Verifying the identity behind a PGP public key

by on

Your PGP keyring contains public keys that claim to represent someone you know. Getting those keys there is easy: using the keyserver network, they can be downloaded right from your PGP client! Lots of people publish their keys on their website as well. But how do you know for sure that a certain key really represents a certain person? I could create a public key using your name and e-mail address, nobody keeps me from doing that.

Signing public keys

The GPG software allows you to sign other public keys, similar to how you can sign messages or basically any kind of data. Signing a public key however, has a special meaning. You declare that that, according to you, the key you’ve signed is real and really represents the listed person or organisation.

There are four signature levels:

Note that this is the theory. The signature level names (indicated above) are listed in the GPG documentation. The explanation of these levels is unclear and usually very personal. People use them in different ways, and some even have a webpage explaining what their levels mean. And then there’s the huge group that only uses level 0 signatures. So in the end, they’re just a vague indication.

If you are able to verify the owner of a public key, sign their public key. Most graphical frontends for PGP have an easy way to do this, the command below signs a key using the command line:

$ gpg --sign-key <name>

But why are these signatures important?

Introducing the Web of Trust

You can’t know everyone, that’s just impossible. I am aware that some people claim to have thousands of friends on social networks, but seriously? However, the people that you know may overlap with the ones I know. What is the easiest solution when you need someone’s phone number but have no means to communicate? Ask a mutual friend! And that’s how the Web of Trust works.

Let’s say that you have a personal friend Alice and want to send an encrypted message to Bob. You met Bob on an online message board and don’t know him in person. You could ask Bob to verify the fingerprint of his public key, but someone might be tampering with the connection. It’s possible to verify the identity of an internet stranger without meeting him, but it’s pretty hard.

Fortunately Alice knows Bob in person, and we are able to verify Alice’s key as we can meet her. We could use encrypted and signed communication to ask Alice if the key we have for Bob is correct. But if Alice has signed Bob’s key, we don’t even have to talk to her! As we trust Alice and her signatures, we are assured that Bob’s key is correct.

You --> Alice --> Bob

The more keys you sign and the more people sign yours, the easier it becomes to identify the correct public keys for other people. So when you meet someone that uses PGP, attempt to sign each other’s keys. And never sign a key if you are not sure about the person’s identity. The strength of the web of trust is your responsibility.

Trust levels

Similar to signature levels, PGP also has a concept called trust levels. You can assign trust to keys in your keyring. This level indicates how much you trust a person’s ability to sign other keys.

There are 5 levels:

To modify the trust level of a key using the command line, edit keys in interactive mode and use the trust command:

$ gpg –edit-key <name>
trust

Combine these levels with the Web of Trust, and you have a way to select the correct public key for people around the world.

Keysigning parties

As you know by now, the strength of the web of trust depends on the number of signatures. Arranging to meet with people one by one takes a lot of time and may be costly, as transportation is not free. That’s why people organise keysigning parties. Don’t get your hopes up, they’re not as fun as they sound.

During these parties people verify each other’s keys. Some of these are pretty well organised and require you to register upfront, they then publish an easy to use list of participants and their fingerprints. Smaller parties may require you to bring printed fingerprints yourself. While it may get boring after a while, especially when there are a lot of participants, it’s a great time to talk to security-minded people too!

Local signing

Just a note.. In case you really want to sign a key that you can’t verify, use local signing. This works the same, but indicates that the signature shouldn’t be shared with others. Local signatures never leave your own keyring and thus don’t influence the Web of Trust.

$ gpg -lsign-key <name>