LinuxCBT.com

Syllabus

Focus: Pretty Good Privacy (PGP) Security

Duration: 11-Hours

  • OpenPGP Security - Module IX

    • Introduction - Topology - Features
      • Discuss course outline
      • Explore system configuration
      • Identify key systems to be used
      • Explore network topology
      • Enumerate and discuss key OpenPGP features
    •  
    • Explore GPG Configuration
      • Identify installed GPG packages in various Linux distros
      • Discuss the key contents of those packages
      • Explore configuration hierarchy
      • Discuss security as it pertains to private key management
      • Explain the purpose of public and private keys
      • Discuss symmetric and asymmetric encryption provided by OpenPGP-compliant Apps
    •  
    • Generate | Import | Export OpenPGP Usage Keys
      • Discuss features and benefits
      • Obtain shell access on remote systems
      • Generate usage (private|public) keys
      • Identify the generated keys
      • Discuss how usage keys are used
      • Generate usage keys on remote systems
      • Export OpenPGP public key chain on various systems
      • Import OpenPGP public keys on various systems
      • Evaluate the results of exchanging public keys
    •  
    • Digital Signatures
      • Discuss features and benefits as they pertain to data integrity
      • Identify default digital signatures on multiple hosts
      • Explain the differences between signing and encrypting correspondence
      • Sign and export data to remote systems - Inline
      • Create detached OpenPGP signatures for data
      • Confirm the signed data on the remote systems
      • Recap non-repudiation benefits provided by digitally signing correspondence
    •  
    • Encryption | Decryption | Sign & Encrypt Content
      • Discuss features and benefits
      • Generate files for usage
      • Encrypt content using symmetric (shared-key) algorithm
      • Decrypt content using the shared-key, based on the symmetric algorithm
      • Evaluate results on multiple machines
      • Explain caveats associated with symmetric encryption
      • Encrypt content to a given recipient, using their public key - asymmetric encryption
      • Decrypt content on various hosts
      • Attempt to decrypt content without the corresponding private key
      • Evaluate results
      • Encrypt using ASCII-armoured and binary (OpenPGP-compliant) formats
      • Decrypt both ASCII-armoured and binary formats
      • Recap encryption decryption processes
      • Discuss the requirements of signing and encrypting content
      • Sign and encrypt content to various recipients
      • Confirm signed and encrypted content
      • Attempt to confirm and decrypt content as the unintended recipient
      • Evaluate results
    •  
    • OpenPGP Key Management | Web of Trust | Internet Key Distribution
      • Discuss features and benefits
      • Explore GPG key management facility
      • Update properties of public/private key pairs
      • Add sub-keys to public/private key pairs
      • Sign remote users' public keys
      • Evaluate results
      • Discuss the web of trust functionality
      • Create a web of trust with various hosts
      • Evaluate trust confirmation
      • Discuss the features of OpenPGP Internet key distribution servers
      • Generate and upload public keys to an Internet key server
      • Download the uploaded public keys to the public keyrings of various hosts
      • Evaluate results
    •  
    • Perl Scripting with GPG
      • Discuss features and benefits
      • Create a Perl script to backup key directories and files
      • Ensure that the script GPG-protects the content post-backup
      • Include error-handling to ensure that each step of the script is routed appropriately
      • Configure the script to transfer the encrypted content to a remote host ust 'scp'
      • Evaluate results
    •  
    • OpenPGP (GPG | PGP Desktop) on Win32
      • Discuss features and benefits
      • Download and install GPG for Win32
      • Generate usage keys
      • Exchange public keys with a user on a Linux system
      • Sign and encrypt content to and from the Win32 user
      • Confirm results
      • Download and install GPG4WIN (GUI-based GPG for Win32)
      • Explore features
      • Sign and encrypt content to and from the Win32 user
      • Confirm results
      • Integrate GPG4WIN with MS Outlook
      • Sign and encrypt e-mail messages
      • Confirm and decrypt e-mail messages
      • Install PGP Desktop for Win32
      • Explore features and interface
      • Generate usage keys
      • Exchange public keys with Linux user
      • Sign and encrypt content to and from the Win32 user using PGP Desktop
      • Evaluate results
      • Draw parallels between Win32 based OpenPGP tools and GPG for Linux | Unix
      • Recap OpenPGP functionality included in /GPG|GPG4WIN|PGP Desktop/
    •  

LinuxCBT OpenPGP Edition

  •  
DEMO