I need help with this Ubuntu Cryptography script lab. Pretty Good Privacy with GPG Objectives The use of PGP/GPG is widespread in the cybersecurity community, it is true that it is not the only method to protect email communications, but every cybersecurity person has their PGP/GPG key pair. In this lab, you will generate a key pair for yourself, and learn the basics of how to generate, sign, and manage PGP keys, as well as encrypt and sign messages. Part 1: GPG There are many tools that support the PGP standard. In the remainder of this document we will provide a brief tutorial for using GNU Privacy Guard (GnuPG, or simply GPG), which is a free, open-source, command line implementation of PGP. You are welcome to use other tools if you wish, so long as they offer the necessary features to complete all the requirements of the project. To install GPG under a Debian-based Linux distro, simply run: $ sudo apt install gnupg

WARNING: Back Up Your GPG Private Key You will need the GPG keypair you generate during this project multiple times over the course of the semester. Thus, it is critical that you not lose your keys! You should make a backup of your private key, using the gpg --armor --export-secret-keys\*command, and store the backup in a secure, reliable location. Do not store your backup inside a VM!. What You Need to Do 1. Create a keypair for yourself that uses RSA encryption, uses 4096 bit key, and includes your name and @a rundom email address. 2. Export your public key in ASCII armor format to a file and get three of your classmates to sign it. Don't forget to import these signatures back into your keyring! 3. You will probably need to sign your friend public keys as well. This involves getting a copy of their public key, importing it into GPG, signing it, exporting it in ASCII Armor format, and sending the signed key back to them. 4. Export your public key in ASCII Armor format one last time (i.e., after it has been signed by two of your classmates) to a file named lastname.key.pub. You will turn in this file. 5. Produce a file named lastname that is encrypted to the class public key and signed by your private key. The unencrypted lastname.txt file should be in plain ASCII format that contains (1) your first and last name, (2) Your key type and ID, and (3) the string "Coabc ". For example, a valid message.txt might look like this:

Note, your file needs to be "signed and encrypted" in the terminology of GPG. Be careful how you do this step; you will need to carefully read the GPG documentation to figure out how to do this. Use man gpg and gpg --help as well as internet resources to figure out how to do this. Part of this assignment's goal is to encourage you to learn how to use these programs given only the documentation.

Part 2: KeyServers The first part of this lab introduced you to the classical way of setting up your public key using a "web of trust" to help bind your identity to your key by having your friends sign your key. There are several public databases of gpg/pgp public keyservers available, so you can directly import keys from there.

Once you have it you can verify its finger print and, if it is correct, sign it with your private key. What You Need to Do 1. Add your PGP public key from Part 1 to the Keyserver.

Make sure that the public key corresponds to your section, semester and year. 3. Verify the finger print of the class public key that you have imported:

1. Digitally sign the class public key with your private key (from Part 1 of the lab). 2. Now, once you have signed the class public key, send the signed copy of the Class Public Key back to the keyserver

Part 3: Sign and Encrypt an email message There are numerous gpg email clients that can help you to automate the process of encrypt, sign and verify mail. In this lab we will be using our gpg command line and then copy & paste that into the body of an email. The most important thing you need to remember is that email protocol is a text-base protocol, and although non-text content can be sent by email (as we all know, images, programs, videos, ...) in order to do that the content need to be transformed into text. Gpg provides a format output that simplifies that for us -armor. In this way you can use the following command to export your public key in Ascii Amor

What You Need to Do 1. Create (or reuse from Part 1) the file named lastname.txt, this file should be in plain ASCII format that contains (1) your first and last name, (2) Your key type and ID, and (3) the string "Go990 Spring 2025". For example, a valid message.txt might look like this:

4. Sign & Encrypt (at a time) using your private key and the class public key to generate a ascii-armored text that you can post privately in piazza. Because you don't have the class public key, you will not be able to verify this signature, but you can test the correctness of the command you are using, if you encrypt it with one of your classmates public key (remember that -r and -u options can be use to specify the recipient and the signer of the message). This is a great exercise to put communication into practice and will help you to be sure that your signed and encrypted message is being properly generated. 5. Create an new post in piazza and make sure that (1) you send it to instructors (post to instructors), (2) Select the folder of the lab (lab.abc), and (3) the summary of the post says "Phase 3: Sign and Encrypt an email message". Then past the content of your recently created signed and encrypted message in the body (details) of the post.

Part 4: Decrypt a secure message sent to you. In this part of the assignment you will be decrypting a ciphered message that is stored into the shared folder /home/sharedfolder/proj5/of the master server. You need to access to the master server to copy the message file stored there and that is named as YOURUSERNAME.enc . This YOURUSERNAME.enc file has been created encrypted with a temporary key pair that we have generated for you. The files containing your temporary keys can also be found in the shared folder (YOURUSERNAME.pub and YOURUSERNAME.sec). You will need those keys in order to access to your secret message. > Your secret key is password protected and we have user the same password that we provided your with the credentials to access the master server. Finally, If you are able to decrypt your individual encrypted fileANAME.enc, you will access to a cookie (a random number), which is the deliverable of this part of the assignment. To deliver your cookie you need to create a file in your home directory of the master server ~/lab abc/YOURUSERNAME.plain , which contents your decrypted cookie. > Your secret message was signed too, to verify the correct signature you need to import a public key stored into the shared folder name ronny.pub