GNU Privacy Guard (GPG) PGP Alternative

Scrub writes " The GNU Privacy Guard (GPG) 1.0.0. has been released. GPG is intended to be a free replacement for PGP. The good thing about it is, that it doesn't make any use of patended algorithms and that its development was outside the US. US crypto-laws just dont apply here, what a pity!"

(GPG,PGP) How often do you change your underwear?

[Speare]

When I considered my first domain name, I kinda thought I'd use it forever. (I didn't.)
When I considered my first public key, I kinda thought I'd use it forever.
Reading about the GPG replacement for PGP, my first thoughts were

1. why in the heck would I relinquish or muddy my established identity contained within my existing uncompromised PGP public key and signature?
2. since stock PGP wouldn't handle GPG keys and methods, who could send me secure messages?
3. if I can't get around (1) and (2), why bother with GPG?
4. if GPG is OpenPGP, does that mean my rsa-patent-encumbered PGP5.5.5 or 6+ will be able to send to all those people who do make GPG keys?

Re:Option Compatability

[Trick]

I've been using PGPGPG (I found it on the same page as GPG when I started using it a few version points ago). It's a wrapper that "translates" PGP options for GPG. Works like a charm for all the PGP options I've thrown at it so far.

US citizens *do* need a license to export crypto

[Paul+Crowley]

See Matt Blaze's My Life as an International Arms Courier for more on this.

I don't think your advice on 3DES is terribly clearly thought out, but that's an article for another time: 3DES is perfectly good as you say.
--

US Export laws

[The+Miscreant]

Couldn't the GPG people just put something like:

#DEFINE MAX_BITS 4096

So that if you wanted to get thru US customs you could just change this to 40 ?

(And of course change it back before you arrive at your destination ;-) )

Mailer (and other apps) integrations issues

[IIH]

Encryption as a routine for normal people can not really become an reality, until it becomes integrated easily with existing programs such as email, browsers, etc. However, work on doing this is made very difficult by the US export laws.

As evidenced in the Mozilla Crypto FAQ any program that is designed to call crypto plugins (a.k.a Crypto with "holes") comes under the same export restrictions as crypto, regardless of if the program uses crypto. This would mean that, technically, if you want to add GPG support to YFM (Your favourite Mailer) then just by the addition of GPG compatibility, YFM has fallen under the US export laws, and US citizens have a lot of trouble to try and work on it.

For those of you that noted it, this was the basis of the Microsoft crypto function that caused so much hassle of late. Technically, windows with the crypto API (even with no "crpyto") is "cryto with holes" and falls under export restrictions. To get around this, MS agreed to restrict the loading of crypto modules that they themselves signed (hence the need for the MS key). So this "loading restricted crypto with holes" was allowed to be exported without restrictions.

AFAIK, the only restriction to the export of "crpyto with holes" is if the API can only be used for verification, but for GPG to be useful for its full range, it needs encrption also. Hence, any program that integrates it fully, would be subject to restrictions.

So, to add GPG to "Your favourite mailer", it would split the development into several camps. One, maintaining the original email program as a base and others (maybe us and non-us) adding the cryto API's. This would add work of course, and in many cases would be dropped because the only version that could be worked on globally (which the open source model is) would be the original version. Thus, the export laws naturally make the work gravatate towards the non-gpg version. Funny that.
--

US Export Laws

[Hiro_Protagonist]

I've seen a lot of posts where people are concerned about the US crypto export laws. I can understand that US developers are afraid that the NSA will knock on their door should the contribute to the GPG source. But, if GPG is as good as it claims, why don't you send your source patches encrypted with GPG(!) It is not illegal to work on the source in the US, and the NSA will never get proof that you have sent any patches out of the country because they're encrypted with 4096(+/-)-bit keys.

"The future is already here,
it's just not evenly distributed yet"

Usability of Security

[klausr]

Future GUI designers should read "Usability of Security: A Case Study" by Alma Whitten and J.D. Tygar.

It shows that A LOT of improvement is needed to make PGP-like security usable for the avarage user.

Klaus

Just to dispel a few honest mistakes people made..

Firstly, it is *NOT* illegal for a U.S. citizen to have hard encryption (in this case, >56 bits) on his laptop when taken abroad. Export rules *specifically* exempt this, because otherwise anyone travelling abroad with a laptop full of crypto (for which there are countless valid business uses which the gov't wants to sponsor, to secure U.S. corporate secrets) would be forced to apply for an export permit. So, you can have crypto on your laptop when going abroad, you just cannot distribute it abroad and must only use it yourself. No problem there. Now, as for the guy who questioned cipher strength: 3DES is arguably stronger than 128-bit Blowfish, CAST, or any other such comparable algorithms. I say "arguably" because all are secure from all currently known attacks. See, 3DES uses a combination of 3 56-bit DES encryptions with 3 different keys to produce a 168-bit encrypted ciphertext. Now, because of some mathematical vagaries I won't bore you with, the actual strength of the encryption hovers between 112 and 128 bits, but is in any event as secure as any other strong algorithm with 128 bits or so of key material. So no, it is neither weak nor a poor choice for symmetric encryption, but that's beside the point--something like GPG is primarily used for asymmetric crypto, and you should use different programs each for their forte. Personally, for symmetric crypto, I'd like to see someone port freeware Scramdisk to Linux. Scramdisk is a well-regarded open-source Win9x application developed by denizens of sci.crypt and offers 9 algorithms ranging to 256-bit Blowfish which can be used for encrypting "virtual filesystems" or whole partitions. I don't know of anything comparable for Linux yet...

Re:Just to dispel a few honest mistakes people mad

[zilym]

For encrypted filesystems, try www.kerneli.org -- the International Kernel Crypto patch.

Migrating from PGP to GPG

[ksheff]

Check out the Moving from PGP to GPG guide. It will show you how to move pgp5 keys to gpg for exchanging encrypted messages with people using pgp5.