Cryptography and Security

I have a bit of an interest in security, and have used cryptography for quite a long time.

Since November 1999 I have been a notary in the Thawte Web of Trust and can make an assertion about your identity. You can send me email encrypted with either PGP / GnuPG or S/MIME, but nobody ever does (except John Robinson and Chris Young).

For a number of years I have run a CA at work called "stat.auckland.ac.nz", and another at home called "Snap CA".

With the rise of wireless networking and everyone running off to use externally-hosted web services there is a need for pretty much everything to be encrypted. The only snag is that it is difficult to do and often user unfriendly, but it doesn't need to be.

Certification Authorities (CA)

I trust my browser, my browser trusts Thawte, Thawte asserts this website is genuine. Thus, you are reading the unaltered work of Stephen Cope*.

Anyone can start a CA, but the magical component - your browser trusting the CA - is what turns an activity anyone can do into a tightly controlled monopoly. (VeriSign bought my favourite CA for cheap certificates and jacked up the prices: Thawte.)

I started a CA at work to sign all the internal services we use: POP3s, IMAPS, HTTPS (not on external facing websites), LDAP, and SMTP. If we had to pay for a certificate for each of those services we'd be spending huge sums of money. Instead it was cheaper to start our own CA and install the CA certificate onto each client:

For my personal server and its services I started another CA for that: Snap CA (after the name of the server). That's trusted by approximately four browsers and five computers worldwide. I also issued user certificates so that your browser could automatically authenticate to the webserver.

For a brief period we dallied with certificates from ipsCA (free for educational institutions), but Safari 4 doesn't like the self-signed root certificate, and sometimes Firefox gets grumpy about it, so we went running back to Thawte.

* In this example I am only referring to the HTTPS connection from your browser to this web server. The circumvention in this case is to edit the file on the file server here in the Department of Statistics. To know that I really wrote this page I would have to generate a signature in either GnuPG or similar and sign it with my personal key.

PGP and GnuPG email

This is my personal GnuPG key fingerprint:

pub   1024D/D63DFDD1 2009-06-10 [expires: 2014-06-09]
      Key fingerprint = 82E9 9BE4 6E14 C2D0 C6FB  8860 21D0 2B4D D63D FDD1
uid                  Stephen Cope (GnuPG at Home)
sub   2048g/AB310520 2009-06-10 [expires: 2014-06-09]

pub   1024D/901AF2F3 2010-05-13 [expires: 2012-05-12]
      Key fingerprint = B5F5 3AFD F282 3AD5 10DF  AC9D 49C4 F808 901A F2F3
uid                  Stephen Cope (FireGPG at Work)
sub   4096g/0DBE5F00 2010-05-13 [expires: 2012-05-12]

What can you do with it? Not much. Maybe grab my key from a keyserver. Or grab it from here (select entire block including -----, right-click, FireGPG, Import): [skip PGP block]

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)

