Rejoining PGP Keys in Symantec Encryption Desktop (PGP Encryption Desktop) for Windows
search cancel

Rejoining PGP Keys in Symantec Encryption Desktop (PGP Encryption Desktop) for Windows

book

Article ID: 180243

calendar_today

Updated On:

Products

Desktop Email Encryption Drive Encryption Encryption Management Server Endpoint Encryption File Share Encryption Gateway Email Encryption PGP Command Line PGP Key Management Server PGP Key Mgmt Client Access and CLI API PGP SDK

Issue/Introduction

PGP Encryption Desktop (Symantec Encryption Desktop) has the ability to generate PGP keys for various purposes.  Some keys, such as Additional Decryption Keys, are highly sensitive and there is a need to ensure that not only one individual can use the key to decrypt content.  Splitting keys is the main idea behind this, so that in order to use the PGP Key Pair, more than one individual must be present to join the key for decryption.

This article will review how to Join a key that has been split up into 4 parts.

For more information on how to split the key, see the following article:

180242 - HOW TO: Split PGP Keys in Symantec Encryption Desktop 10.X for Windows

Resolution

WARNING:  Splitting keys is a one-time event and the shares can be rejoined only once.  If you split a key and rejoin the key, only the shares on the first split will work.  If you split a key for the second time, new shares (split a 2nd time) **must** be used.  Using shares from a previous splitting operation will not work. 
EPG-36076

For example, a key called "ADK Example Org" are split into 3 shares, "Share1-V1", "Share2-V1", and "Share3-V1".  Once these shares are used, they are to be considered no longer valid.  New shares must be created. 

A good way to know if shares have been used, is to keep your own internal records and track these for each rejoin operation.  It is highly recommended to record when these sensitive keys are rejoined, not only for auditing purposes, but to know when new shares need to be created and a new split completed. 

Taking a file hash of each share is also a good way to know which share goes to what split key.

For example, the "certutil" application can be used to derive the hash values for each of your split keys, such as the following example:

 

Note each of the values for the "SHA256" hash:

certutil -hashfile "User1 - 1 Share.shf" sha256
certutil -hashfile "User2 - 1 Share.shf" sha256
certutil -hashfile "User3 - 1 Share.shf" sha256
certutil -hashfile "User4 - 1 Share.shf" sha256
certutil -hashfile "User5 - 1 Share.shf" sha256

Each of these files can be recorded so that when you perform a join operation, you can note which HASH value is associated with the join.
The reason this is important is that the PGP Encryption Desktop client has no indication whether the share files are associated to a particular key. 

Also do this for your split key, which you can export into a .asc file and perform a hash operation on it:

 

certutil -hashfile ADKExample-split-key.asc sha256

 

Once you join a key, you will see the message below:

"The shared key has been rejoined. All old share files for this key are no longer valid".

Now you can make note in your records the hash values used, and that it was joined.  The shares can never be used again to re-join a key and are rendered unusable.

 

 

 

 

Once a key is split among multiple shareholders, attempting to sign or decrypt with it causes PGP Encryption Desktop to attempt to rejoin the key automatically. There are two ways to rejoin the key: locally and remotely

 

Locally:

Rejoining key shares locally requires the shareholders presence at the rejoining computer. Each shareholder is required to enter the passphrase for their key share.



 

  1. Import the saved split keypair to PGP Desktop.  In this example, we called the key "HighSecurityKey.asc":



  2. In this example, we are required to have 2 of the 4 Split Users to rejoin the key.  Contact these shareholders of the split key to rejoin key shares locally, the shareholders of the key must be present at the local system.
  3. To temporarily rejoin the key, at the rejoining computer, use Windows Explorer to select the file(s) that you want to sign or decrypt with the split key.


  4. Right-click on the file(s) and select Sign or Decrypt from the PGP shortcut menu. The PGP Enter Passphrase for Selected Key screen appears with the split key selected.
  5. Click OK to reconstitute the selected key. The Key Share Collection screen appears.



  6. To permanently rejoin the key, right-click the split key and select Key Properties from the menu displayed. In the Key Properties dialog box, click Join Key (this button is labeled Change Passphrase for keys that are not split):



  7. When collecting the key shares locally, click Select Share File and then locate the share files associated with the split key. The share files can be collected from the hard drive, a floppy disk, or a mounted drive. Continue with the next step.



