October 01, 2001, 2:39 PM — Networked computing is a double-edged sword.
Connectivity makes transparent sharing of data through e-mail, Web
sites, and ftp archives possible, but it also invites unwanted access
to your data. Bytes sent over a network are about as private or secure
as Post-it notes posted outside your cubicle wall. You're open to data
loss through copying, incorrect or inconsistent messages coming from
someone impersonating you, or the exposure of sensitive information.
Last month, we looked at the secure shell (ssh), a session-level
encryption system that lets you move from system to system over
an unsecure network safely. SSH is suited for synchronous work, such as
remote logins or X sessions.
Our budding e-mail culture, however, demands protection for
asynchronous, file-based communication as well. To extend the scope of
the data protection problem, you need to ensure the privacy and
integrity of any number of files, knowing the identity of each file's
creator and the validity of its contents. This month, we'll explore
Pretty Good Privacy (PGP), Phil Zimmermann's publicly available,
file-oriented encryption system. PGP can encrypt your mail and other
files and attach digital signatures to files, whether they are
encrypted or not.
Starting with some motivations for using PGP in the first place,
we'll cover the mechanics of encrypting and decrypting files. We'll
tell you how and where to get PGP, and why you need to treat it like
radioactive material (seriously!). Key management, trust, and key
validity form the core of a socio-political discussion, and we'll point
out some safe and unsafe key exchange and protection practices.
Finally, we'll tie everything together with a discussion of generating
digital signatures and using them to verify data integrity and sender
Say what? The need for authenticity
Don't dismiss data security as a problem for the boundary between
inside and outside networks, or one that is covered by company policies
regarding personal use of resources. While data privacy is nice for
protecting e-mail sent to your significant other or sister in New York,
it can also be a requirement for internal networks. Consider
some of these scenarios: