previous | start | next

PGP (Pretty Good Privacy)

The history of PGP is outside the scope of our unit, but is well documented. PGP is a free, "clean room" implementation of the original RSA public key cryptosystem, created with the honourable intention of facilitating encrypted email. It has become the most widely used public key software in the world.
 
PGP can operate in two modes: either encrypting a message where both authentication and secrecy are required, or simply signing a message if only authentication and message integrity are required.
 
PGP encryption is actually a hybrid symmetric/public key system. A new session key is created for each encryption, and is used to encrypt the document, using a standard algorithm such as IDEA. The session key is then encrypted with the recipient's public key, and the two items are rolled together into a single package. The receiver can use his private key to decrypt the session key, and thus recover the original message:
PGP normal encryption operation
This approach combines the best features of symmetric and public key encryption.
 
Lecture 18: Encryption #3 -- Practical Encryption Copyright © 2003 P.Scott, La Trobe University Bendigo.



previous | start | next