Networked computing is a double-edged sword.
Connectivity makes transparent sharing of data through e-mail, Web
sites, and ftp archives possible, but it also invites unwanted access
to your data. Bytes sent over a network are about as private or secure
as Post-it notes posted outside your cubicle wall. You're open to data
loss through copying, incorrect or inconsistent messages coming from
someone impersonating you, or the exposure of sensitive information.

Last month, we looked at the secure shell (ssh), a session-level
encryption system that lets you move from system to system over
an unsecure network safely. SSH is suited for synchronous work, such as
remote logins or X sessions.

Our budding e-mail culture, however, demands protection for
asynchronous, file-based communication as well. To extend the scope of
the data protection problem, you need to ensure the privacy and
integrity of any number of files, knowing the identity of each file's
creator and the validity of its contents. This month, we'll explore
Pretty Good Privacy (PGP), Phil Zimmermann's publicly available,
file-oriented encryption system. PGP can encrypt your mail and other
files and attach digital signatures to files, whether they are
encrypted or not.

Starting with some motivations for using PGP in the first place,
we'll cover the mechanics of encrypting and decrypting files. We'll
tell you how and where to get PGP, and why you need to treat it like
radioactive material (seriously!). Key management, trust, and key
validity form the core of a socio-political discussion, and we'll point
out some safe and unsafe key exchange and protection practices.
Finally, we'll tie everything together with a discussion of generating
digital signatures and using them to verify data integrity and sender
identity.

Say what? The need for authenticity

Don't dismiss data security as a problem for the boundary between
inside and outside networks, or one that is covered by company policies
regarding personal use of resources. While data privacy is nice for
protecting e-mail sent to your significant other or sister in New York,
it can also be a requirement for internal networks. Consider
some of these scenarios:

• A contractor whose engagement has expired wants to retain an
  account on your machine for cheap Internet access. He forges e-mail
  from your manager asking you to leave his login active for another 90
  days. Do you accept requests like this by fiat, or do you have a
  verification process?
  
• For an April Fool's Day prank, some of your co-workers hand-craft
  an official looking e-mail from the head of human resources outlining
  the new company dress code: wing-tip shoes and shorts, especially on
  Hawaiian Shirt Gonzo Fridays. Various executives go ballistic --
  aiming at you -- because you had assured them that mail to the
  all-company alias went through an auditing script.
  
• You sense that someone has broken into one of your gateway
  machines, but you can't determine exactly what has changed. You
  consult your list of configuration files, but it matches the size,
  date, and owner information found on the system. Either you're
  paranoid, or the intruder modified the system and your
  checklist to hide the damage.
  
• A chunk of e-mail containing bonus information gets copied

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine