GPG(GNU Privacy Guard)
1.
Description of GPG – what
does it do and how, and the components of GPG4win.
GPG(GNU Privacy Guard) is
PGP cryptographic software suite. Basically it is a hybrid encryption software
because it uses both symmetric key encryption and asymmetric key encryption.
Symmetric key encryption for the speed purpose and asymmetric key encryption is
for security purpose. In Symmetric key Encryption we use only one key for
encryption and decryption both. And in Asymmetric key Encryption we use two
keys ,one is for encryption and other one is for decryption. GPG is used for
encrypting files and mails. It is used for transporting mail securely with the
help of encryption and digital signature. Encryption protects the data from the
intruders and digital signatures are used to make sure that it is send from a
specific sender. GPG4win supports the OpenPGP and S/MIME (X.509). Gpg4win is a
free software. Gpg4win is the installer for the windows and contain several
free softwares.
The components of GPG4win
are as follows:
1. GnuPG
2. Kleopatra
3. GpgOL
4. GpgEX
5. GPA
The configuration of X.509 root certificate is
also made by Gpg4win. Gpg4win uses a key the length of 2048bit and the
algorithm which is used for signing and encrypting by default is RSA. It also
create and verify the checksums of the files from kleopatra from which the
integrity of the message is also checked. Gpg4win is used to create a unique checksum
for each file. Basically checksums means the hashed value of the files. Gpg4win
also supports SHA-1, SHA-256 and MD5 the hashing algorithms. GPG4win supports
the Windows version which are newer than Windows 7 with 32 and 64bit. In
Windows XP it some part of it can work, but it is not officially supported.
2.
How do I know that the
file I downloaded has not been tampered with?
By doing the integrity
check we get to know about the integrity of file. We have to check the hash
value of file. If the hash value matches with the correct hash value then it
has not been tampered and if the hash value is not same then definitely the
file has been tampered.
3.
Compare and contrast
Private Key (symmetric) and Public Key (asymmetric) encryption.
Symmetric Key Encryption:
Symmetric Key Encryption:
1. Symmetric
key encryption uses the same key for encryption and decryption of the message.
2. Mostly the
Symmetric encryption is used for speed purpose.
3. Symmetric key
encryption is also called as Private key Encryption.
4. Examples of
symmetric encryptions are DES,AES etc
Asymmetric Key Encryption:
1. Asymmetric key encryption
uses the two keys one for encryption and other for decryption.
2. Mostly the Asymmetric
encryption is used for security purpose.
3. Asymmetric key encryption
is also called as Public key Encryption.
4. Examples of asymmetric
encryptions are RSA, ECC, Diffie Hellman etc.
5.
Why do we need PKI for
secure email?
The sensitive data can be in encrypted and exchange without PKI but there would be no assurance of the authentication of the other party. Any form of sensitive information which is exchanged over the internet is dependent on PKI for security. The PKI consists of software, policies and standards to create, manage ,administer, distribute the keys and digital certificate. The heart of the PKI is digital certificate because it is the identity of the subject and the identity is bind to the public key contained in the certificate. The elements of the PKI include Certificate authorities and Registration authorities.
The sensitive data can be in encrypted and exchange without PKI but there would be no assurance of the authentication of the other party. Any form of sensitive information which is exchanged over the internet is dependent on PKI for security. The PKI consists of software, policies and standards to create, manage ,administer, distribute the keys and digital certificate. The heart of the PKI is digital certificate because it is the identity of the subject and the identity is bind to the public key contained in the certificate. The elements of the PKI include Certificate authorities and Registration authorities.
6.
In what ways can we share
our public keys with others?
1. Key Server
2. Email public key
3. Email signature with public
1. Key Server
2. Email public key
3. Email signature with public
Comments
Post a Comment