  8. Click Confirm to accept the share file.
  9. Continue collecting key shares until the value for Total Shares Collected matches the value for Total Shares Needed on the Key Shares Collection screen.
  10. Click OK.
Note: If you elected to temporarily rejoin the key in order to decrypt or sign, the file is signed or decrypted with the split key and the rejoined key is discarded.

If you elected to permanently rejoin the key, the key is saved as a fully rejoined key (and is no longer split).


 

Remotely:

Rejoining key shares remotely requires the remote shareholders to authenticate and decrypt their keys before sending them over the network. The PGP Desktop Transport Layer Security (TLS) feature provides a secure link to transmit key shares, allowing multiple individuals in distant locations to securely sign or decrypt with their key share.

To collect key shares over the network, make sure the remote shareholders have PGP Encryption Desktop installed and are prepared to send their key share file. Remote shareholders must have:

 

  • their key share files and passwords
  • a keypair (for authentication to the computer that is collecting the key shares)
  • a network connection


 

  1. To temporarily rejoin the key, at the rejoining computer, use Windows Explorer to select the file(s) that you want to sign or decrypt with the split key.
  2. Right-click on the file(s) and select Sign or Decrypt from the PGP shortcut menu. The PGP Enter Passphrase for Selected Key screen appears with the split key selected.
  3. Click OK to reconstitute the selected key. The Key Share Collection screen appears.
  4. To permanently rejoin the key, right-click the split key and select Key Properties from the menu displayed. In the Key Properties dialog box, click Join Key (this button is labeled Change Passphrase for keys that are not split).
  5. When collecting key shares over the network, click Start Network. The remote user must start PGP Desktop and select Keys > Share Key > Send Key Share. This starts the process of selecting the share file, decrypting the share file, selecting an authorization key, unlocking the authorization key, and entering the hostname/IP address of the joining computer.
  6. In the Signing Key field, select the keypair that you want to use for authentication to the remote system and enter the passphrase.
  7. Click OK to prepare the computer to receive the key shares.

    The status of the transaction is displayed in the Network Shares box. When the status changes to Listening, the PGP application is ready to receive the key shares.

    At this time, the shareholders must send their key shares. When a share is received, the Remote Authentication dialog box appears.

    Caution: If you have not signed the key that is being used to authenticate the remote system, the key is considered invalid. Although you can rejoin the split key with an invalid authenticating key, it is not recommended. You should verify each shareholders fingerprint and sign each shareholders public key to ensure that the authenticating key is legitimate.

     
  8. Click Confirm to accept the share file.
  9. Continue collecting key shares until the value for Total Shares Collected matches the value for Total Shares Needed on the Key Shares Collection screen.
  10. Click OK.

 

 

Troubleshooting:
Key cannot be rejoined and receive the following error:

"The passphrase formed by the collected shares is not able to unlock the key."

 

Even if the dialog box accepts the passphrase for each share that was used to split, the split key cannot be rejoined more than once:

The above key was split and shared for User1, User2, User3, User4, and User5.

Now if the key was joined, but then split again, the shares will no longer work. 
For example, we will split ADKExample again and this time, the shares will be called:
User6, User7, User8, User9, and User10

 

 

Now we will attempt to join the key with the previous shared files, "User1, User2, and User3":

You can see that each share, the user entered the passphrase properly and was accepted. 
This does not indicate the join will work if the shares were for a previous split. 

In this case, the shares do not match, and the following shows up (because only User6 through User10 will work):

"The passphrase formed by the collected share is not able to unlock the key."

This is why it is important to take hashes of the files as well as a hash of the key that was split.

 

It is possible to export the split key into the .asc format and that key can be rejoined multiple times, but only when imported anew.

Important Note: Look for additional copies of your split key in .asc format and re-import into the PGP Encryption Desktop client.
These exported .asc files can still be unlocked with old shares, so be sure to try all your split keys you have previously exported!


For further guidance, reach out to Symantec Encryption Support

Additional Information

Powered by Wolken Software