How to install GPG on your system

Published:

· How to install GPG on your system

GPG is available on http://www.gnupg.org/ for all supported operating systems and for windows version the link is http://www.gpg4win.org/.

In Windows, after downloading the installer, it is easy to install this software.

During the installation process the setup asks about the components and features that are needed to be installed in addition to the basic GnuPG application. The description of these additive features and components is also given at this step by the setup process.

· How to import keys into GPG

A public key can be added into the public key ring by using -import option

Following is an example of importing a public key “gpg-lab.pub”.

E:\>gpg --import gpg-lab.pub

gpg: key 6C14565D: public key "Internet Security and Privacy (Course key)" imported

Lady using a tablet
Lady using a tablet

Professional

Essay Writers

Lady Using Tablet

Get your grade
or your money back

using our Essay Writing Service!

Essay Writing Service

gpg: Total number processed: 1

gpg: imported: 1

gpg: no ultimately trusted keys found

· How to verify keys are valid

There are several ways [2] of verifying the validity of a key certificate. One way is to verify the fingerprints and then sign it to certify that the key is valid. We can check the fingerprints of key certificate by using -fingerprint option. Every PGP key certificate has unique fingerprint. The other way to set up the validity is to trust that a third individual has gone through the process of validating it. For example a CA (Certification Authority) can be used as a third individual.

Following is an example of finding the fingerprints of few keys used in this Lab.

E:\ >gpg --fingerprint

C:/Users/Tauseef/AppData/Roaming/gnupg/pubring.gpg

pub 1024D/FC610E36 2008-10-27 [expires: 2018-10-25]

Key fingerprint = 29EA C79A CF6E 9ECF C336 F4DD 9484 4BA1 FC61 0E36

uid Pehr Söderman (My current key)

sub 4096g/96ABEAF0 2008-10-27 [expires: 2018-10-25]

Fingerprint of this key is exactly the same as given in our lab instructions manual. Then in order to sign the key we need to edit it. A key can be edited by using -edit command and at the prompt using sign command.

· How to set trust levels on keys

We can set the trust level by using the -edit-key command. The complete format of this is “gpg --edit-key key id”. Following is an example.

E:\ >gpg --edit-key 6C14565D

gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

pub 1024D/6C14565D created: 2009-10-19 expires: 2010-01-17 usage: SC

trust: full validity: unknown

sub 2048g/B05617AA created: 2009-10-19 expires: 2010-01-17 usage: E

[ unknown] (1). Internet Security and Privacy (Course key)

[ unknown] (2) Internet Security and Privacy

[ unknown] (3) Internet Security and Privacy

[ unknown] (4) Internet Security and Privacy

[ unknown] (5) Internet Security and Privacy

Then at the prompt use trust command and set the desired trust level.

Command> trust

Then it will ask the required trust level among the following options.

1 = I don't know or won't say 2 = I do NOT trust

3 = I trust marginally 4 = I trust fully

5 = I trust ultimately m = back to the main menu

Your decision? 4

· How to create keys with GPG

Key in GPG can be generated by using -gen-key command. It includes several steps which are explained in following example.

E:\Courses\2nd Quarter\Internet Security\Labs\1\2nd>gpg --gen-key

gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

The first step is to decide the appropriate type of key. Option 2 creates a DSA key-pair which is the master key-pair used only for signing and an Elgamal subordinate key-pair for encryption.

Please select what kind of key you want:

Lady using a tablet
Lady using a tablet

Comprehensive

Writing Services

Lady Using Tablet

Plagiarism-free
Always on Time

Marked to Standard

Order Now

(1) RSA and RSA (default)

(2) DSA and Elgamal

(3) DSA (sign only)

(4) RSA (sign only)

Your selection? 2

Then the key length is required. A longer key reacts more secure against the brute-force attacks.

DSA keys may be between 1024 and 3072 bits long.

What keysize do you want? (2048) 1024

Requested keysize is 1024 bits

It then asks validity period of the key.

