GBA 685 Advanced Computer Forensics
Report #7
Xianglian Jin
The GNU Privacy Guard (GnuPG) is GNU 's tool for secure communication and data storage. It can be used to encrypt data, create digital signatures, and help authenticating using Secure Shell and to provide a framework for public key cryptography. It includes an advanced key management facility and is compliant with the OpenPGP and S/MIME standards. Gpg4win is GNU Privacy Guard for Windows and Kleopatra is the certificate manager in Gpg4win. To create OpenPGP and X.509 certificates, Gpg4win uses a key length of 2048bit by default. The default algorithm for signing and encrypting is RSA. [1]
In RSA cryptosystem, the encryption key is public and differs from …show more content…
Then we create a checksum for the decrypted file after decryption to make sure the file has not been altered.
Click ‘File’. Click ‘Create checksum files’. Select the original file and click ‘Open’. Then we got a checksum file which contains the checksum in it.
Figure 14 Create a checksum
Figure 15 Checksum of the original file
Click ‘File’. Then click ‘Decrypt/Verify Files’. Select an encrypted file. Then click ‘open’.
Figure 16 Select an encrypted file
Then click ‘Decrypt/Verify’ to proceed. The procedure also includes entering the passphrase of the certificate.
Figure 17 Decrypt a file
Click ‘OK’ to complete. The decrypted file will appear in the selected folder. Then we create a checksum for the decrypted file follow the steps that have mentioned above.
Figure 18 Checksum of decrypted file
We can see that this checksum is as same as the one of the original file. That means the file has not been altered after encryption and decryption.
4.2 Verification
The first few steps of verification are as same as the decryption. But remember to check the box which says ‘Input file is a detached signature’ before click on the ‘Decrypt/Verity’.
Figure 19 Verify a file
Figure 20 Signature