OpenPGP: Create a New GnuPG Key (Part 1)

Gepostet am: 16. Januar 2019

This is the first part of the OpenPGP blog series. It briefly explains how to generate a new GnuPG key that can be used for encryption, signing and authentication.

What is GnuPG?

GnuPG is the open implementation of the OpenPGP standard defined in RFC 4880. GnuPG allows you to encrypt and sign data and to authenticate. It is written in C and has been initially released in 1999.

In public key cryptography you have a key pair consisting of a public and a private key. The public key can be used by others either to verify signatures made with your private key or to encrypt data that can only be decrypted with your private key.

Generally encryption protects data against being read by unintended recipients and signing provides data integrity and proves data has been signed by a specific key. It neither proofs when the data has been signed nor that the key belongs to the pretended user ID.

Subkeys

GnuPG supports different actions for a key. The Certify capability is used to modify your own or someone else’s key (e.g. by signing someone else’s key, creating subkeys, adding/revoking a user ID, changing the expiration date or generating revocation certificates). The Encrypt, Sign and Authenticate capabilities are used for encrypting and signing data or authentication.

By default, the primary key has the Certify and the Sign capabilities. The Encrypt capability is provided by a subkey. Subkeys are bound to the master key pair.

It is recommended to use your primary key only for certification and keep it offline while using different subkeys for the remaining capabilities of daily use. This way, if your subkeys get compromised, you can revoke your subkeys independently of your primary key.

Preparations

Before a key can be generated, first you need to configure GnuPG.

First of all make sure to use gpg 2.1.18 or later. You can check your gpg version as follows:

Additionally ensure your ~/.gnupg/gpg.conf contains at least the following options to avoid some information leakage and to use strong algorithms.

Generate the primary key

Now you can generate the primary key:

Key algorithm

First you have to decide which key algorithm to use. Basically, you can choose between RSA, DSA and ElGamal along with ECC.

Choose RSA here for compatibility reasons, because it is widely used, well known and most smart cards (like OpenPGP card or YubiKey) only support RSA at the moment.

Key capabilities

The next step is to remove the Sign and Encrypt action from the primary key and only keep the Certify action:

Key size

You should use a key size between 2048 and 4096 bits. For the master key it is preferable to use 4096 bits.

Expiration

The expiration date for a key is the dead man’s switch to ensure your key will be disabled in case you loose access to your primary key and your revocation certificate. Signatures and encrypted files created after the expiration date should be considered as untrusted. The expiration date can be extended, even after the key has already expired. In order to avoid updating the key too often, choose 2 years here.

User ID

If you want to create an ‚official‘ key use your first and last name along with a valid email address, so your user ID can be validated against your ID card and your key can be signed by others. It is recommended to not use a comment in your user ID (see OpenPGP User ID Comments considered harmful for reasoning). Note: user IDs are immutable, hence cannot be changed but only revoked.

Passphrase

Before the key can be generated, you have to choose a passphrase. See here on how to choose a secure password.

Key generation

The new primary key

Some remarks:

  • You have control over the primary secret key, hence it is ultimately trusted by default.
  • A revocation certificate has been created by default at /home/jdoe/.gnupg/openpgp-revocs.d/F5890F08068C5251DEC5CB915A24FA122E623651.rev. Print it out and keep it private, in case your key gets compromised or lost.
  • The key has the (long) ID: 0x5A24FA122E623651.
  • The fingerprint of the key is: F589 0F08 068C 5251 DEC5 CB91 5A24 FA12 2E62 3651.

Generate the Subkeys

Apart from the key size the attributes for the subkeys can be the same as for the primary key. The key size depends on how you are going to use the subkeys. If you want to use the subkeys on a smart card, the maximum length of the key might be limited due to hardware limitations. Also the run time of key operations on a smart card might differ with different key sizes. As GnuPG defaults to 3072 bits, the example uses 3072 bits for the subkeys.

To generate the subkeys use the following command:

Generate encryption key

Generate signature key

Generate authentication key

Quit and save

List your new GnuPG key

You can list your key with the following command:

And the secret keys can be shown as follows:

Note:

  • sec indicates the secret key.
  • ssb indicates a secret subkey.
  • The letters in square brackets stand for the key capability: Certify, Encrypt, Sign and Authenticate.

Backup your GnuPG key

After generating the key you need to create a backup. The backup is best stored on an encrypted USB flash device.

Export public and private keys

At first export the public key, so it can be shared with others:

Next export all secret keys (primary and subkeys) . This key should be kept offline. The primary key is needed for key certification.

At last export the secret subkeys (keep private, import for daily usage).

Remove Primary Key from Keyring

Since the primary key is not used on a daily basis, it can be removed.

Delete secret keys

Reimport secret subkeys

Verify that the master key is absent

To verify that the primary key is absent, you can list the secret keys again:

Note the hash (#) after the sec tag which indicates that the primary key is currently not usable.

Congratulations! You can now use your key. Stay tuned for the next part of the OpenPGP blog series!

2019-01-16T14:10:40+00:00