Part 1/2: Email Encryption with the Yubikey-NEO, GPG and Linux

I’d like to explain the basics of asymmetric encryption and then document my experience with setting up encryption keys with GnuPG (v2) and a Yubikey as a smart card interface to securely store secret keys using Linux.

Time Required: variable depending on your level of proficiency with Linux, GPG and Yubikey configuration tools
Yields: 1 PGP Key and 1 Yubikey-NEO with encryption and signing subkeys

Preamble: In light of data and privacy breaches and the scandals around the use of mass surveillance, data encryption and the right to privacy is becoming increasingly important. Email is one such technology which could be significantly improved; although by and large most providers offer good security, there is no absolute guarantee of privacy. With cloud-based email providers, your emails are stored on (usually encrypted) hard drives in big data centres over which you do not have control. This creates serious impediments that bar email from being used as a reliable medium for receiving and transmitting authentic, sensitive information. OpenPGP (“Pretty Good Privacy”) is a standard for decrypting and encrypting data and puts the responsibility of encrypting data into your hands. There are several great write-ups that cover the basics of this standard (see Required Reading) and the open source implementation of OpenPGP, the Gnu Privacy Guard (GPG). This guide will detail the following:

  • generating a PGP key and appropriate subkeys to use for encryption and signing (Part 1)
  • configuring a Yubikey NEO’s smart-card interface and moving subkeys to the NEO (Part 2)
  • an example of everyday use on Thunderbird/Enigmail (Desktop), and K9Mail (Android) (Part 2)

Yubikey NEOs are convenient because they make signing and encryption subkeys quite portable for use on different computers without having to share your secret keys among them. If the Yubikey is ever compromised/stolen/lost, the subkeys can simply be revoked and your Master key can be reserved, with which you can generate a new pair of encryption/signing subkeys.

But NOTE: Yubikeys are absolutely NOT a requirement to sign and encrypt emails.

Required Reading:

  1. Beginners’ Guide To PGP and GPG: http://www.bitcoinnotbombs.com/beginners-guide-to-pgp/
  2. Wikipedia page on PGP: https://en.wikipedia.org/wiki/Pretty_Good_Privacy
  3. GPG Manual Section on Subkeys: https://www.gnupg.org/howtos/card-howto/en/ch05s02.html#id2523217
  4. The Yubikey NEO: https://www.yubico.com/products/yubikey-hardware/yubikey-neo/
  5. [reference only] GPG Manual: https://www.gnupg.org/gph/en/manual.html

Required Materials:

  1. GPG v2 should be installed: (package name gnupg2 under Fedora, Ubuntu). There are also more packages that are required for both smart-card compatibility and Yubikey NEO configuration, these are outlined in Part 2.
  2. Yubikey-NEO: you can use this Part 1 of this write-up for using GPG without a Yubikey. Pair it with an email program such as Thunderbird with Enigmail.
  3. A secure storage medium [optional, but strongly recommended]: this can be an encrypted USB drive, encrypted file container or offline or air-gapped computer: this medium will store a backup of our secret/private keys. In this guide I am using 2 x LUKS encrypted USB drive to store my private keys.

Part 1: GENERATING YOUR KEY and ADDING SUBKEYS
This part does NOT require your Yubikey and can be done by anyone.

Step 1-1: gpg2 –gen-key

Open up a terminal. This is my terminal output from generating a key and adding an encryption subkey:

[user@localhost ~]$ gpg2 --gen-key

Real name: AnkitRasto
Email address: ankitrasto@emaildomain.com
You selected this USER-ID:
    "AnkitRasto <ankitrasto@emaildomain.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O

At this point, you will be prompted for a passphrase to protect your secret key and it will take a few minutes to randomly generate the key. The system will then generate a key and you will get output similar to:

gpg: key AB21D6A2 marked as ultimately trusted
public and secret key created and signed.gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
pub rsa2048/AB21D6A2 2015-08-15
 Key fingerprint = 1D95 EFB8 0C2F A997 02D8 0431 CAAB 73A5 AB21 D6A2
uid [ultimate] AnkitRasto <ankitrasto@emaildomain.com>
sub rsa2048/17126EAA 2015-08-15

once complete. By default, a 2048-bit RSA key is generated (Yubikeys are not compatible with  keysizes larget than this). Notice the master key ID (rsa2048/AB21D6A2) and the key fingerprint.

Step 1-2: gpg2 –edit-key [keyID]

Now you can take a look at the general structure of your key. Note, using –edit-key command will get you into the GPG program prompt.

[user@localhost ~]$ gpg2 --edit-key ankitrasto@emaildomain.com 

Secret key is available.

pub rsa2048/AB21D6A2
 created: 2015-08-15 expires: never usage: SC 
 trust: ultimate validity: ultimate
sub rsa2048/17126EAA
 created: 2015-08-15 expires: never usage: E 
[ultimate] (1). AnkitRasto <ankitrasto@emaildomain.com>

gpg >

In my demo key above, there is a master key with ID AB21D6A2 that can be used for signing and certifying (usage: SC). There is also an encryption subkey with ID 17126EAA that can be used for encrypting. This key is OK to use as is, but since I don’t want my master key to be stored on the Yubikey, we need to generate a signing subkey:

gpg> addkey

Please select what kind of key you want:
 (3) DSA (sign only)
 (4) RSA (sign only)
 (5) Elgamal (encrypt only)
 (6) RSA (encrypt only)
Your selection? 4

RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048
Requested keysize is 2048 bits

Please specify how long the key should be valid.
 0 = key does not expire
 <n> = key expires in n days
 <n>w = key expires in n weeks
 <n>m = key expires in n months
 <n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

Really create? (y/N) y

You will again be prompted for a passphrase and a new subkey with only SIGNING will be created. Remember to

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

pub rsa2048/AB21D6A2
 created: 2015-08-15 expires: never usage: SC 
 trust: ultimate validity: ultimate
sub rsa2048/17126EAA
 created: 2015-08-15 expires: never usage: E 
sub rsa2048/DA39FEA5
 created: 2015-08-15 expires: never usage: 
sub rsa2048/2CE36C5C
 created: 2015-08-15 expires: never usage: S 
[ultimate] (1). AnkitRasto <ankitrasto@emaildomain.com>

gpg> save

Notice that we now have a new signing subkey (usage: S) with key ID 2CE36C5C now and can exit the GPG prompt. Before exiting the GPG prompt, save your changes!

STEP 1-3 BACKUP, BACKUP, BACKUP, GENERATE REVOCATION CERTIFICATE!

Backup your public and secret keys at this point! Store it on a secure medium such as an encrypted file container, encrypted USB storage or air-gapped computer:

[user@localhost ~]$ gpg2 --armor --export [key# or userid] > PublicKey.asc
[user@localhost ~]$ gpg2 --armor --export-secret-keys [key# or userid] > PrivateKey.asc

It is also important to generate a revocation certificate to save in case things go awry:

[user@localhost ~]$ gpg2 --gen-revoke [key# or userid]

Save the output of this command to a text file.

STEP 1-4 Conclusion

We have now generated keys which we can use to sign and encrypt our emails and files.

The next part of this series will focus on how to configure a Yubikey-NEO with our newly generated GPG keys.

Advertisements