Please specify how long the key should be valid.

0 = key does not expire

<n> = key expires in n days

<n>w = key expires in n weeks

<n>m = key expires in n months

<n>y = key expires in n years

Key is valid for? (0) 4w

Key expires at 12/19/09 14:46:41 W. Europe Standard Time

Is this correct? (y/N) y

Now GPG asks the userid of our key-pair. It can allow those who get our public key to know who this key belongs to. We are also required to specify email address here. Finally, we must specify the passphrase to protect our secret key; GPG uses it to control the access to our secret key.

GnuPG needs to construct a user ID to identify your key.

You need a Passphrase to protect your secret key.

Now GPG is generating our key-pair, during this process it asks to produce more “seed” to make the key generated key stronger.

We need to generate a lot of random bytes. It ……(Deleted to save space)……public and secret key created and signed.

gpg: checking the trustdb

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u

gpg: next trustdb check due at 2009-12-19

pub 1024D/96DD7072 2009-11-21 [expires: 2009-12-19]

Key fingerprint = C167 A4F5 EC41 0978 C728 9BC9 B1F0 F2E2 96DD 7072

uid Muhammad Tauseef Khan (IK2206)

sub 1024g/9D6213BB 2009-11-21 [expires: 2009-12-19]

· How to handle identities in GPG

GPG allows us to add more than one identity to our key. This can be achieved by using -edit-key command and then adduid command. Whenever we edit our secret key GPG asks the passphrase to confirm the changes made.

· How to sign keys with GPG

In order to validate a key, it needs to be signed. A key can be validated by first using -edit command and then entering sign command for signing and trust command for assigning trust to a key, at the prompt. Following is an example.

E:\Internet Security\Labs\1>gpg --edit

gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

pub 1024D/242C87B7 created: 2009-11-21 expires: 2010-01-20 usage: SC

trust: unknown validity: unknown

sub 1024g/95101577 created: 2009-11-21 expires: 2010-01-20 usage: E

[ unknown] (1). fahad (IK2206)

Command> sign

pub 1024D/242C87B7 created: 2009-11-21 expires: 2010-01-20 usage: SC

trust: unknown validity: unknown

Primary key fingerprint: 985C B4E0 1A38 9C47 6A5E 0948 611A 51E3 242C 87B7

fahad (IK2206)

This key is due to expire on 2010-01-20.

Are you sure that you want to sign this key with your

key "Khan Muhammad Tauseef (IK2206" (96DD7072)

Really sign? (y/N) y

You need a passphrase to unlock the secret key for

user: "Khan Muhammad Tauseef (IK2206) <>"

1024-bit DSA key, ID 96DD7072, created 2009-11-21

Command> trust

pub 1024D/242C87B7 created: 2009-11-21 expires: 2010-01-20 usage: SC

trust: unknown validity: full

sub 1024g/95101577 created: 2009-11-21 expires: 2010-01-20 usage: E

[ full ] (1). fahad (IK2206)

Please decide how far you trust this user to correctly verify other users' keys

(by looking at passports, checking fingerprints from different sources, etc.)

1 = I don't know or won't say

Lady using a tablet
Lady using a tablet

This Essay is

a Student's Work

Lady Using Tablet

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Examples of our work

2 = I do NOT trust

3 = I trust marginally

4 = I trust fully

5 = I trust ultimately

m = back to the main menu

Your decision? 4 here, a trust level of “full” is assigned.

pub 1024D/242C87B7 created: 2009-11-21 expires: 2010-01-20 usage: SC

trust: full validity: full

sub 1024g/95101577 created: 2009-11-21 expires: 2010-01-20 usage: E

[ full ] (1). fahad (IK2206)

Please note that the shown key validity is not necessarily correct

unless you restart the program.

We can also check the signature and the trust level by using -check-sig and -check-trust commands respectively.

