PGP- The Encoder And Decoder Of Virtual Information
Posted: Oct 21, 2015
PGP refers to Pretty Good Privacy and was considered an enormous advancement in maintaining the privacy of messages. It was developed in 1991 by Phil Zimmerman and was bought by Symantec in 2010. As data is encoded or encrypted in order to allow permissions to only authorised personnel to view, PGP is basically a data encryption and decryption program.
Role of PGP in sending and reading text messages-
- PGP first compresses the plaintext message, saving transmission time and strengthening the cryptography security.
- It then creates a one-time-only secret key or the session key. This key is a random generation from the unique movements of the users’ mouse and the keystrokes as they type the message. This session key functions with a very secure PGP encryption algorithm to encrypt the compressed text.
- After the text is compressed and encoded with the session key, the session key is then encrypted to the recipient’s public key. In public-key encryption, the encryption key is published for anyone to use and encode messages. However, only the receiving party has access and permits to the decryption key, as this public key encrypted Session Key is transmitted along with the compressed and encrypted message to the recipient.
- When the message is received by the recipient their PGP uses their private key(unknown publicly) to decode or decrypt the temporary session key, which PGP then uses to decrypt and decompress the encrypted message so it can be read as a text message.
Since encrypting an entire message can be lengthy and time taking, PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the receiver who first uses the receiver's private key to decrypt the short key and then uses that key to decrypt the message.
Available for use in two public key versions, PGP can be of the following types-
1. Rivest-Shamir-Adleman (RSA)version
The RSA version uses the IDEA algorithm to generate a short key and RSA to encrypt it. For this PGP pays a certain amount of license fee to RSA.
2. Diffie-Hellman version
The Diffie-Hellman version uses the CAST algorithm for the short key to encrypt the message and the Diffie-Hellman algorithm to encrypt it.
PGP used in signing
When sending digital signatures, PGP utilises an efficient algorithm that generates a hash code (a mathematical summary) from the user’s name and other gathered signature information. This hash code is then encoded with the sender's private key. The receiver receives the sender’s public key and uses the key to decode the hash code. If the hash code is found same as that sent as the digital signature for the message, the receiver is sure of the secure arrival of the message.
Many corporations, online, work to encrypt phones and devices by utilising PGP encryption. This helps in the protection of valuable and sensitive business data which can be outsourced from an individual’s phone otherwise. Thus, it minimizes risks of data theft and secures information.
PGPSecure providing innovative technical solutions to our customers with encrypted BlackBerry devices.