1 / 12

PGP (Pretty Good Privacy)

PGP (Pretty Good Privacy). Sheila Alston Old Dominion University November 2, 2005. What is PGP?. Secure mail protocol Performs encryption and integrity protection on files Original author – Phil Zimmerman Guerrilla Freeware Generates private key for you

tam
Télécharger la présentation

PGP (Pretty Good Privacy)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. PGP (Pretty Good Privacy) Sheila Alston Old Dominion University November 2, 2005

  2. What is PGP? • Secure mail protocol • Performs encryption and integrity protection on files • Original author – Phil Zimmerman • Guerrilla Freeware • Generates private key for you • Uses public key cryptography for personal keys

  3. How PGP Encryption Works • User encrypts plaintext using PGP • PGP compresses the plaintext • PGP creates a session key, which is a one-time secret key • The secret key works with the plaintext using a conventional encryption algorithm to encrypt the plaintext • The end result is ciphertext • Once data is encrypted the session key is encrypted to the recipient’s public key • Public key-encrypted session key is transmitted along with the encrypted data to the recipient

  4. How PGP Works

  5. How PGP Decryption Works • The recipient's copy of PGP uses their private key to recover the session key • PGP uses the recovered session key to decrypt the ciphertext • The combination of the two encryption methods combines the convenience of public key encryption with the speed of conventional encryption

  6. How PGP Decrypts

  7. Key Distribution • PGP uses public key cryptography for personal keys • Each user decides which keys to trust • PGP doesn’t require certificates. They are optional. • To send someone mail or to verify their signature, you need to know their public key • People publish their PGP fingerprints on their websites, business cards, in their books, etc.

  8. Private Key • PGP will generate a private key for you • You can specify the size of the key • It prompts you for a password • Password is converted into a IDEA key by doing MD5 message digest • IDEA key is used to encrypt the private key • Encryption is done with 64-bit CFB using a random IV which is stored with the encrypted private key

  9. Key Rings • PGP creates key rings • Key Rings are data structures that contain. pubic keys, information about people and certificates. • Key Rings can be used as a database of public keys. • There are three levels of trust in PGP: none, partial, or complete.

  10. Conclusion • PGP is used to perform encryption and decryption for mail and for integrity protection of files. • It is capable of accepting different types of formats:message formats and primitive object formats. • PGP is used to protect our privacy.

  11. References • “How PGP Works”, http://www.pgpi.org/doc/pgpintro/ • Network Security Private Communication in a Public World, Second Edition, Prentice Hall PTR • ftp://ftp.pgpi.org/pub/pgp/6.5/docs/english/IntroToCrypto.pdf • PGP Corporation - Home Page: http://www.pgp.com/

  12. Thank You

More Related