[PGP Key-Signing Party]

[PGP Lock]

  1. Introduction to Encryption, PGP and PGP Keys
  2. Key Authentication: The Web of Trust
  3. The Key-Signing Party
  4. How to join the PGP Key-Signing Party
No large international event which includes system and network security and privacy of information among its topics, can be complete without a PGP key-signing party. During this gathering participants who already have one or more PGP key-pair(s) can meet others and, by using a safe protocol, sign their (public) keys so that the web of trust can grow a little wider.

1. Introduction to Encryption, PGP and PGP Keys

Remember when you were a child and communicated with your best friends in code so that only you and your friends could read the message? The world is not, or rather has never been, a very safe place to keep a secret. And all of us have some secrets we either want to keep to ourself or share with only a select group of trusted friends. Using old-fashioned or standard modern storage and communication means this is no easy task. Disks or tapes might get stolen and communication lines can be tapped.

Still, it is our right to protect our privacy. So what we need are tools that scramble our information in such a way that it is not possible to crack the code in any reasonable amount of time. Enter cryptography. The science of creating precisely those tools, and PGP (which stands for Pretty Good Privacy), a program initially created by Phil Zimmermann that uses several strong cryptographic algorithms to protect the information fed into it in such a way that only the person that has the right key can decrypt it. "Strong" in this case means that the only way the original information can be recreated from the scrambled data in a timely manner is to feed that data and the right key to the decryption algorithm. The key is thus the only item that must remain secret.

Ok, so now we have a tool to encrypt and decrypt information. Lets go back to your childhood. Remember the hard part of using a code? Right, it was transferring the information on how you could decrypt the code to the other person(s) you would like to communicate with. Only relatively recently (in the late 1970s) this problem was solved by the creation of public key cryptography, where the keys are split into two pieces, one of which can be made public (like a telephone number) and the other one which must be kept secure by the owner (like the telephone itself). Key management would seem to be a solved problem.
Unfortunately that isn't so. Key management is undeniably easier using public key systems, but the question becomes one of authentication. How do you know, for sure, that the person you think you are sending the secret message to is really the person you wanted to send it to? I could easily get a telephone connected in another name, and sit back waiting for phone calls intended for another person of that name.

2. Key Authentication: The Web of Trust

One answer to the authentication problem is to have trusted parties who introduce other parties to you. This is what the PGP documentation calls the "Web of Trust". It is a web because each party in it can introduce other parties whom you may or may not already know. Using the telephone analogy, you would only say secret things on the phone if someone you trust had given you the telephone number, not if you had just looked it up in the phone book.

Another answer to the problem is to have Certification Authorities, forming a hierarchical structure. When you get a public key, you would also get a list of certificates. For example, J. Smith's public key might come with a certificate from Widgets, Inc., stating that he works for them. In turn, Widgets, Inc., would need a certificate from someone stating that it is a Delaware Corporation. The state of Delaware would need a certificate stating that it really was what it said it was, presumably issued by the omnipresent authority (which, at the moment, is RSA Data Security Inc.).

Both schemes have flaws. The big problem with the Web of Trust is that it has to be big and well connected before it is useful, while the Certification Authority one implies a sort of control which is often the reason the parties wanted to communicate privately in the first place.

A conference or any mutual gathering offer great opportunities for significantly extend the Web of Trust and a PGP key-signing party is the most effective way to do so!

3. The Key-Signing Party

Great! you say. So what is this key-signing thing all about? A celebration of persons that own a key-pair and want to party? Well, no... A key-signing party is not exactly a party in that sense...
A key-signing party is a gathering of people interested in extending the Web of Trust. In fact, they even prepared to join the party by submitting some information about their PGP keys to the person hosting the key-signing party, e.g.: 
    User ID    : Hans Van de Looy <hans@unicorn.xs4all.nl>
    Key ID     : 0x0A7B84E7
    Type/Size  : RSA/2048
    Fingerprint: 64 07 5D 4C 3F 81 22 73     52 9D 87 08 51 AA 35 F0
At the gathering, I might stand up and say "I'm Hans Van de Looy, here is my passport and business card, and the key with fingerprint 64 07 5D 4C ... really does belong to me."

The others present can verify my passport if they wish and take note, now knowing the association between the key and the person who stood up at the meeting.

4. How to join the PGP Key-Signing Party

A PGP Key-Signing Party follows a strict protocol that we describe below. In order to join the SANE'98 PGP Key-Signing Party, you'll have to prepare a couple of things: please read the instructions below carefully.
  1. Everyone who wants to join the key-signing party should email an ASCII extract of their PGP public key together with the following information to the SANE'98 PGP Key-Signing Party organizer via the address <pgp-keys@nluug.nl>
    -- This info should be submitted no later than November 15th, 1998 --
    • The Primary user ID of the key,
    • The Key ID and the Key Type,
    • The Size of the key, and
    • The Fingerprint of the key.
    (see the example above)

  2. This data of all participants will be printed on paper and dispatched to all participants present at the key-signing party.

  3. For each entered key (one key per person) the organizer will ask if the owner of that key is present and if (s)he will validate that the information on the list matches his or her key. To ensure the identification, that person will also be asked to present some kind of formal document (passport, drivers, license,...). If he/she can't show a formal document, other people present may be asked to acknowledge this person's identity.

  4. Other participants, who want to sign that person's key, now know with reasonable certainty the association between the key and the person who stood up at the meeting.

  5. At the end of the party (all keys processed) a deadline will be given by which all participants should have signed the keys (which may be downloaded from the public key servers) and returned them to the organizer for collection. Most of the time this will be between two weeks up to a month after the party.

  6. The organizer will collect all received messages containing signed keys and will distribute that collection to all original participants, thus ensuring that all signatures will be forwarded to the key-owners. These can thereafter create their new WWW pages containing their public key(s) with some new signatures or send them to one of the public key servers for distribution (not to mention the other ways this information may be distributed).

We hope to see you all at the SANE'98 PGP Key-Signing Party! Until that time have a nice time and keep that privacy sensitive information safe...

Last modified: October 20, 1998 (<pgp-keys@nluug.nl>)

Written by Hans van de Looy and Edwin Kremer with some text borrowed from the USENIX `key-signing' member service introduction by Greg Rose.