mQGiBEowM2wRBACH3Pkq30I/8ZdKMavzmK2QmK4ocPDBX/2YislgV5xn8WoMADGw
Y5IohlFccniijaFBmcyosV59QsD+/UWS3oGTK4tGks4Ak6PxpTXVNXD06jeCK/XT
DPLuVbmfkZevPVtiw1GC2w5swznJ98Y6b5V+K9jEWd/g7qeou/h3odREywCgwmDw
F10SvnpTfqZeooI8YAAQWvcD/jE2RcbcvabRdQK9J2JN2wqcVopNxuk7gDRUVE4r
cvmMF+6WklUeE1gFVyB6hHEIDMPPqJHtPgsjw2UANAuFLoeEBamN9rbX2GtRBr8M
4MEqDoYHhpTzVighoDQOLFZnLehOErYeAHRAzQoL4yDbpxUnLFd4Yi3IqFHzcrA8
z88pBACBvgoMPLJtdl3GJIcmB7Ao8dfWQsPtG26b6dAyOt0GidTsil7E//zDiZZ8
v6Ol/5zlVwm+U9/By2ByTjw98hEuumacaVxag8//QKyeuHSQ+jva+Q1bxAv3353M
nheXvT71TxGKIgvlLAl7ySOtk62OseaiWB7GQgiTWf4Ysky+wLQdU3RlcGhlbiBD
b3BlIDxncGdAc2RjLm9yZy5uej6IZgQTEQIAJgUCSjAzbAIbAwUJCWYBgAYLCQgH
AwIEFQIIAwQWAgMBAh4BAheAAAoJECHQK03WPf3Rd9UAn0c8XE3uhufsfEQMFio4
CLQbdv64AKCEoTD7JW0N6xYc77wWVY9eyejrL4hGBBARAgAGBQJKMD8RAAoJEK3p
T2UHeZ50lYoAoLwU4RUbnkUWKTkf9pnRWPvyz8dsAJ9OZUWQNSBQ5EgFxr+Dpuyx
MRvHtbkCDQRKMDNyEAgAugSUHawChw2tCBwL5GPgJE1uUrLHZS5dH6VAT4hy05M4
IV15yJt8uC/e4fhLwXr7wCwBfIZdTiKOfrrh240+WmYSI0zKgnI3C4D7k1pjWK1A
d4yusCvgblSoIo4o8+xxUQ+z2V3/rtQoqnM7NzdoaysVWzGtv5DdTH/h4dZV6Ldr
52PRQS46+PcPhKp6Wl1YXzXPlvgFCcj6Y0FQ0oY7BMk+RUShvwqZxxYUJmR3VS04
NQuC4k2Ph3NFbr6Pnat1GceD6RCJ0hDL+EZHGLzMNx2cBBrME7l4LBtCUi/+mU0v
2D4WOehSH8z3NfCwYttPJd3mO/D/tJZVna8oDU3ZawADBggAkySBIvU9Dvq1VPK6
SIXTbFPerRyhekFGyyB0vaYbqgwYz2XhNjzNncLDUCS9wukymjWUI9KBQdmmy5ze
g/8IC+CoVb48gXG49K74rAlAq5XAqtz+4/9GWU3btyRGemDcSHVvcNsH0mOZAef7
ns6Tsda/uf/ETfY+VSi9M1M1RvCyB4MQ1rKrLICtntB2MBjZL1yUlaloQrhNJLq8
mO6uFSt9zw+o7gLPPm+tjeN9f63ARVooFKbo6fNbIKKoBjh7hh2ihXeNpgzm6HrC
RyyziNXxG8Iqe4q+h6qqbC3syGLb6ZJCeUROzzE3t0hBSRYizFOpcIvUiEUY+NUs
g6MBN4hPBBgRAgAPBQJKMDNyAhsMBQkJZgGAAAoJECHQK03WPf3REncAnRN923tC
vFlpqkDgHmNJ7yDtHwmQAJ4qO/qVdxm3RDX9RIxrNSqn7zK4VQ==
=460O
-----END PGP PUBLIC KEY BLOCK-----

And my key for work:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (Darwin)