E:\ Labs \1>gpg --check-

pub 1024D/96DD7072 2009-11-21 [expires: 2009-12-19]

uid Khan Muhammad Tauseef (IK2206)

sig!3 96DD7072 2009-11-21 Khan Muhammad Tauseef (IK2206)

sig! 242C87B7 2009-11-25 fahad (IK2206)

uid Muhammad Tauseef Khan (IK2206)

sig!3 96DD7072 2009-11-21 Khan Muhammad Tauseef (IK2206)

sig! 6C14565D 2009-11-21 Internet Security and Privacy (Course key)

sig! 242C87B7 2009-11-25 fahad (IK2206)

sub 1024g/9D6213BB 2009-11-21 [expires: 2009-12-19]

sig! 96DD7072 2009-11-21 Khan Muhammad Tauseef (IK2206)

2 signatures not checked due to missing keys

E:\Labs\1>gpg --check-trust

gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model

gpg: depth: 0 valid: 1 signed: 3 trust: 0-, 0q, 0n, 0m, 0f, 1u

gpg: depth: 1 valid: 3 signed: 0 trust: 1-, 0q, 0n, 0m, 2f, 0u

gpg: next trustdb check due at 2009-12-19

· How to verify signed e-mails with GPG

Email messages can be verified by using the option -verify. For example, verifying a message named “part5.asc” is.

E:\ >gpg --verify part5.asc

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: Good signature from "Internet Security and Privacy (Course key)

gpg: aka "Internet Security and Privacy"

gpg: aka "Internet Security and Privacy "

gpg: aka "Internet Security and Privacy

gpg: aka "Internet Security and Privacy"

gpg: WARNING: This key is not certified with a trusted signature!

gpg: There is no indication that the signature belongs to the owner.

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

The first line tells about the key used to make the signature and the time when the signature was made. The next line tells us that the signature is “good” or valid with the confirmation of the userid of that key Internet Security and Privacy (Course key) . The WARNING indicates that the key used to make the signature is not “trusted”.

Another example is for “bad signature”.

E: >gpg --verify part4.asc

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: BAD signature from "Internet Security and Privacy (Course key)"

This means that the file has been changed in transit or altered somehow.

· How to sign e-mails with GPG

The command -sign is used to make signature on a message. The document to sign is the input and the signed document is the output. It is also possible to change the format of the output to ascii-armor by using -armor option. GPG uses our secret key for signing and therefore it will need the passphrase to be inputted. Following is an example.

E: >gpg --armor --output 4step8signed --encrypt --sign 4signstep8

You need a passphrase to unlock the secret key for

user: "Khan Muhammad Tauseef (IK2206) >"

1024-bit DSA key, ID 96DD7072, created 2009-11-21

You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID. End with an empty line:

gpg: B05617AA: There is no assurance this key belongs to the named user

pub 2048g/B05617AA 2009-10-19 Internet Security and Privacy

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

Subkey fingerprint: 332C 0FD9 146B 75A2 7D2D 06D9 D843 960F B056 17AA

It is NOT certain that the key belongs to the person named

in the user ID. If you *really* know what you are doing,

you may answer the next question with yes.

Use this key anyway? (y/N) y

Current recipients:

2048g/B05617AA 2009-10-19 "Internet Security and Privacy"

· Examples of signed messages

The email contains several sections that are separated by separators. We used -verify command to check the signatures.

E:\good signed>gpg --verify part3.asc

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: Good signature from "Internet Security and Privacy (Course key)"

gpg: aka "Internet Security and Privacy"

gpg: aka "Internet Security and Privacy >"

gpg: aka "Internet Security and Privacy "

gpg: aka "Internet Security and Privacy "

gpg: WARNING: This key is not certified with a trusted signature!

gpg: There is no indication that the signature belongs to the owner.

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

GPG tells about the signatures that this file has. It returns an indication of either a good signature or a bad signature. A good signature means that the signature of the file matches the signature that GPG expects, from the mentioned key on this file. Another possible output is a bad signature which means that the contents of the file were altered.

