chance to gain enough entropy.
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 0861AFC411E95FCD marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-
revocs.d/5277FDBEB8C5E8FAF27127150861AFC411E95FCD.rev'
public and secret key created and signed.

pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]

5277FDBEB8C5E8FAF27127150861AFC411E95FCD
uid tambe <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

Listing Keys:
root@kali:~# gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2022-03-31
/root/.gnupg/pubring.kbx
------------------------
pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]
5277FDBEB8C5E8FAF27127150861AFC411E95FCD
uid [ultimate] tambe <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

root@kali:~# gpg --armor --export [email protected]>mypk

root@kali:~# cat mypk
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQGNBF6DSYcBDACxsWMmIQTfmnDUcA1/Zpius4pWo9XYdR/gZ97HjFFEKRN2OoyF
szORrC99yQdWb28fBZ3elFb2Y//pK90qh/brrUnncw7FuYD6FMyr87Itfxcb904q
pv+pjTnd3pIZmih9YEE+vDnAiU53gjOp9X05o80t3YdPnMV+zxCtpxHd9AW+Wz1l
vHCFiDUPoQvWv/jNOuXASYbO23UXABadv/lOAvrmN6xDs83D02WkSNDwnhkbFgRR
OfSICD0N8LlY1szgG25nkdnPHfj4djMUOQy6hpaDpE9Ax5kx5Tmo2HfN6SROiAml
re8F4/7NShjGFh7amuIZOzHJqPqxAH2eTg8fWse6+CI+KpGJy4bfzo7odmFoD1Wb
iikrZniikFs6HxUQVcR9Mc7dzAtWMNBiM5h0Juu4DmyubMM3Hr5GxYmZXLng0mvu
cEIB0buR33eWzGiqvOEX7GrLsG/XqgcVji9dmOI+BvI1WnjYCzKZ9Ce0gq7nm6Ss
u+b2zK36mfea7y0AEQEAAbQgc2hyYXZhbiA8c2hyYXZhbmJoYXQ2QGdtYWlsLmNv
bT6JAdQEEwEKAD4WIQRSd/2+uMXo+vJxJxUIYa/EEelfzQUCXoNJhwIbAwUJA8Jn
AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRAIYa/EEelfzWzdC/4340561gu1
lCA63ig8tFeOpw8eTBF7XGc4bWVfnyOwwtjHDtkHe8jVhjZYMlNbnzaH4rEEcgba
GwXBXI4oojsS3Ii5Tfs833I8XWdk4lKXYHjbmxsTIV0kln4NFW7emfGh+vcAdRty
Pr+a72KYeS7YuTbNqgbAT4W/j8ij248lMl6vUpCNTu49IoETNNaaeG8XzciNQ3YQ
KAlhVId3Z2jP49uu1b2fSAv7N+znjQtY4XvOMpa0gOz6L5NXLnGFLpWXHDmtLY8K
fUxD+lcqBpTiCRQk1gEqbs+8N/VTYqI8yEId2Ecf1D9BDsXukMbkvPKUztSD14jd
zjTFmnsTkJWuUj5RgrLiuWMGeExjsKuz0n/L9z4oaBqk4HdP1jusBJTvRtO4HU1F
aKX+7xTo0yMPwRaSS1DvVHvzEbdfpc3g+oLEn54pxjyQoFY9jz4c2U4/8SCQyVsJ
D2Hdpkb2ese4sNQUv+adxV17bxQA6E3NUF+CW7q+ntn4IR1vmwyuwHS5AY0EXoNJ
hwEMAOGzIKzTC5WnCgN4UKxHuT8ibvwvXHz8QtEzEcVKO4HwUsPELjKxQUZzWNYY
iBoiwpnuzjKBT2/EQBgpkqoCLAmBgjueeNExy6e+on9xm0Qov9OY71jFrzjmXFK9
ZO0P6a+3mLuN5tgb4bUmDnvbb5STgR8SKeQzlIvIh39aN5c259TpeiuomE8AtyKb
qcIrxOMWi5Z62o6ngR7JIJS36yKMQIPK2udRMgA+0wLiUyFkFd2Eu1X3TdisqB0E
S1GHJMNqL7E0fIVyYGNvzUO+EGa1pY9RSlJGsL5klyzEhEM/s7/Hqdg219EsKty1
kIwbp8h0wiTcPuDzco/WTw8ZCRJlcEiBPkewAMso28CkODjm4OwrOw1mhoRoG1vt
xmrZ32W+2ZqlqnaxOwexpgBVY1jgyWetmTcGTXp++FbaV91v82uhmUwxu7s46SnA
k20ScBj3TGBVQalwfAnanWumidMKsF774imm33w2qJfJ+J9g9bqIvMB00DkzXA6o
JtpZGwARAQABiQG8BBgBCgAmFiEEUnf9vrjF6PrycScVCGGvxBHpX80FAl6DSYcC
GwwFCQPCZwAACgkQCGGvxBHpX814Sgv/flFfA1zlwXLdKK29fxa/d0bokZLcAaK0
/s4711Ruy7WNzRDTky1CiHB7Y2C7m3K7qiU9Nk2WAVGog46a6GAxmSU03sQ+jqbH
n/gvB9qGxhMZshTPhboFecnCD0iAx6Xi/LXKBcbJ3LEm9lNpDZPVbj4IAUTUDDMk
wwfpByHn2UJusDLZdvdXXTRyYWwf3ZJLfjhPWvWZJa89YqM7QvCMRhsZUPmfdDwS
L4VhRodQw6g6GWy+PCOeSmq+Tgi6u9bZVPHmSV48X11NgORguRFJ6hzbppHTFFTz
stoXUi7vaMXR1G72RskCz0jJCGpxo8Lv/K9UWtDq+649VbJ32PoPA4gDUsVNdR2N
89wUNt/WqaYbNC4IxDidz3hoJr5+Os60ZO/JY7/ZTkXAAaJ2ZGCnGsUsrSK0PFnV
JavQpS70YCUp0uUMM/8VKFCnRoYtcB01a0IqCJhUikkZKBLmg4f16dQN2KJoXtGM
1P4EkxDzofoy5EZvacFvTzCHPA4ZsXmY =O1A/
-----END PGP PUBLIC KEY BLOCK-----
root@kali:~# gpg --gen-key
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. This is free software:
you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by
law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: sartha

