SECURE COMMUNICATION
with
GNUPG and STEGHIDE
Miles Standish and David Hart
GNUPG, ALIAS SEAHORSE
Linux offers a free version of the public key encryption program originally created by Phillip Zimmermann. The What and Why of this subject are perhaps best learned by reading from the following links:
http://www.philzimmermann.com/EN/background/index.html
Why I Wrote PGP: http://www.philzimmermann.com/EN/essays/index.html
The Linux version of PGP (Pretty Good Privacy) is sometimes called GPG. In Debian Squeeze (Gnome desktop), it is Gnupg. Seahorse is the Gnome front end (user interface) for Gnupg. However, you won't find either Seahorse or Gnupg directly. One might get the impression that the programmers deliberately made it difficult to find.
PGP/GPG is public key cryptography. Users have a key pair, consisting of a private, or secret, key and a public key. Messages are encrypted to the public key of the recipient, and only the recipient has the private key - and pass phrase - to decrypt it. A similar procedure is done whenever you use a secure web page at a bank or many commercial web sites where there is an online shopping cart. In those cases, the financial institution puts its public key on your computer for the duration of the procedure. Then when you send anything, it is encrypted to that public key, and only the recipient can read it. It's very safe. PGP/GPG uses stronger encryption, said to be military or State Department grade.
In Debian Squeeze (Gnome desktop), Seahorse is installed by default, and you should find it in the "System/Preferences" menu. It will be called "Passwords and Encryption Keys." With that program running, you can see that it is also called "Seahorse" by clicking "Help" then "About." If not visible in the menu, go to the menu editor and activate it by checking the respective box in that area of the menu. You use this to create, import, export and delete keys. Creation of your key pair is easy; just follow directions. You may have as many key pairs as you like.
To encrypt and decrypt messages, you use an applet called Clipboard Text Encryption. Install this (or any other applet) by right-clicking a panel (your choice of panels if you have more than one), then click "add to panel." A window will appear with a list of all the available applets. Select (highlight) the Clipboard Text Encryption applet and click on "add," then close. You can have several copies of the same applet on your panel(s).
It's useful at this point to right-click the applet and then click on Preferences. With Preferences open, you can choose to have the applet show the contents of the clipboard or make several other choices.
When encrypting messages to someone's public key, it's usually advisable to encrypt it also to your own public key. Otherwise you cannot open and read the message you encrypted. The choice is there in the applet.
To use this program, you first export your public key to the recipient of your messages and import the other person's public key. Some people publish their public keys to a public keyring. Before you actually send an encrypted message, you have to assure yourself that only the proper person has the private key and pass phrase to decrypt it. Normally public keys are indeed publicly available. If you used a good pass phrase when you generated your key pair, unauthorized viewing of an incoming message is practically impossible. Even if someone steals your key pair (public and private), there is still the safety of your pass phrase which should be as complex as you can make it and still remember it.
CAUTION; This program cannot encrypt image files and it cannot use formatting other than text. That is, you cannot use bold, underline or italic. However, you could achieve the same result by inserting words to indicate these formatting features.
STEGHIDE - INSTALLATION AND USE
More info at http://steghide.sourceforge.net/
The idea of steghide is to hide a text message inside of an image or audio file (support for JPEG, BMP, WAV and AU files). The hidden text will be compressed and encrypted, and no one can easily tell that anything has happened to the cover file. The program is intended to embed only files that are judged to be small enough that no one would detect any alteration of the image file. I read that this is done by using the last few bits of the pixel data entries. If you have a fairly big file to hide, use a large and dense photo. To create your "text" message, you can use any text editor or you can do it in Open Office Writer and save the file in text format (.txt). "Text format" means no underlines, bold or italics and no changing of font in the middle of a message. If you center a heading it will be changed to align left.
Get steghide from the repositories. It will install automatically and store an executable file in /usr/bin. You use it by opening a terminal and typing commands. You don't need to be in the /usr/bin directory to do this, and you don't need to be in "root" (administrator) mode. To avoid having to type the complete path to the files, put the image file and the text file into a common folder, and open your terminal in that folder (Desktop is a good place). It's handy to use Krusader for this, both for moving the files where you want them and for opening a terminal (Press F2).
First, type "steghide" then options. Here are some examples, where forever.jpg is the cover file (image) and test-steghide.txt is the file to be hidden. You should be sure the permissions of the image file allow users to read and write to it. To check this, right-click the file and then click on Properties and Permissions. Change if necessary.
steghide info forever.jpg This will tell you how big a text file you can hide in forever.jpg without anyone being able to see the difference. It will also ask if steghide should try to get information about embedded data. If you respond "yes," it will demand the password. There could be embedded data in the file, but if you don't have the password, you cannot find out.
To embed the file, type: steghide embed -cf forever.jpg -ef test-steghide.txt [cf is the cover file, and ef is the embedded file.] Notice the required spaces and hyphens.
steghide will then ask for a password - it can be something you make up on the spot, but the receiver of the message has to know it. You type the password, and it asks you to repeat it. When you have done that, steghide responds: embedding test-steghide.txt in forever.jpg.... done.
Now to extract the message: steghide extract -sf forever.jpg. It's looking for a secret file in forever.jpg Presumably you don't already know the name of the secret file, so it doesn't ask for it.
steghide responds: Enter pass phrase. You enter it.
steghide now says: The file test-steghide.txt does already exist. overwrite? (y/n) This is because the file is already in the folder in which you're working. If you respond "y,"
steghide will report, wrote extracted data to test-steghide.txt If you entered the wrong password, steghide will report that it cannot find any file with that password. This does not mean there is no hidden file in there.
In practice you would probably send the cover file (with hidden encrypted message) to someone who will not have the secret file, so it can't be overwritten, but it will be printed in the working folder. Once a message is embedded, it appears that extraction does not remove it from the cover file.