• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » GNU Privacy Guard (GPG) For Secure Cloud Computing

By Abhishek Ghosh December 10, 2014 6:36 am Updated on December 10, 2014

GNU Privacy Guard (GPG) For Secure Cloud Computing

Advertisement

GNU Privacy Guard (GPG) is used for code signing in Free Software. For secure Cloud Computing, GPG can be used for Emails and Messaging. Basically, GPG is stable, qualified as a software for production use and is commonly included in unix like operating systems and Microsoft Windows too. Although basically the program has a textual interface, currently there are several graphics applications using GPG resources.

 

GNU Privacy Guard (GPG) For Secure Cloud Computing : Basics

 

GNU Privacy Guard (GPG) has been integrated into certain Email Clients, there is a plugin called that integrates with Mozilla and Thunderbird working in Windows, GNU/Linux and other operating systems. Because the plugins are not part of the mechanism of GPG and are not specified in the OpenPGP standard, nor their respective developers are linked to projects plugins, one might think that the security benefits of GPG may be losing their effectiveness as a result of this lack of coordination and support, but being open source tools or interpreted scripts (as in the case of plugins for Thunderbird), reliable operation is guaranteed with GPG tool.

GPG can also be compiled on other platforms such as Mac ( OS X ) and Windows. In OS X, there is a free application, which has been adapted to use the user environment and its native class definitions. Cross compilation is not a trivial exercise, at least in part because security provisions change the operating system and adaptation often becomes difficult, but High quality compilers must produce executable to interact properly with other GPG implementations.

Advertisement

---

GnuPG has set itself the goal of achieving the largest possible group of users, the use of cryptographic methods to confidential transmission of electronic data. GnuPG also supports the following functions:

 

  1. Encryption of data (eg. as e-mail ) to transmit confidential information to one or more receivers that can only be decrypted by the receiver again.
  2. Generating a signature on the data sent in order to ensure the authenticity and integrity.

 

Both functions can be combined. In general, the signature is created first and appended to the data. This package is then encrypted and sent to the receiver. The combination of both in one call GnuPG support only in this order. When sending e-mails (as PGP / MIME according to RFC 3156 ), although both variants are possible, but due to limitations of the mail client that is in practice the only possible sequence; the ability to encrypt an email first and then sprayed with a clear text signature (so that a virus scanner or spam filter that can not decrypt the message itself) is not provided. However, one can encrypt files independent of the e-mail, attach it to an email and let the email then sign as PGP / MIME.

 

GNU Privacy Guard (GPG) For Secure Cloud Computing

As most of the Email services, Messaging Services etceteras are based on Cloud Computing Platform; i.e. are multi tenant in nature, in short; GNU Privacy Guard (GPG) can be used for Secure Cloud Computing.

 

GNU Privacy Guard (GPG) For Secure Cloud Computing : Operation

 

On IaaS Model of Cloud Computing, we run an instance over a software like OpenStack, which in turn runs on either a virtual hardware or real hardware. It is near impossible to know where the cloud computing software like OpenStack is running. For the shared hosting services, assumably it is virtual, for cost reduction. Further adding a PaaS adds more complexity. These platforms are difficult to rely for generation of the keys as multiple nodes are associated. Generating keys on real hardware is safer and trusted.

GPG is a public-key encryption method , that is, to encrypt messages, no secret information is needed. Each user creates a GPG key pair that consists of two parts: the private key and the public key. The owner only has the access to the private key. Therefore, this is usually protected with a password. This data can be decrypted and signed. The public key is used to encrypt data and to verify signed data. User must have a communication partner available to perform these two actions. The data can be not signed nor decrypted with the public key, so its distribution is also fraught with no security risk.

 

The public key can be shared with other users through a variety of channels, eg. As Internet key servers . The combination of public key and user ID should definitely be reliably checked before use to prevent identity manipulations because the public key listed in identity information (usually name and e-mail, possibly even in a comment), which can be forged. GPG can only determine whether the data has been signed or encrypted with a particular key. Whether the key is itself trustworthy, the user has to decide finally anyone can create a key with the data of other users and invite him to a keyserver. One from an uncertain source (eg., The Internet) loaded key should not be relied first. To test, the fingerprint ( hash value ) of the key over a secure channel should compare it with the downloaded key locally generated. This is safe, because it is not possible to generate a matching key for a given fingerprint. This security depends (and the set of possible keys) on the strength of the hash function.

 

GNUPG OS X Mail

To encrypt the data, or sign, there are different degrees of keys. Normally there are 2048- to 4096-bit strong key with 2048 bit length. GPG is currently used with not patented algorithms to encrypt data with those keys, such as RSA , ElGamal , CAST5 , Triple DES (3DES), AES and Blowfish .

GnuPG supports with master keys a security feature that goes beyond the OpenPGP standard and therefore does not work reliably if such secret key to be imported into another OpenPGP application. The master key is not used for everyday signing and decrypting, but for the management of own key components (user IDs and subkeys) and the certification of other keys. These actions fall at comparatively rare, so that you can back up the master key special. The advantages of this approach are:

 

  1. The verification of the key does not need to be repeated by the communication partner. The master key remains valid.
  2. Subkey can be easily replaced. Expiring and new subkeys are nothing special for OpenPGP, are automatically included in key updates, and uses transparent to the user.
  3. If the master key must also needed to be signed for significantly higher level of security to sign information of great importance.

