PGP (Pretty Good Privacy)

Written by: Wing-tat Eddie, CHEUNG (9073242)


Introduction to PGP

††††††††††† Pretty Good(tm) Privacy (PGP), from Phil Zimmermann's Pretty Good Software, is a high security cryptographic software application for Windows, MS-DOS, Unix, and other computers.It combines some of the best features of both conventional and public key cryptography. With PGP encryption, even people have accessed to your e-mail, they will have no idea to its content.


Why do we need PGP?

It is important for all Internet users to understand that regular e-mail offers no privacy. Anyone that can intercept your e-mail, can alter your e-mail's content; and anyone can send e-mail that looks as if it was sent by you. Your Internet Service Provider (ISP) probably keeps a copy on its computer, copies of e-mail sent from a networked computer (such as at work or school) are probably kept behind, and all of the internet computers the e-mail goes through on its way to the recipient can keep a copy.  The administrators of all these computers can read your e-mail if they choose to, and they can send it to anyone they might want to.  Even the US government (and other governments) routinely intercepts e-mail and scans it for interesting words or phrases.

††††††††††† With the use of PGP, people are allowed to exchange files or messages with privacy, authentication, and convenience.


Conventional Cryptography VS Public Key Cryptography

Data that can be read and understood without any special measures is called plain text or clear text. The method of disguising plain text in such a way as to hide its substance is called encryption. The process of reverting encrypted information to its original plain text is called decryption.

Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. PGP combines some of the best features of conventional and public key cryptography.


Conventional Cryptography

In conventional cryptography, one key is used both for encryption and decryption. It is very fast and especially useful for encrypting data that is not going anywhere. However, if using conventional encryption as a measure for transmitting secure data can be quite expensive simply due to the difficulty of secure key distribution. It requires that both the recipient and sender must agree upon a key and keep it secret between them. If they are in different physical locations, they must find a secure communication medium to prevent the disclosure of the secret key during transmission. If anyone can get the key during transitions can later read, modify, and forge all information encrypted or authenticated with that key.

Since the problem with conventional encryption is key distribution, a different kind of cryptography are being introduced lately.


Public Key Cryptography

The problems of key distribution are solved by public key cryptography. Public key cryptography uses a pair of keys for encryption: a public key, which encrypts data, and a corresponding private, or secret key for decryption. Anyone with a copy of your public key can encrypt information that only you can read.

As a matter of fact, it is computationally infeasible to deduce the private key from the public key. Which means that people who have a public key can encrypt information but cannot decrypt it. Only the person who has the corresponding private key can decrypt the information.

The benefit of public key cryptography is that it allows people who have no secure communication medium are able to exchange messages securely. Only public key are distributed but no private key is ever transmitted or shared.


Mechanism of PGP

PGP is a combination of the best features of conventional and public key cryptography.

When applying PGP to plain text, plain text will first be compressed in order to strengthen cryptographic security. Since most cryptanalysis techniques take advantage of patterns found in the plain text to crack the cipher. Compression reduces these patterns and therefore greatly enhancing resistance to crypto analysis. PGP then creates a random generated secret session key (IDEA key). And this session key will work with a conventional encryption algorithm (usually RSA is used) to encrypt the plain text into a cipher text. Once the data is encrypted, the session key is then encrypted with the recipient's public key. This public key encrypted session key is attached to the cipher text and transmitted along to the recipient.

Decryption works in the reverse way. The recipientís copy of PGP will use his private key to recover the temporary session key, then PGP will uses it to decrypt the conventionally-encrypted cipher text.

Since conventional cryptography is about 1000 times faster than public key cryptography. And public key cryptography provides a solution to key distribution. Thus, with the use of PGP, performance and key distribution are improved without any sacrifice in security.


Digital Signature

How does the recipient of information know that it is send from the person specified? Luckily, public key cryptography provides a method for employing digital signatures. Public key digital signatures enable the recipient of information to verify the authenticity of the information's origin, and also verify that the information is unbroken. Besides, it prevents the sender from claiming that he or she did not actually send the information.

A digital signature serves the same purpose as a handwritten signature. It is impossible to fake, plus it attests to the contents of the information as well as to the identity of the signer.

When user intended to use the digital signature, instead of encrypting information using someone else's public key, you encrypt it with your private key. If the information can be decrypted with your public key, then it must have originated with you.

However, this system is too slow for efficiently used. Since for both recipient and sender have to use public key and private to decrypt and encrypt the whole piece of information again. Besides, a large amount of extra data will be created. Therefore, a one-way hash function is being introduced to improve the efficiency of digital signature.


One-way Hash functions

PGP uses a cryptographically strong hash function on the plain text the user is signing. This generates a fixed-length data item known as a message digest. Any change to the content of the data will generate a different output. Then PGP uses the digest and the private key to create the "signature." Afterwards, the signature and the plain text will be transmitted together. Upon receipt of the message, the recipient uses PGP to recompute the digest, thus verifying the signature. PGP can encrypt the plain text or not; signing plain text is useful if some of the recipients are not interested in or capable of verifying the signature.

Digital signatures play a major role in authenticating and validating other PGP users' keys.



Digitial Certificate

Besides the issue of authentication, users must be constantly alert to ensure that they are encrypting to the correct person's key. In an environment where it is safe to freely exchange keys via public servers, man-in-the-middle attacks are a potential threat. Someone may posts a false key with the name and user ID of the user's intended recipient. If the happens, data will then encrypted and send to the wrong hands.

Digital certificates can simplify the task of establishing whether a public key truly belongs to the supposed owner. A certificate is a form of credential. It contains some information that are able to identify you. A digital certificate consists of three things:

        A public key.

        Certificate information. ("Identity" information about the user, such as name, user ID, and so on.)

        One or more digital signatures.

The purpose of the digital signature on a certificate is to state thatthe certificate information has been attested by some other person or entity. In other words, a certificate is basically a public key with one or two forms of ID attached, plus a hearty stamp of approval from some other trusted individual.


PGP Trust Model

Validity is essential in a public key environment where you must constantly establish whether or not a particular certificate is authentic.

PGP uses digital signatures as its form of introduction. When any user signs another's key, he or she becomes an introducer of that key. As this process goes on, it establishes a web of trust. Which means that, any user can act as a certifying authority. Any PGP user can validate another PGP user's public key certificate. However, such a certificate is only valid to another user if the relying party recognizes the validator as a trusted introducer.

Stored on each user's public keyring indicates that

        Whether or not the user considers a particular key to be valid

        The level of trust the user places on the key that the key's owner can serve as certifier of others' keys

You indicate, on your copy of my key, whether you think my judgment counts. There are three levels of trust you can assign to someone else's public key:

        Complete trust

        Marginal trust

        Notrust (or Untrusted)

PGP requires one completely trusted signature or two Marginally trusted signatures to establish a key as valid. And two Marginals trust are equal to one complete trust.




The fact is, there is no known successful attack on PGP's encryption algorithms except when using relatively small public keys of about 512 bits or less, so even a 1024 bit public key appears completely secure at this time. Thus, PGP cryptography is a very reliable information security measure which can protect your privacy.










The Protection of Your Secret Key


PGP Questions and Answers


The Privacy Channel


Benjaminís PGP page


Mikeís Privacy PGP page