E:\Bad Signed>gpg --verify part4.asc

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: BAD signature from "Internet Security and Privacy (Course key)"

We can also use the -decrypt command for this purpose. This command not only provides the information os the signatures but also provides the decrypted contents of the file. As shown in the first line below.

E:\Bad Signed>gpg --decrypt part4.asc

eb8c990b7e894bcafa73b1b3a8302b865ed0fbbf

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: BAD signature from "Internet Security and Privacy (Course key)"

· How to verify encrypted e-mails with GPG

The email message that we have received contains encrypted data so we need to first decrypt it by using the -decrypt option.

E:\step 9>gpg --armor --output test.asc --decrypt part6.txt

You need a passphrase to unlock the secret key for user: "Khan Muhammad Tauseef (IK2206)"

1024-bit ELG key, ID 9D6213BB, created 2009-11-21 (main key ID 96DD7072)

gpg: encrypted with 1024-bit ELG key, ID 9D6213BB, created 2009-11-21

GPG tells us that the message is encrypted with our key so it requires the passphrase to access our secret key which is needed to decrypt the message. Also if the message is not allowed to be decrypted by our key i.e. it is encrypted with some other key then we are unable to decrypt the message and GPG will give decryption failed.

E:\step 9>gpg --armor --output test.asc --decrypt part5.txt

gpg: encrypted with 2048-bit ELG key, ID B05617AA, created 2009-10-19

"Internet Security and Privacy (Course key)"

gpg: decryption failed: No secret key

· How to encrypt e-mails with GPG

Then we are required to encrypt the messages by arranging in a block form first. The command used to encrypt the message is -encrypt. GPG will use our secret key to encrypt the messages.

E:\step 9>gpg --armor --output 4step9signed.asc --encrypt 4signstep9

You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID. End with an empty line:

Current recipients:

1024g/9D6213BB 2009-11-21 "Muhammad Tauseef Khan (IK2206) "

Enter the user ID. End with an empty line:

gpg: B05617AA: There is no assurance this key belongs to the named user

pub 2048g/B05617AA 2009-10-19 Internet Security and Privacy

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

Subkey fingerprint: 332C 0FD9 146B 75A2 7D2D 06D9 D843 960F B056 17AA

It is NOT certain that the key belongs to the person named

in the user ID. If you *really* know what you are doing,

you may answer the next question with yes.

Use this key anyway? (y/N) y

Current recipients:

2048g/B05617AA 2009-10-19 "Internet Security and Privacy "

1024g/9D6213BB 2009-11-21 "Muhammad Tauseef Khan (IK2206) "

Enter the user ID. End with an empty line:

· Examples of encrypted messages

Following is an example of an encrypted message which is decrypted by using -decrypt command. GPG tells us the information about the keys from which the message was encrypted.

E:\step 9>gpg --output 11 --decrypt part11.txt

You need a passphrase to unlock the secret key for user: "Khan Muhammad Tauseef (IK2206)"

1024-bit ELG key, ID 9D6213BB, created 2009-11-21 (main key ID 96DD7072)

gpg: encrypted with 2048-bit ELG key, ID B05617AA, created 2009-10-19

"Internet Security and Privacy (Course key)"

gpg: encrypted with 1024-bit ELG key, ID 9D6213BB, created 2009-11-21

"Khan Muhammad Tauseef (IK2206)"

The decrypted output produced by this command is “2617fe83f34901ba48fe03a9a1aceba241f0077f” which is derived from the following encrypted message.

