

Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A step-by-step guide on how to install and use the dos version of pgp 5.0 for secure communication. It covers the installation process, creating public key pairs, distributing public keys, installing public keys, encrypting and decrypting messages, and signing and verifying messages.
Typology: Study notes
1 / 2
This page cannot be seen from the preview
Don't miss anything!
Follow these steps to install and use DOS version PGP 5.0. Remember: It’s all DOS, so you can’t have filenames with more than 8 characters, and no more than 3 characters in the extension. You will likely want to use your hard drive for all this. However, you might want to use a bootable floppy disk that has an editor (such as notepad.exe or editor.com ) on it. Keeping your PGP files and, in particular, your encrypted private key, on a removable medium minimizes your security risk. (Note that a USB Pen Drive might be a better choice. For example, you could store your files on a USB Pen Drive and carry it on a chain around your neck wherever you go.) Unless you create a configuration file, PGP will complain a lot about your not having one, but you can get along just fine without one. See pgpcfg.doc for more information. We assume here that you are Mary Smith, and you are communicating with John Smith. INSTALLATION
1. Go to http://www.pgpi.com and click on download (the latest freeware PGP), then click on PGP, then click on MS-DOS, then click on Download PGP 5.0i, then click on Norway, and download pgp50ibi.zip. 2. Unzip pgp50ibi.zip , preferably to c:\pgp (or to a:* ). Usually just double-clicking on it does the trick. If you need unzipper, you can go to http://www.winzip.com/ and download an evaluation copy of WinZip or you can go to http://www.stuffit.com/consumer.html and download a free copy of Stuffit. 3. Open a DOS window.* Even better: Boot to DOS - since Windows saves temp files everywhere, you might want it totally out of the picture.
6. You might want to check to make sure all the PGP files are here by entering: dir The most important files are pgpo.exe (encryption/decryption) and pgpk.exe (key management). 7. To get a list of options, enter: pgpo –h and pgpk -h CREATING YOUR PUBLIC KEY PAIR- Do this only once! 1. To create your public key pair, enter (‘k’ = key management; ‘g’ = generate): pgpk –g a. You want a Diffie-Hellman key, so to the question about public key type, enter: 1 b. A pair of 1024-bit keys (public & private) will do, so for the next question, enter: 2 c. For a User ID, enter your name, for example, John Smith. d. Enter whatever key validity length you want (0 = forever). e. Enter a pass phrase. The longer the better. Spaces count. Case counts. f. Finally, you click the keyboard randomly until told to stop. Then PGP will create your public key pair. PGP will put your public key in the file PUBRING.PKR and your private key (encrypted with your pass phrase) in the file SECRING.SKR. You can examine the contents of your public key ring by entering (‘l’ = list): pgpk –l DISTRIBUTING YOUR PUBLIC KEY
1. To add someone’s public key to your public key ring, enter (‘a’ = add): pgpk –a keys\jsmith.key - assuming the name of the key file is jsmith.key (and, presumably, the person is John Smith). 2. Your public key ring is the file PUBRING.PKR. 3. When someone sends you his/her public key in the body of an email, copy and paste the key (include everything from “-----BEGIN” to “BLOCK-----“) into an ASCII text file called name.key (actually, you can use whatever filename extension you like) and save the file in a subdirectory of your PGP directory (e.g. /keys ). If the public key is in an attached file, just copy the file to a subdirectory of your PGP directory. Remember, this is DOS, so the file name must have no more than <8chars>.key name format. 4. Getting King’s public key: There’s no need to wait for King to send you his public key. You can download it from http://www1.uop.edu/eng/faculty/jking. Right-click on public key (in the lower right corner of the Web page) and select “Save Target As…” or “Save Link As…” ENCRYPTING A MESSAGE 1. To encrypt msg.txt using John Smith’s public key, enter: pgpo -e msg.txt -r “John Smith” -a (‘e’ = encrypt, ‘r’ = recipient, ‘a’ = ASCII) – the input file can be of any format (.doc, .jpg, .xls, etc.) 2. To send anyone an encrypted message, you must have their public key in your public key ring. 3. Assuming someone has sent you his public key in a file called jsmith.key , and you have installed that public key in your public key ring (see above), then to send “jsmith” an encrypted message, you must know his User ID. You can see all the User IDs in your public key ring by entering (‘l’ = list): pgpk - 4. Note that, if you want to send the output via email, you will need an ASCII file (hence the –a ). 5. PGP will create the encrypted file, msg.asc (if the original is msg.txt ). Send it to your recipient by attaching it to an email. (If John is using PGP built into a Windows email client, you can copy the contents of msg.asc into the body of the email, so all that needs be done by the recipient is click on the “decrypt” button.) 6. Again, John Smith must have already sent you his public key, and you must have added his key to your public key ring (see above). DECRYPTING AN ENCRYPTED MESSAGE