Email address: [email protected]
You selected this USER-ID:
"sartha <[email protected]>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O

We need to generate a lot of random bytes. It is a good idea to perform some other action (type
on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the
random number generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform some other action (type
on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the
random number generator a better chance to gain enough entropy.
gpg: key E2EAED01CD1F2B0A marked as ultimately trusted
gpg: revocation certificate stored as '/root/.gnupg/openpgp-
revocs.d/6BA0DD9A7D62FFF169D659FBE2EAED01CD1F2B0A.rev'
public and secret key created and signed.

pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]

6BA0DD9A7D62FFF169D659FBE2EAED01CD1F2B0A
uid sartha <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

root@kali:~# gpg --list-keys

gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2022-03-31 /root/.gnupg/pubring.kbx
------------------------
pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]
5277FDBEB8C5E8FAF27127150861AFC411E95FCD
uid [ultimate] tambe <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]

6BA0DD9A7D62FFF169D659FBE2EAED01CD1F2B0A
uid [ultimate] sartha <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

root@kali:~# gpg --import mypk

gpg: key 0861AFC411E95FCD: "tambe <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1 root@kali:~#
gpg --list-keys /root/.gnupg/pubring.kbx
------------------------
pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]
5277FDBEB8C5E8FAF27127150861AFC411E95FCD
uid [ultimate] tambe <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

pub rsa3072 2020-03-31 [SC] [expires: 2022-03-31]

6BA0DD9A7D62FFF169D659FBE2EAED01CD1F2B0A
uid [ultimate] sartha <[email protected]>
sub rsa3072 2020-03-31 [E] [expires: 2022-03-31]

Signing process:
root@kali:~# gpg --edit-key [email protected]
gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc. This is free software:
you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by
law.

Secret key is available.

sec rsa3072/0861AFC411E95FCD
created: 2020-03-31 expires: 2022-03-31 usage: SC
trust: ultimate validity: ultimate
ssb rsa3072/5D158106022B0394
created: 2020-03-31 expires: 2022-03-31 usage: E
[ultimate] (1). tambe <[email protected]>

gpg> fpr
pub rsa3072/0861AFC411E95FCD 2020-03-31 tambe
<[email protected]>
Primary key fingerprint: 5277 FDBE B8C5 E8FA F271 2715 0861 AFC4
11E9 5FCD

gpg> sign
"tambe <[email protected]>" was already signed by key
0861AFC411E95FCD
Nothing to sign with key 0861AFC411E95FCD

gpg> quit
Encryption & Decryption:
root@kali:~# cat > secrets
Hello
stay safe
^C

root@kali:~# cat secrets

hello
stay safe

Encryption:
root@kali:~# gpg --out secrets_shr --encrypt secrets
You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID. End with an empty line: [email protected]

Current recipients:
rsa3072/5D158106022B0394 2020-03-31 "tambe <[email protected]>"

Enter the user ID. End with an empty line:

root@kali:~# ls
Desktop Documents Downloads exp8.docx Music mypk Pictures
Public secrets secrets_shr Templates Videos
root@kali:~# cat secrets_shr
���S�o�J
�f��<��F�"b�
h�vj5`�7�w�L��Ln?D�S�,�M�����2��#mxkuX�‫׀‬
ON�d��;​윜​�q��OU���a�dPJ�(� coX��=?2��s��k�M
7���Xh���?W��Q^��4�����1��▒{��M�a=▒��D��.�'��D�!W�ZY<�!,`Γ�9R�
3 �I�l▒$]����|���δ��Cq�t5
g8Nb9{�- ��M�O���a���▒���ȟ`���%H,U�|��Ohs��D�n�%
���sz+d���OB�K���W)mұpa[�g�5��a�\��6(�L�)ln���T�(i1z�85��- e�o��.
�
jA�&��#��&H�u� �ci�-Y��`� (H��Y�$�6�@�XK;
� �▒DhȎ�q���4W‫ۊ‬/<�uroot@kali:/home/hacker#
Decryption:
root@kali:~# gpg --output secrets_from_shr --decrypt secrets_shr
gpg: encrypted with 3072-bit RSA key, ID 5D158106022B0394, created
2020-03-31
"tambe <[email protected]>"
root@kali:~# ls
Desktop Documents Downloads exp8.docx Music mypk Pictures
Public secrets secrets_from_shr secrets_shr Templates Videos
root@kali:~# cat secrets_from_shr
hello
stay safe