-----BEGIN PGP MESSAGE-----

Version: GnuPG v2.0.9 (GNU/Linux)

hQEOA94pXdqdYhO7EAQAhmR9JveRtnzhY7tna8FIAutZXl2YaMp9JGtd7g6xZzUQ

2y/YHC4z+Yq+fXle+toxLLcadBHempsdlI9I5ics1LHggLAQ+eLJqCi4HqHvSgjA

KNmss8TTYg7GzofLZnedJFUGcKAKCObaoIOAkq8bxvidtYmds7htf2f2wq/VsZ8D

/jov6vjs3X77KTDeHVA2bICA2RJNPFyl49mv5LxLyUIl0igIn7dYybzE+3pRCTJR

xYkN2EzCAA8qK2v5l0f9nZjCFw+nlnbfGR4hbEhntOwHD1Cvv3mKtDUmifXdG+nT

YJJMHaPDaWrYZ+bPt7/kmK+8ewn/iB1OdehmOkHbzrb4hQIOA9hDlg+wVheqEAf+

NjQzr340/9qTsMASKSeezRunpehNRjXkdArJjSSACMNwTr0F+bWo+HIbRSOcILBg

es2UN9V6O44mFyjbEpRrTvEk65d2gVNUo5dMt60lHbZnEMPA6d6zqiPXTs1Erq8j

tFYMoMw+qge5MwFoDBrIqgcv9uD8/nKR349vGSxhEvVKDrXmlTfqYQW5I83BxhjN

p7EkBVkaPg3Iz2EZ6lS4KvaeZKPEqu4k51+zx5pRoP4ruD0WX+xIjwL8HeBBV/LC

EK7Rhf9Dc9DesY9a12aixxf2qBXZjsKtUXqB4H7YufaCysvmX7MDRgA94F8X9bSi

7p7ore0C4jZGD9YdE39LNAf8CoF8aD8s7j+5ynb/u0+yyZ/u9j6hXsiXEEgBtOVF

Zn+K1shwxhcZill16XLl8b1ly1NY86J0Pb/cLALTbHQmYQWnI31HfqFMkG+FVdnY

d3zDOD6guu9/V7v02RlQfzAXgbLBNJGHIBnzmEe+rwoxQEkTc80X6AaPTN0L4dSw

ZJyxShu9N5RtW8quaorkAlOl8hNuP7NRiiMe6Y6CfyO7fk7bLKujs4c3mt2uOpwT

XjPh976tU9sO56Ef7Ryc7Q89/ef+9e/JOOzbw7A1LJGhEHLBErQwl8MC5IjyF4Dp

A+nEhpu3u15GOqp4qmrKf1lIR705lC2Mt8Vbu+DitBFUl9JkAc/2YOJWLPKQy7gC

BHZm7iUWMA4kK7lsu7KO6BBK7DigVUCfKl10w+BDF+vGQCPOmiMgpPZ4fJr9fmUx

xExppdt4XTzbcYKbR14C+aIjx2rk1PxDV8PW2p/m+SoxNyhhtxjAqQ==

=MTO9

-----END PGP MESSAGE-----

Also we need the private key to which the message was encrypted. If the message was encrypted to some other key then a decryption failed message appears.

E:\step 9>gpg --decrypt part4.txt

gpg: encrypted with ELG key, ID FDB225AD

gpg: decryption failed: No secret key

· How to verify encrypted and signed e-mails with GPG

The verification of encrypted and signed e-mails can be done by using -decrypt option. GPG will decrypt the file and also verifies the signature automatically. Following is an example.

E:\step 10>gpg --output 11.asc --decrypt 11.txt

You need a passphrase to unlock the secret key for

user: "Khan Muhammad Tauseef (IK2206)"

1024-bit ELG key, ID 9D6213BB, created 2009-11-21 (main key ID 96DD7072)

gpg: encrypted with 2048-bit ELG key, ID B05617AA, created 2009-10-19

"Internet Security and Privacy (Course key)"

gpg: encrypted with 1024-bit ELG key, ID 9D6213BB, created 2009-11-21

"Khan Muhammad Tauseef (IK2206)"

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: Good signature from "Internet Security and Privacy (Course key)"

gpg: aka "Internet Security and Privacy"

gpg: aka "Internet Security and Privacy >"

gpg: aka "Internet Security and Privacy "

gpg: aka "Internet Security and Privacy "

gpg: WARNING: This key is not certified with a trusted signature!

gpg: There is no indication that the signature belongs to the owner.

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

· How to encrypt and sign e-mails with GPG

The encryption and signature can be made in one command by -sign -encrypt “filename to be encrypt & sign”. Following is an example.

E:\step 10>gpg --armor --output 4step10signed.asc --sign --encrypt 4signstep10.txt

You need a passphrase to unlock the secret key for

user: "Khan Muhammad Tauseef (IK2206)"

1024-bit DSA key, ID 96DD7072, created 2009-11-21

You did not specify a user ID. (you may use "-r")

Current recipients:

Enter the user ID. End with an empty line:

Current recipients:

1024g/9D6213BB 2009-11-21 "Muhammad Tauseef Khan (IK2206) "

Enter the user ID. End with an empty line:

gpg: B05617AA: There is no assurance this key belongs to the named user

pub 2048g/B05617AA 2009-10-19 Internet Security and Privacy

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

Subkey fingerprint: 332C 0FD9 146B 75A2 7D2D 06D9 D843 960F B056 17AA

It is NOT certain that the key belongs to the person named

in the user ID. If you *really* know what you are doing,

you may answer the next question with yes.

Use this key anyway? (y/N) y

Current recipients:

2048g/B05617AA 2009-10-19 "Internet Security and Privacy"

1024g/9D6213BB 2009-11-21 "Muhammad Tauseef Khan (IK2206) "

Enter the user ID. End with an empty line:

· Examples of encrypted and signed messages

We need -decrypt command to decrypt the encrypted and signed messages. Following are few responses of decryption of different parts of message.

e:\step 10>gpg --output 11.asc --decrypt 11.txt

You need a passphrase to unlock the secret key for

user: "Khan Muhammad Tauseef (IK2206)"

1024-bit ELG key, ID 9D6213BB, created 2009-11-21 (main key ID 96DD7072)

gpg: encrypted with 2048-bit ELG key, ID B05617AA, created 2009-10-19

"Internet Security and Privacy (Course key)"

gpg: encrypted with 1024-bit ELG key, ID 9D6213BB, created 2009-11-21

"Khan Muhammad Tauseef (IK2206)"

gpg: Signature made 11/21/09 15:59:46 W. Europe Standard Time using DSA key ID 6C14565D

gpg: Good signature from "Internet Security and Privacy (Course key)"

gpg: aka "Internet Security and Privacy"

gpg: aka "Internet Security and Privacy >"

gpg: aka "Internet Security and Privacy "

gpg: aka "Internet Security and Privacy "

gpg: WARNING: This key is not certified with a trusted signature!

gpg: There is no indication that the signature belongs to the owner.

Primary key fingerprint: 00E2 5F48 4127 488C 51EC 08DE B367 D505 6C14 565D

The outputted decrypted message is 3ad2e2a0b15d0e9f823c57fe44fefa2a870d30fa and following is the message that we inputted for decryption.

-----BEGIN PGP MESSAGE-----

Version: GnuPG v2.0.9 (GNU/Linux)