mQGiBEvsjKcRBACfw43kTWE4YN1V2u36SoQTheSIyjigzLlcW0aleH6x0FZGydyE
OKuSbQHI/WQLpRwEktY9Tiumoo3c/Wn+qtQFLjsFtShZt55AEIVkUcwcYbDPtUIM
o6GCXVO0bfFm81Cmsjc8CDp7hR/+t8lzvNDRew8BPMxq8JuQuiW7fTW73wCgm1Mw
0muy/9ulsfwpsm1JbaBiW5kD/31l/GDe4HsHXg8eGH8S7aY51e/5eCzdrH7wKatR
rcmict2KeE02pe+ZUNbbMrRMJgPiDm1S241YmW8hJKFiZTs6lRkWepxvVvBu876Z
Qexz6t7V+3gIaDoopQT8Ae39rz4m8fynjKiqR9bTYLi6c2fFekX0kiOjmEGnzSzB
3GAhA/sG0jXgqdzIOuqQtAkvgMoB+pCX6cdpbqurfgBdXegRidW8s01ciEqf4pk9
S1cgpJfwfeOwV69W95LsdtPxfUxAGrkVluFuMd2yLqu47IrSvNJYKouvjnJ+OPtZ
RjeAnBs3JgH3X+6AEhHcwfvvcsxp45g3T3Hp+tSRT6uujddHUbQ2U3RlcGhlbiBD
b3BlIChGaXJlR1BHIGF0IFdvcmspIDxzLmNvcGVAYXVja2xhbmQuYWMubno+iGYE
ExECACYFAkvsjKcCGyMFCQPCZwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBJ
xPgIkBry89iGAKCUAzXpHHi33dkj3Mk2Nk6jRb/yfgCgj4FAQg3IH9a7lfVr1t+K
+8KMA1e5BA0ES+yMpxAQALLvyqFH6FTOVX3GDzuNy2/qRkYdYEv26zJe2UK5NJKe
YO2JWhEBQuRfwUWF1R9rScqOMLYZqvfXszCsweO+gWgnH5w+LpdQEzZ7oJFm55td
KTlXylxRRyXktWggJiplMvCMdsVtLkaWXZmpuiVB/AaNwSl/U8vftZ82EG8TBklF
0NR+yw4Y2L165jVY4Mfxjd77OaO2Lowbx0X9Pow/2vXxImwyydJO1i4jgDOWVSbt
7qcEFhgtf12XpD8TNH2cb1BOcV+Fq3WaWlp0Dzr04hlaXQ0PJ1nIdF2U3xdfSIOz
UwNQazhY/J0+fjm5s97ZyfLSCwv43h/s0NpeTdvzehCbfFIAwEiIFxJp2mEZFyPi
/7vbfaG3+tXLDkTweqX0+H4cQZItnP5fSKNdOUPxgIW97FaCFFEIfPKKRalq8++1
xuZQyu8XYfpeZ0Xu2zLxxJcCKzt+k2/9Zv1XKnQtcBIpXEDg4M2260nAzUMfeNP+
8VbyJ0dms7fzJTsuqvKuiIw3thcJ7QCutf+k66GanJVGxkWToXp6VN9axthb/P9C
S40aehuaFyqhPj2mkn2nkjtguNYh+Tji4bYhCXgSYrwbcsY37G55XCrkfICbHk5n
iA3/81LiLjGNVHBNC57Y9LICRIK4BQoTa+97CixIr40itp007e1vy16xnuL+uFnP
AAMHD/43VPmcVbrxf+K60oLhXYKnjc1ziAthFBP/KFpucTQZTE/CdDzvFcUxrbuo
uml/OUxnPjrjUzbgOO6ClBy2h2yY6dXt1C2/vvhvLkaEhGmDInQZB4cBSbzU3o4V
tzGfRnvnSREzEKGrTvAqduJpuYU5kQfKGTUXX6P1vZuJxROpfNlTqgh2dFRAhILD
gSwYlU/VVe0cI127WnDscriCNLxmh2OraKt+ogGKcP5DeCHLDqxcOBzYJM5HBWY7
soV1uQK2AEZTB9TJ2gn3p1KtC2yXP2e/Fl7RdLjFXLEaf1PzQ2+Mprx9qeO+Mhox
Hvme97CpV0aslW7nTp3L5eFawnQ+qGWm0lFKMbb9vTQFmynmUBxiBVpeqZz32vdr
5Ksx+H6p4T06+BDp7vt6UAc06Qqc6BzN9iABcHQ+afwQfzF+BgMWjZ53O6w0tWdN
qUPqd9s+0oZbDdLN+ksP09x0j/tcXgZanOJUdUuUxNX/xQOGQ6oV8lgdHmzi4KTn
aFa/v7YWBr5LbMhdNJfROUUZjcJDkwcWnZhouqN2HtK6XwtcmAm3qjxNELG+4VkP
+NdBj702dbYtOdwQEpwh+BxEjC/LGiUyX5GQOVDqjZm2rVFPIk/Rkwj29VS+qVXq
GNxoWOvbF+pAW711nPOR921voO2TvAEjJGSDxCq+VIKI3fwMdYhPBBgRAgAPBQJL
7IynAhsMBQkDwmcAAAoJEEnE+AiQGvLz+yYAoIXKlJ7a3bkaZSbVp4X6adnZZile
AKCPwK7JPuYW5x+EJVOFvHhBraV+kA==
=6Bkg
-----END PGP PUBLIC KEY BLOCK-----

Also: PGP public key (.asc) for home, PGP public key (.asc) for work .

You can even do ridiculous things such as ...

user@host:~$ lynx -dump https://www.stat.auckland.ac.nz/~kimihia/crypto | gpg --import

To send GnuPG encrypted mail through web mail, eg, Google Mail, you need something in your web browser that works in with GnuPG on your computer. You really don't want Google Mail or any other service looking after your private key - what happens if your lousy password or authentication cookie gets sniffed?

James recommends FireGPG to GnuPG sign mail through Google Mail.

S/MIME email

Mail.app (on Mac OS X) works well for sending and receiving S/MIME email. Outlook seems to be able to handle it.

What I have not yet gotten working is S/MIME on Outlook Web Access. Perhaps it is something to do with Internet Explorer 8, but the S/MIME plugin may not be pulling its weight, or perhaps the PKI isn't set up correctly by the University of Auckland.

Here is my work public key for sending S/MIME emails to my work email address. (You can figure it out from the certificate.) [skip S/MIME block]

-----BEGIN CERTIFICATE-----
(OH NO! This certificate has expired!)
-----END CERTIFICATE-----

Also: S/MIME public key (.cer)

Can you trust this? Well, make sure you're getting the version from https://www.stat.auckland.ac.nz, and check the certificate on that HTTPS server is valid.