 

The technical approach is to export the private key without the master key (making a backup of the master key), then delete all the secret key, and then import only the subkey. Unfortunately, these GnuPG function is not yet supported by the GUI, so one need to perform actions in the console for the necessary steps.

 

GNU Privacy Guard (GPG) For Secure Cloud Computing and Web of Trust

 

Using a Web of Trust address the problem of connecting with all the communication partners. Users can sign other keys with their own key and confirm third party so that they have verified the authenticity of the key. In addition, one can determine how much you trust the signings of the person. This results in the Web of Trust. If John Doe has, for example, confirmed with their signature with the authenticity of the key of Mary Doe, Abhishek Ghosh can even trust the authenticity of the key of John Doe, when they themselves could not convince directly. There are some certification bodies (certification authority, CA) to determine the authenticity of keys, for example, by personal contact with verification of the identity card.

The web of trust has been extensively studied by scientists and visualized in detail. It was found that a large proportion of users belonging to a subset that is connected by mutual acknowledgments completely with each other, the so-called Strong Set the Web of Trust. Studies have also shown that the crypto campaign contribution was made ‹‹to strengthen the links between the participants. Another important contribution to the Web of Trust provides the Debian project that requires digital signatures for the inclusion of contributions.

 

GNU Privacy Guard (GPG) For Secure Cloud Computing and GPG Agents

 

As the ssh-agent (in OpenSSH ) serves as the gpg-agent, among theother things, to keep the pass phrase for a configurable period, thus eliminating the need to re-enter; gpg-agent stores the pass phrase. Unlike OpenSSH, the gpg-agent, however, since Version 2 of GnuPG all operations involving private key, outsourced to gpg-agent, which makes it possible to store the key on another computer and to use only indirectly. The second important task of gpg-agent for GnuPG 2.0.x is access to smart cards.

On most Unix-like desktop environments the gpg-agent is equal to a daemon. Because the startup script of the desktop environment exported this environment variable, all programs have access to it. If gpg-agent is not running (or not found), it is gpg, gpgsm and gpgconf which start automatically. Access to a running gpg-agent can be done in console via gpg-connect-agent. gpg-agent, therefore, is independent of OpenPGP and OpenSSH use to manage passphrases for their own programs.

To use GnuPG in different application contexts, many are frontends been created. Front-ends that provide the functions of the command-line based program through a graphical interface available, such as the Gnu Privacy Assistant (GPA), which is distributed by the Free Software Foundation as default frontend, seahorse and kgpg for integration into the Desktop environments GNOME or KDE, WinPT or Gpg4win for working under Windows, as well as GPGTools for Apple OS X.
GnuPG works with Mail programs/Email Agents either directly or via a plug-in. Chat programs like Gabber, Miranda IM as well as the partially cross-platform encrypted chats over networks such as ICQ permit GnuPG.
Server-based front-ends such as GNU Anubis, freenigma or GPGrelay works as the SMTP relay server to allow a centralized and transparent email encryption. For the web browser Mozilla Firefox, there was an add-on called FireGPG, which recognizes and processes on any website GPG blocks, but it is no longer being developed.
There are also other interfaces for the use of GnuPG from various scripting languages ‹‹such as Perl, PHP or Python.

The person who talked about so much applications of GNU Privacy Guard (GPG) for Secure Cloud Computing on the part Email, is no one but NSA leaker, Lionhearted Edward Snowden.

Tagged With Cloud computing - gpg , gpg based cloud encryption

This Article Has Been Shared 327 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to GNU Privacy Guard (GPG) For Secure Cloud Computing

  • Cloud Computing and its Importance in Education and Research

    Cloud Computing though is intended for Business market, does have lot of opportunities from Basic Educational field to top notch research.

  • Private Cloud Computing – Guiding Steps To Start

    Private Cloud Computing becoming an indispensable Component of any sized Enterprise. Cloud Computing Expert has written a handy guide where and how to implement Private Cloud in your business.

  • Father of Cloud Computing John McCarthy – Down the memory lane

    Father of Cloud Computing John McCarthy has left this World on 23rd October, 2011. Let us think for a moment for him who conceptualized Cloud Computing in 1961.

  • Step by Step Guide to Use Free Heroku Cloud

    Step by Step Guide to Use Free Heroku Cloud assumes that the user has no idea about Cloud Server, Git but wants Heroku Cloud Server for Apps and website.

  • Run Rackspace Notification Processor on OpenShift PaaS

    Run Yagi, a modular OpenStack notification event processor against Rackspace account on OpenShift PaaS. We have modified code to adapt PaaS.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • The Importance of Voice and Style in Essay Writing April 1, 2023
  • What Online Casinos Have No Deposit Bonus in Australia March 30, 2023
  • Four Foolproof Tips To Never Run Out Of Blog Ideas For Your Website March 28, 2023
  • The Interactive Entertainment Serving as a Tech Proving Ground March 28, 2023
  • Is it Good to Run Apache Web server and MySQL Database on Separate Cloud Servers? March 27, 2023

About This Article

Cite this article as: Abhishek Ghosh, "GNU Privacy Guard (GPG) For Secure Cloud Computing," in The Customize Windows, December 10, 2014, April 2, 2023, https://thecustomizewindows.com/2014/12/gnu-privacy-guard-gpg-for-secure-cloud-computing/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT