GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released...
Transcript of GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released...
![Page 1: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/1.jpg)
Past Present Future
GnuPG: Past, Present, and Future
Werner Koch
DebConf15 � HeidelbergAugust 16, 2015
![Page 2: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/2.jpg)
Past Present Future
Outline
Past
Present
Future
![Page 3: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/3.jpg)
Past Present Future
PGP-2 and the year was 1991
I First public available crypto tool by Phil Zimmermann.
I Heavily improved by Branko Lankester, Colin Plumb, DerekAtkins, Hal Finney, Peter Gutmann, et al.
I Problem 1: RSA patent
I Problem 2: IDEA patent
I Problem 3: Export restrictions
![Page 4: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/4.jpg)
Past Present Future
PGP-2 and the year was 1991
I First public available crypto tool by Phil Zimmermann.
I Heavily improved by Branko Lankester, Colin Plumb, DerekAtkins, Hal Finney, Peter Gutmann, et al.
I Problem 1: RSA patent
I Problem 2: IDEA patent
I Problem 3: Export restrictions
![Page 5: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/5.jpg)
Past Present Future
PGP-2 and the year was 1991
I First public available crypto tool by Phil Zimmermann.
I Heavily improved by Branko Lankester, Colin Plumb, DerekAtkins, Hal Finney, Peter Gutmann, et al.
I Problem 1: RSA patent
I Problem 2: IDEA patent
I Problem 3: Export restrictions
![Page 6: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/6.jpg)
Past Present Future
PGP-2 and the year was 1991
I First public available crypto tool by Phil Zimmermann.
I Heavily improved by Branko Lankester, Colin Plumb, DerekAtkins, Hal Finney, Peter Gutmann, et al.
I Problem 1: RSA patent
I Problem 2: IDEA patent
I Problem 3: Export restrictions
![Page 7: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/7.jpg)
Past Present Future
PGP-2 and the year was 1991
I First public available crypto tool by Phil Zimmermann.
I Heavily improved by Branko Lankester, Colin Plumb, DerekAtkins, Hal Finney, Peter Gutmann, et al.
I Problem 1: RSA patent
I Problem 2: IDEA patent
I Problem 3: Export restrictions
![Page 8: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/8.jpg)
Past Present Future
PGP-5 and OpenPGP
I 1996: PGP Inc founded
I Spring 1997: DH patent expired, PGP-5 released
I Autumn 1997: OpenPGP WG chartered
I Spring 1998: PGP Inc bought by NAI (ceased support in 2002)
I Autumn 1998: RFC-2440 published
I Autumn 2007: RFC-4880 published
![Page 9: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/9.jpg)
Past Present Future
IN Kongreÿ 1997
Vorträge des Kongreß 97des Individual Network e.V.27. und 28. September 1997
Samstag, 27. September 1997
Zeit Security New Technologies
9:00-9:30Heiko Schlichting
Keynote
9:30-10:30Norbert Pohlmann
Firewall-TechnologienWerner Almesberger
ATM und Linux
10:30-11:30T. Zieschang
Security und ChipcardsDave S. MillerLinux on Sparc
11:30-12:30M. Klische, DCS AG
BiometrischePersonenidentifikation
Stephen R. van den BergSPAM, procmail, cucipop
12:30-13:30 Mittagessen
13:30-14:30Andreas BäßStatus DPN
Bruce Perens, Pixar Inc.Debian GNU/Linux
14:30-15:30Arttu Huhtiniemi, SolidTech
Database and JAVAXlink
15:30-16:00 Pause
16:00-17:00Gerhard Unger
Secure ComputingBettina Kauth, DFN-NOC
Status des B-WiN
17:00-18:00Richard Stallman
GNU Current Projects, Ethico-Political issues of free software
20:00-offenBuffet
Geselliger Abend
Sonntag, 28. September 1997
Zeit Security New Technologies
9:30-10:30Jörg Ladwein
Security DynamicsJan Vekemans, Vasco
Internet-AcessKey
10:30-11:30Lutz Donnerhacke
CA+PGP-Keys
11:30-13:00 Brunch
13:00-14:00Thomas Hetschold, GMD
SecudeK. Schröter, DOCconnect AGDOCconnect, Med. Network
14:00-15:00Alan Cox
IPv6Progressive Networks
Live Video
15:00-16:00D. James Bidzos
Präsident der RSA Inc.
![Page 10: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/10.jpg)
Past Present Future
g10 / GnuPG
�Das Briefgeheimnis sowie das Post- und
Fernmeldegeheimnis sind unverletzlich. Beschränkungen
dürfen nur auf Grund eines Gesetzes angeordnet werden.�
I PGP-5 was non-free
even PGP-2 not DFSG compatible
I December 1997: g10 as free PGP-2 replacement
No patented algorithmsDesigned as Unix tool
I Spring 1998: Name now GnuPG, protocol now OpenPGP.
![Page 11: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/11.jpg)
Past Present Future
g10 / GnuPG
�Das Briefgeheimnis sowie das Post- und
Fernmeldegeheimnis sind unverletzlich. Beschränkungen
dürfen nur auf Grund eines Gesetzes angeordnet werden.�
I PGP-5 was non-free
even PGP-2 not DFSG compatible
I December 1997: g10 as free PGP-2 replacement
No patented algorithmsDesigned as Unix tool
I Spring 1998: Name now GnuPG, protocol now OpenPGP.
![Page 12: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/12.jpg)
Past Present Future
g10 / GnuPG
�Das Briefgeheimnis sowie das Post- und
Fernmeldegeheimnis sind unverletzlich. Beschränkungen
dürfen nur auf Grund eines Gesetzes angeordnet werden.�
I PGP-5 was non-free
even PGP-2 not DFSG compatible
I December 1997: g10 as free PGP-2 replacement
No patented algorithmsDesigned as Unix tool
I Spring 1998: Name now GnuPG, protocol now OpenPGP.
![Page 13: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/13.jpg)
Past Present Future
Algorithm selection
I Initial version
Elgamal simply replaced RSA (sign+encrypt)Blow�sh as symmetric cipherIDEA as plugin for PGP-2 compatibility in some countries.
I OpenPGP introduced subkeys
DSA for signatures, Elgamal for encryption.3DES and CAST5 for symmetric cipher.RSA added in September 2000
I GnuPG and PGP-{5,6,7}
Worked with Hal Finney and Jon CallasInformal interop testingsTesting of new features
![Page 14: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/14.jpg)
Past Present Future
Algorithm selection
I Initial version
Elgamal simply replaced RSA (sign+encrypt)Blow�sh as symmetric cipherIDEA as plugin for PGP-2 compatibility in some countries.
I OpenPGP introduced subkeys
DSA for signatures, Elgamal for encryption.3DES and CAST5 for symmetric cipher.RSA added in September 2000
I GnuPG and PGP-{5,6,7}
Worked with Hal Finney and Jon CallasInformal interop testingsTesting of new features
![Page 15: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/15.jpg)
Past Present Future
GnuPG-2
I g10code founded in 2001
I Bid accepted to implement S/MIME
I . . . birth of GnuPG-2 (2003)
modularizedseparated crypto librarylibrary (gpgme)
![Page 16: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/16.jpg)
Past Present Future
GnuPG-2
I g10code founded in 2001
I Bid accepted to implement S/MIME
I . . . birth of GnuPG-2 (2003)
modularizedseparated crypto librarylibrary (gpgme)
![Page 17: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/17.jpg)
Past Present Future
GnuPG-2
I g10code founded in 2001
I Bid accepted to implement S/MIME
I . . . birth of GnuPG-2 (2003)
modularizedseparated crypto librarylibrary (gpgme)
![Page 18: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/18.jpg)
Past Present Future
GnuPG in Debian
g10 (0.2.7-1) unstable; urgency=low
* Initial release.
-- James Troup <jjtroup@...> Fri, 20 Feb 1998
I gpgv written in 2000 to prepare for signed packages
I 4 years later integrated into apt
I GnuPG-2 packaged in 2004
![Page 19: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/19.jpg)
Past Present Future
GnuPG in Debian
g10 (0.2.7-1) unstable; urgency=low
* Initial release.
-- James Troup <jjtroup@...> Fri, 20 Feb 1998
I gpgv written in 2000 to prepare for signed packages
I 4 years later integrated into apt
I GnuPG-2 packaged in 2004
![Page 20: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/20.jpg)
Past Present Future
GnuPG in Debian
g10 (0.2.7-1) unstable; urgency=low
* Initial release.
-- James Troup <jjtroup@...> Fri, 20 Feb 1998
I gpgv written in 2000 to prepare for signed packages
I 4 years later integrated into apt
I GnuPG-2 packaged in 2004
![Page 21: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/21.jpg)
Past Present Future
GnuPG in Debian
g10 (0.2.7-1) unstable; urgency=low
* Initial release.
-- James Troup <jjtroup@...> Fri, 20 Feb 1998
I gpgv written in 2000 to prepare for signed packages
I 4 years later integrated into apt
I GnuPG-2 packaged in 2004
![Page 22: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/22.jpg)
Past Present Future
Port to Windows
I Experimental port to Windows in 1998
I Final port to Windows in 2000
Thanks to grant from the German government
I Gpg4win published in 2006
I GnuPG-2 was not designed to be ported
. . . but we did it anyway
I Surprising number of Gpg4win users
![Page 23: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/23.jpg)
Past Present Future
Port to Windows
I Experimental port to Windows in 1998
I Final port to Windows in 2000
Thanks to grant from the German government
I Gpg4win published in 2006
I GnuPG-2 was not designed to be ported
. . . but we did it anyway
I Surprising number of Gpg4win users
![Page 24: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/24.jpg)
Past Present Future
Port to Windows
I Experimental port to Windows in 1998
I Final port to Windows in 2000
Thanks to grant from the German government
I Gpg4win published in 2006
I GnuPG-2 was not designed to be ported
. . . but we did it anyway
I Surprising number of Gpg4win users
![Page 25: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/25.jpg)
Past Present Future
Port to Windows
I Experimental port to Windows in 1998
I Final port to Windows in 2000
Thanks to grant from the German government
I Gpg4win published in 2006
I GnuPG-2 was not designed to be ported
. . . but we did it anyway
I Surprising number of Gpg4win users
![Page 26: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/26.jpg)
Past Present Future
Port to Windows
I Experimental port to Windows in 1998
I Final port to Windows in 2000
Thanks to grant from the German government
I Gpg4win published in 2006
I GnuPG-2 was not designed to be ported
. . . but we did it anyway
I Surprising number of Gpg4win users
![Page 27: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/27.jpg)
Past Present Future
Outline
Past
Present
Future
![Page 28: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/28.jpg)
Past Present Future
Branches
I Version 2.1 (�modern�)
Released November 2014Fixing remaining bugsAdding last featuresIn experimental
I Version 2.0 (�stable�)
Just maintained.Minor changes to help migration to 2.1.
I Version 1.4 (�classic�)
Supported to help with old data and keys.Keeping PGP-2 support.Minor changes to help migration to 2.1.
![Page 29: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/29.jpg)
Past Present Future
Branches
I Version 2.1 (�modern�)
Released November 2014Fixing remaining bugsAdding last featuresIn experimental
I Version 2.0 (�stable�)
Just maintained.Minor changes to help migration to 2.1.
I Version 1.4 (�classic�)
Supported to help with old data and keys.Keeping PGP-2 support.Minor changes to help migration to 2.1.
![Page 30: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/30.jpg)
Past Present Future
Branches
I Version 2.1 (�modern�)
Released November 2014Fixing remaining bugsAdding last featuresIn experimental
I Version 2.0 (�stable�)
Just maintained.Minor changes to help migration to 2.1.
I Version 1.4 (�classic�)
Supported to help with old data and keys.Keeping PGP-2 support.Minor changes to help migration to 2.1.
![Page 31: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/31.jpg)
Past Present Future
OpenPGP WG timeline
Mar 2008 Concluded after RFC-4880
Jun 2015 WG re-chartered
Sep 2015 WG (rough) consensus on updates to RFC-4880.
Feb 2016 First WG I-D for RFC-4880bis
Jul 2016 RFC-4880bis WG I-D �nal call
![Page 32: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/32.jpg)
Past Present Future
OpenPGP WG timeline
Mar 2008 Concluded after RFC-4880
Jun 2015 WG re-chartered
Sep 2015 WG (rough) consensus on updates to RFC-4880.
Feb 2016 First WG I-D for RFC-4880bis
Jul 2016 RFC-4880bis WG I-D �nal call
![Page 33: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/33.jpg)
Past Present Future
OpenPGP WG timeline
Mar 2008 Concluded after RFC-4880
Jun 2015 WG re-chartered
Sep 2015 WG (rough) consensus on updates to RFC-4880.
Feb 2016 First WG I-D for RFC-4880bis
Jul 2016 RFC-4880bis WG I-D �nal call
![Page 34: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/34.jpg)
Past Present Future
OpenPGP WG timeline
Mar 2008 Concluded after RFC-4880
Jun 2015 WG re-chartered
Sep 2015 WG (rough) consensus on updates to RFC-4880.
Feb 2016 First WG I-D for RFC-4880bis
Jul 2016 RFC-4880bis WG I-D �nal call
![Page 35: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/35.jpg)
Past Present Future
OpenPGP WG timeline
Mar 2008 Concluded after RFC-4880
Jun 2015 WG re-chartered
Sep 2015 WG (rough) consensus on updates to RFC-4880.
Feb 2016 First WG I-D for RFC-4880bis
Jul 2016 RFC-4880bis WG I-D �nal call
![Page 36: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/36.jpg)
Past Present Future
RFC-4880bis goals
I Potential inclusion of curves recommended by the CryptoForum Research Group (CFRG)
I A symmetric encryption mechanism that o�ers modernmessage integrity protection (AEAD)
I Revision of mandatory-to-implement algorithms anddeprecation of weak algorithms
I An updated public-key �ngerprint mechanism
![Page 37: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/37.jpg)
Past Present Future
Elliptic curve cryptography
I RFC-6637 speci�es ECC for OpenPGP.
NIST curves,but allows other curves (e.g. Brainpool).
I 2.1 implements this since 2011.
I NIST curves are somewhat suspect.
I We want curves with better repudiation:
ECDH with Curve25519,EdDSA using Ed25519,Maybe CFRG suggested curves
![Page 38: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/38.jpg)
Past Present Future
Elliptic curve cryptography
I RFC-6637 speci�es ECC for OpenPGP.
NIST curves,but allows other curves (e.g. Brainpool).
I 2.1 implements this since 2011.
I NIST curves are somewhat suspect.
I We want curves with better repudiation:
ECDH with Curve25519,EdDSA using Ed25519,Maybe CFRG suggested curves
![Page 39: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/39.jpg)
Past Present Future
Elliptic curve cryptography
I RFC-6637 speci�es ECC for OpenPGP.
NIST curves,but allows other curves (e.g. Brainpool).
I 2.1 implements this since 2011.
I NIST curves are somewhat suspect.
I We want curves with better repudiation:
ECDH with Curve25519,EdDSA using Ed25519,Maybe CFRG suggested curves
![Page 40: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/40.jpg)
Past Present Future
Elliptic curve cryptography
I RFC-6637 speci�es ECC for OpenPGP.
NIST curves,but allows other curves (e.g. Brainpool).
I 2.1 implements this since 2011.
I NIST curves are somewhat suspect.
I We want curves with better repudiation:
ECDH with Curve25519,EdDSA using Ed25519,Maybe CFRG suggested curves
![Page 41: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/41.jpg)
Past Present Future
Feature: Remote use
Exposed
box
Safe
box
I We use ssh's socket forwarding to
run gpg-agent on the "safe" boxrun gpg on an "exposed" box (server)
I See --extra-socket, --browser-socket.
![Page 42: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/42.jpg)
Past Present Future
Feature: Remote use
Exposed
box
Safe
box
I We use ssh's socket forwarding to
run gpg-agent on the "safe" boxrun gpg on an "exposed" box (server)
I See --extra-socket, --browser-socket.
![Page 43: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/43.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 44: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/44.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 45: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/45.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 46: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/46.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 47: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/47.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 48: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/48.jpg)
Past Present Future
Donations
I 5000 USD/month from the Linux Foundation for 2015
I ProPublica article in February . . .
I we received ~300 KEUR in donations
IndividualCorporate (Stripe, FB)
I No donation campaign right now
Tax issuesTurning g10code into a non-pro�t
I We are lucky � other projects still su�er.
![Page 49: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/49.jpg)
Past Present Future
How we spend the donations
I Neal Wal�eld as second full time developer
I Yutaka Niibe does contractual work (e.g. smartcards, ECC)
I Kai Michaelis helps with Enigmail part time
I Me :-)
![Page 50: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/50.jpg)
Past Present Future
How we spend the donations
I Neal Wal�eld as second full time developer
I Yutaka Niibe does contractual work (e.g. smartcards, ECC)
I Kai Michaelis helps with Enigmail part time
I Me :-)
![Page 51: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/51.jpg)
Past Present Future
How we spend the donations
I Neal Wal�eld as second full time developer
I Yutaka Niibe does contractual work (e.g. smartcards, ECC)
I Kai Michaelis helps with Enigmail part time
I Me :-)
![Page 52: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/52.jpg)
Past Present Future
How we spend the donations
I Neal Wal�eld as second full time developer
I Yutaka Niibe does contractual work (e.g. smartcards, ECC)
I Kai Michaelis helps with Enigmail part time
I Me :-)
![Page 53: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/53.jpg)
Past Present Future
Special thanks
I David Shaw
I Marcus Brinkmann
I Jussi Kivilinna
I Andre Heinecke
I Debian folks:
Andreas MetzlerDaniel Kahn GilmorDaniel LeidertEric DorlandJames TroupMatthias UrlichsThijs Kinkhorst
I Bug reporters, reviewers, testers, donors, . . .
![Page 54: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/54.jpg)
Past Present Future
Outline
Past
Present
Future
![Page 55: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/55.jpg)
Past Present Future
Vision
I Thanks to Snowden, new demand for encryption
I Gpg and Web-of-Trust are too hard
Keysigning parties are for geeks
I New default focus:
Mass surveillance (not targetted)Easy to use
I Still supporting targetted users
Question of default options
![Page 56: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/56.jpg)
Past Present Future
Vision
I Thanks to Snowden, new demand for encryption
I Gpg and Web-of-Trust are too hard
Keysigning parties are for geeks
I New default focus:
Mass surveillance (not targetted)Easy to use
I Still supporting targetted users
Question of default options
![Page 57: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/57.jpg)
Past Present Future
Support for TOR and GNUnet
I All network access via a separate module
I New option --enable-tor to route everything over TOR
challenge: We need a tori�ed resolver
I GNU Naming System (GNS).
![Page 58: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/58.jpg)
Past Present Future
Support for TOR and GNUnet
I All network access via a separate module
I New option --enable-tor to route everything over TOR
challenge: We need a tori�ed resolver
I GNU Naming System (GNS).
![Page 59: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/59.jpg)
Past Present Future
Support for TOR and GNUnet
I All network access via a separate module
I New option --enable-tor to route everything over TOR
challenge: We need a tori�ed resolver
I GNU Naming System (GNS).
![Page 60: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/60.jpg)
Past Present Future
Tofu
De�nition
Trust On First Use: Secure Shell's trust model
I There is a detailed plan for a TOFU design
I Will be available in 2.2
I Will eventually be the default trust model
![Page 61: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/61.jpg)
Past Present Future
Tofu
De�nition
Trust On First Use: Secure Shell's trust model
I There is a detailed plan for a TOFU design
I Will be available in 2.2
I Will eventually be the default trust model
![Page 62: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/62.jpg)
Past Present Future
Tofu
De�nition
Trust On First Use: Secure Shell's trust model
I There is a detailed plan for a TOFU design
I Will be available in 2.2
I Will eventually be the default trust model
![Page 63: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/63.jpg)
Past Present Future
Tofu
De�nition
Trust On First Use: Secure Shell's trust model
I There is a detailed plan for a TOFU design
I Will be available in 2.2
I Will eventually be the default trust model
![Page 64: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/64.jpg)
Past Present Future
GPGME
GPGME is a library to access gpg, gpgsm, and gpg-agent.
Planned features:
I Better integrated language bindings
I Support for new gpg features
I Run gpg as a co-process
signature veri�cationdecryption
![Page 65: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/65.jpg)
Past Present Future
GPGME
GPGME is a library to access gpg, gpgsm, and gpg-agent.
Planned features:
I Better integrated language bindings
I Support for new gpg features
I Run gpg as a co-process
signature veri�cationdecryption
![Page 66: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/66.jpg)
Past Present Future
GnuPG release scheduling
I 1.4 releases as needed
No ECC support, though.
I 2.0 will reach end-of-life in December 2017.
No backport of ECC or other RFC-4880bis stu�.
I 2.1 will be be replaced by 2.2 and declared as stable:
Release date: End of this year.Support for Curve25519 encryption.Support for some proposed RFC-4880bis features.ECC key generation needs --expert temporarily.
I 2.3 for RFC-4880bis development
Certain features will be backported to 2.2
![Page 67: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/67.jpg)
Past Present Future
GnuPG release scheduling
I 1.4 releases as needed
No ECC support, though.
I 2.0 will reach end-of-life in December 2017.
No backport of ECC or other RFC-4880bis stu�.
I 2.1 will be be replaced by 2.2 and declared as stable:
Release date: End of this year.Support for Curve25519 encryption.Support for some proposed RFC-4880bis features.ECC key generation needs --expert temporarily.
I 2.3 for RFC-4880bis development
Certain features will be backported to 2.2
![Page 68: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/68.jpg)
Past Present Future
GnuPG release scheduling
I 1.4 releases as needed
No ECC support, though.
I 2.0 will reach end-of-life in December 2017.
No backport of ECC or other RFC-4880bis stu�.
I 2.1 will be be replaced by 2.2 and declared as stable:
Release date: End of this year.Support for Curve25519 encryption.Support for some proposed RFC-4880bis features.ECC key generation needs --expert temporarily.
I 2.3 for RFC-4880bis development
Certain features will be backported to 2.2
![Page 69: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/69.jpg)
Past Present Future
GnuPG release scheduling
I 1.4 releases as needed
No ECC support, though.
I 2.0 will reach end-of-life in December 2017.
No backport of ECC or other RFC-4880bis stu�.
I 2.1 will be be replaced by 2.2 and declared as stable:
Release date: End of this year.Support for Curve25519 encryption.Support for some proposed RFC-4880bis features.ECC key generation needs --expert temporarily.
I 2.3 for RFC-4880bis development
Certain features will be backported to 2.2
![Page 70: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/70.jpg)
Past Present Future
Summary
I 2.1/2.2 will soon be the standard version.
I Solid development team.
I Making mass surveillance expensive.
Thanks for attending.
Slides are© 2015 The GnuPG Project, CC BY-SA 4.0.
https://gnupg.org/ftp/blurbs/debconf15_gnupg-past-present-future.org
![Page 71: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/71.jpg)
Past Present Future
Summary
I 2.1/2.2 will soon be the standard version.
I Solid development team.
I Making mass surveillance expensive.
Thanks for attending.
Slides are© 2015 The GnuPG Project, CC BY-SA 4.0.
https://gnupg.org/ftp/blurbs/debconf15_gnupg-past-present-future.org
![Page 72: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/72.jpg)
Past Present Future
Summary
I 2.1/2.2 will soon be the standard version.
I Solid development team.
I Making mass surveillance expensive.
Thanks for attending.
Slides are© 2015 The GnuPG Project, CC BY-SA 4.0.
https://gnupg.org/ftp/blurbs/debconf15_gnupg-past-present-future.org
![Page 73: GnuPG: Past, Present, and Future · PastPresent Future Branches I Version 2.1 ( modern ) Released November 2014 Fixing remaining bugs Adding last features In experimental I Version](https://reader035.fdocuments.in/reader035/viewer/2022070806/5f04b9657e708231d40f63a0/html5/thumbnails/73.jpg)
Past Present Future
Summary
I 2.1/2.2 will soon be the standard version.
I Solid development team.
I Making mass surveillance expensive.
Thanks for attending.
Slides are© 2015 The GnuPG Project, CC BY-SA 4.0.
https://gnupg.org/ftp/blurbs/debconf15_gnupg-past-present-future.org