Even better, this certificate is signed by Thawte, so you can verify their signature of it. This is the magic that makes S/MIME "easier" than PGP.

Where can you get your next S/MIME certificate from?

S/MIME certificate suppliers
SupplierProductPriceFeatures
ThawteThawte Personal FreemailFreeYour name with 50 assurance points; discontinued October 2009
AusCERT PKIPersonal Certificates (Enterprise plus Service)FreeYour educational or research organisation pays AUD$7,000 p.a. +GST and you get a free certificate.
ComodoFree Secure Email CertificateFree / Business: USD$12Free for personal use
StartSSLAn accountFreeYour name on the certificate once you get enough points, or pay to get authenticated
VeriSignDigital IDs for Secure EmailUSD$19.95First hit is free for refugees from Thawte
CAcertClient certificates (un-assured)FreeUnfortunately, no software trusts their root certificate out of the box

Grid Computing

How does Grid computing fit in here? Again, all the infrastructure is based around Certification Authorities certifying that you're connecting to a valid host and that you exist. Globus has this built in.

Grix requests a certificate and Grisu can manage user certificates, which are then authorised by the CA and given permission to access services. Grisu lets you then use those certificates to let you submit jobs.

Globus looks for CA certificates in /etc/grid-security/certificates, which is helped if you have a link from $GLOBUS_LOCATION/TRUSTED_CA to $X509_CERT_DIR. For Fedora Core 10 this will help:

GLOBUS_LOCATION=/usr/share/globus
X509_CERT_DIR=/etc/grid-security/certificates

These can be exported on a per-user basis. Also worth looking at, depending where you are keeping your private X509 keys (Grisu will know), is the X509_USER_PROXY value, which usually points to /tmp/x509up_* .

user@host:~$ ls -l $GLOBUS_LOCATION/TRUSTED_CA
lrwxrwxrwx 1 root root 31 2009-09-03 14:32 /usr/share/globus/TRUSTED_CA -> /etc/grid-security/certificates

Here is a handy shell script to help you upload files using gsiftp. You'll need to customise this with the remote hostname and your remote username and home directory, but assuming the same local and remote username and you're uploading to ATLAS at the Max-Planck-Institut für Gravitationsphysik:

#!/bin/bash

# copies a single file to ATLAS

if [ "X" == "X"$1 ] ; then
        echo usage: globus-copy-to-atlas: filename directory-on-atlas
        exit 1
fi

# this is the most important environment variable
if [ "X" == "X"$X509_CERT_DIR ] ; then
        export X509_CERT_DIR=/etc/grid-security/certificates
fi

globus-url-copy file://`hostname `/`pwd`/$1 \
        gsiftp://${USER}@atlas1.atlas.aei.uni-hannover.de/home/${USER}/$2

if [ "X" != "X"$3 ] ; then
        echo additional arguments ignored
fi

That's just a quick script. You can customise it and make something a bit better if you want. It makes a guess at the X509 certificate directory if it is not set.

On Fedora 10 you also need to install most of the globus-* packages, and also get a copy of the public CA keys from somewhere. I just snagged them from another machine that had been setup correctly, but that may not be the most Fedora-like way (if such a thing exists).

user@remote:~$ tar c /etc/grid-certificates > ~/certs.tar
tar: warning about being unable to read some private files*
user@remote:~$ scp ~/certs.tar local: && logout
user@local:~$ (this step is an exercise for the reader)

* This will attempt to pick up the private host key from the system you're copying from. As this is unique to each host and also protected you won't be able to get it and tar will complain. Don't worry. This is not fatal. This is intentional. If you're really worried you can generate your own host key.

Usability

Pretty much the usability is terrible, the whole way through the system. Things don't work. They're not documented. They're not tested. Everything is all highly site-dependent.

Thawte has a very good setup on their website, but that hasn't been maintained in many years and has problems with Internet Explorer 8 (pro tip: turn on compatibility mode).

Mac OS X has a very slick key and certificate management tool in Keychain Access, however it sends your certificate signing request out by email, and so the person on the other end needs the right infrastructure to handle it. (When I receive the email I sign them by hand, one at a time, in a rather labour intensive process.)

Mac OS X's mail application has good support for S/MIME and makes it very easy, while mutt has superb GnuPG integration.

Outlook: haven't used it much but some people like it. Outlook Web Access: haven't got it working yet, and it hates even valid certificates.

Closing Notes

It's worth the effort.


Stephen Cope 2010-05-14
https://www.stat.auckland.ac.nz/~kimihia/crypto