PGP (Pretty good Privacy) is the most recognized public key cryptography program in the world. It can be used to protect the privacy of email, data files, drives, and instant messages.
PGP changes plain text to code.
Internet traffic is susceptible to espionage by third parties with a minimum of expertise. Data packets can be captured and stored for years. Even mail servers often store messages indefinitely, which can be read now or in the future, sometimes long after the author has changed his or her point of view. Email, unlike a phone call or letter, is not legally protected as a private communication and therefore can be read by third parties, legal or not, without the author’s permission or knowledge. Many privacy watchdog groups advocate that if you’re not using encryption, don’t include anything in an email that you wouldn’t want to see posted. Ideally, this should also include personal information such as name, address, phone number, passwords, etc.
By creating a key pair in Pretty Good Privacy encryption systems, the public key can be sent to a public key server.
PGP encryption provides absent privacy of online communication. It transforms simple, readable text into a complex character code that is completely unreadable. The email or instant message goes to the destination or recipient in this encrypted form. The recipient uses PGP to decrypt the message and return it to a readable format. Whether you’re concerned about protecting privacy rights, a corporate whistleblower, or a citizen who just wants to chat with friends without letting people “hear,” PGP is the answer.
The simple yet ingenious method behind public key cryptography is based on creating a custom key pair. The key pair consists of a public key and a private key. The public key encrypts the messages, while the private key decrypts them.
Using PGP, Mr. Wise would generate a key pair by entering a real name or alias to associate with the keys and a password. Both keys are lock algorithms that appear as small snippets of text code. Mr. Wise can freely share the public key with anyone who wants to send it an encrypted message. For example, let’s say Mr. Wise gives her public key to Ms. Addict of hers. You can copy and paste it into an email and send it to her “open”.
Mrs. Geek receives the public key and copies it to her public keyring in PGP. After she writes Mr. Wise an email, the email is encrypted using the associated public key obtained from the key pool. An encrypted email has been sent. If someone captures the email en route, or even if it’s stored on a server, it will be unreadable.
When Mr. Wise receives the email, his private key decrypts the message. Thus, the communication remains private, even if it travels through public channels. Encryption and decryption can be done automatically as PGP interfaces seamlessly with most major email clients.
To send encrypted email to someone using PGP, you just need their public key. Each public key is unique and works with the associated private key as a key pair. If you encrypt a message with someone other than the recipient’s public key, the recipient will not be able to decrypt the message.
When creating a PGP key pair, you have the option of sending your public key to a public key server. This makes it possible for strangers to send you encrypted messages simply by looking for your public key. To prevent spam, you can choose to discreetly email your public key to carefully selected friends. Others attach their public key as part of their signature to public postings in newsgroups and web chat forums.
A PGP user can also use their private key to digitally sign outgoing mail so that the recipient knows that the mail originated from the designated sender. A third party would not have access to the private key, so the digital signature authenticates the sender.
Sensitive data files stored on your hard drive or removable media can also be protected with PGP. You can use your public key to encrypt the files and your private key to decrypt them. Some versions also allow the user to encrypt an entire disk. This is especially helpful for laptop users in case the laptop is lost or stolen.
The earliest versions of PGP were written by Philip Zimmermann and were first released to the public in 1991. The program is open source and has several different versions available with prevailing attitudes as to which is the best. Some versions are free for personal use, while more recent “official” incarnations offered through the PGP Corporation are shareware. As of PGP Personal Desktop v. 9.0, users are offered a fully functional free trial run before the software reverts to a version with fewer features, minus a purchased license. The less feature-rich version still allows for email encryption, but some of the automation is crippled.
Commercial versions of PGP are also available for use in multi-tenant network environments.
