Pretty Good Privacy a digital data encryption program Created by Phil Zimmerman Presented by Netiva Caftori
A word about PGPone of the strongest encryption tools available • Encryption is the process whereby codes are used to attempt to conceal the meaning of a message • Cryptography is the science of writing messages in secret codes . It is about the right to privacy, freedom of speech, freedom of political association, freedom of the press, freedom from unreasonable search and seizure, freedom to be left alone • to promote awareness of the privacy issue in a digital age
PGP is the culmination of a long history of cryptographic discoveries. PGP uses public and private Key encryption you'll share your Public Key with anyone you wish Your Public Key is used to encrypt a message you'll guard your Private Key secret The Private Key is used to decrypt data that have been encrypted using your Public Key. Where did PGP come fromandhow does it work?
Public and Private Key encryption • the message encrypted using your Public Key can only be decrypted by you, the owner of the corresponding Private Key • encryption solves 1of 2 major problems with older methods, namely that you had to somehow share the key with anyone you wanted to be able to read (decrypt) your secret message
The second major problem with older methods • Unlike earlier encryption methods, the security of PGP encryption lies entirely with the key. • It is PGP's selection of the complex keys used to do an encryption that makes it next to impossible to crack.
Thousands years use DES Fast Keys shared between usually only 2 people 128 bit No non-repudiation (need 3rd party as witness) Less than 50 years RSA Slow Private: concealed Public: widely shared 1,024 Nonrepudiation: Can’t deny having sent a message Key attributes ofSecret keyvs. Public key
Symmetric encryption Asymmetric encryption Plaintext Cyphertext Cryptanalyst Fi(n)=# positive integers <n relatively prime to n DES=Data Encryption Standard NSA=National Security Agency Authentication Man-in-the-middle Trapdoors Key escrow Brute force attack Vocabulary, definitions, and acronyms
Public key encryption systems • 1976: Diffie and Hellman • Merkle-Hellman Knapsacks • 1978: Rivest-Shamir-Adelman (RSA) • 1984: El gamal and digital signature • Hash algorithm
RSA Encryptionoperates with arithmetic mod n • e=encryption key; d=decryption key • P=plaintext---> Pe mod n =cyphertext • (Pe)d mod n = P recovered plaintext • Encryption and decryption are mutual inverses and commutative • Select large n=pq p & q prime • Choose e relatively prime to (p-1)(q-1) • Select d so e*d=1 mod (p-1)(q-1) • Or e*d=1 mod fi(n) as fi(p)=p-1 for p prime • Euler-Fermat: x**fi(n)=1mod n for all x relatively prime to n
Public key cryptography is based on multiplicative inverses • Suppose message to encrypt is ABC • Translate to 23+69+14=106 • 106 is sent Since 23*22=1 mod 101 the recipient will multiply 106x22=2332=9 mod 101 And infer that the message is ABC since 9=1+3+5 • An interceptor will spend a long time figuring it out.
RSA vs. Knapsack • An error was discovered in the knapsack encryption by Shamir (from RSA), and is no longer used. • Modular inverse pairs are more used in RSA than in Knapsack. • RSA is the most widely used public key cryptographic system. • It bases its security on the difficulty of performing inverse calculations.
Pretty Good privacy • PGP is a remarkable phenomenon that provides confidentiality, authentication, and compression for email and data storage. • Its building blocks are made of the best available cryptographic algorithms: RSA, DSS, Diffie-Hellman. • It is independent of operating system and processor. • It has a small set of easy-to-use commands
Conclusions • Because PGP is freely available via the Internet, and has a fully compatible low-cost commercial version it is now widely used. • It has a wide range of applicability from corporations to individuals who wish to communicate worldwide securely over the Internet and other networks. • It is not controlled by any government which makes it attractive to many.