hQEOA94pXdqdYhO7EAP+OUJF1wcMLszzu6YIVcXOOKckhChdM8LKX2FCUmBIuObn

DGThocqob1L4LLhSQlvLQI2RlZ8Y+AmPYpKapOO3AWC63thDjmw3LWcYNumZHZTZ

JLJj+3cLb67kjSn3rVRunrBsEuyON3j6ARuh0e3C1qsRi8BGs/p4OfFoYTEGa7AD

/3pHj347wjRhQEYsjhihDw3UgTTpK2ntJbqXQCrQpO7QyqTQ84i+thFyrhhiSiHM

4gDMfw3C6KkwuL9va9VFJdWYM83T/ta7MfDBZpv1SZSicvuY3FARNosZnlfA7PFB

pgPJWSBIBAEEd4xB+YeFKmeNrszAGFdQygkuobigsqL6hQIOA9hDlg+wVheqEAf/

XJiXOdVNyFu/DdajNXheYxgrIamL9y0ksMY10rNpvNd++QEV//pMEA5gTuPWt++V

S3CoECbUjlcru8kcuvlNNTsWmKapDvjNvIU9JrircK35CzydbW6KA79Uo2nKTjuV

FUPlDayNTKH87ByprCpGIuLVB1dUz8o5v8s1WKE5dCq7F2WwZAbuXgYeLToM8wQU

yELLCBCoWMFKlrsXV2ibYd/BCjoXryaOevvpKGaMKWiN8m14Q73qQsrnpgl6lpTE

+HtdywzSTRqmP1EPI2pL0H+/Z/TtEplboeDQSwiwe8oA7eFQ+Y9u+ifv796wod8q

Ujb6kK2vIHNZ7ZgPnIP9tgf/VWSa3Vxr0NW0n0TEeeOtySGwzHzcBlhA8BKsp0el

jWKHc6a4v0KLEZYeByAiWb1o2foLtiWtlEjxIryjr9pwSIR+uDLP1ZJudqAFtUFA

Jq0VVYDMGs4+8Vghn0zS3GSnaCtS12EpvVFGXebM1YCeDBOX4sbss1/mM0QhTtZZ

r3lvUdhH+Gqn7Uv1pbpJuZ83/uVzxPlxJOk2jQ2ekA7y/dKf1sJmPi0i8Qi19dXH

M9s9vTU51ndOXXmJsw8Y8FBlMR/XtJlfZLDyPzXwuSJ23omPA73XxfSGduu75sQe

w2pITtPAjweqxQeAKvQ9aKRCY81UT6jeDsk8keaecyffNNK2AbqrrLnO3kay7k/K

kFY3pWQeuhRBhFzDjBjmwfBBFk+b5I5N/F/IIe8GT93sBbTRhWJJ1rq+liFCSCNG

57ftegukcyIA17XHF71xjYjYY8wFAW+TFr6bUZcP6X5SZ9ry1CtuON7Db/hCSCjW

tYPNB6mlUinjlL9PfBvj9PsDlCqeqbAAgzpo1NFY2uxi+Tya2bMzc42EIAa4uQpO

Bi6ehJ4BTo9kuU6oJ+5oANG8jvHS013UZT0=

=2A3j

-----END PGP MESSAGE-----

If the message inputted was not encrypted but signed only, GPG will extract the message from the file and gives only the message contents of that file. Following is an example.

Also i arranged the parts of the given message in different categories and arranged them as mentioned in the below mentioned table.

Status

Encrypted with

Signed with

Own key

Course Key

Other Key

Own key

Course Key

Other Key

2

1

3

1

1

4

5

1

1

6

7

1

8

1

1

1

9

1

10

11

1

1

1

12

1

1

13

1

1

14

1

15

1

16

1

· References

[1] GnuPG. (Undated). The GNU Privacy Handbook. [Online]. Viewed 2009 November 12. Available: http://www.gnupg.org/gph/en/manual.html#REVOCATION

[2] The International PGP. (Undated). How PGP works. [Online]. Viewed 2009 November 13. Available: http://www.pgpi.org/doc/pgpintro/#p12

[3] Spyware Warriors. (Undated). GnuPG - Command Reference. [Online]. Viewed 2009 November 15. Available: http://www.spywarewarrior.com/uiuc/gpg/gpg-com-0.htm

[4] TAGPMA. 2009 October 05. GPG HowTo. [Online]. Viewed 2009 November 17. Available: http://tagpma.es.net/wiki/bin/view/Main/GPG-HowTo#Verify_a_signed_message

[5] GnuPG. (Undated). The GNU Privacy Handbook. [Online]. Viewed 2009 November 17. Available: http://www.gnupg.org/documentation/manuals/gnupg.pdf