2021/06/08 An Introduction To PGP

An Introduction To PGP


Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. PGP was first introduced by Phil Zimmermann in 1991. PGP encryption uses a combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography. Each step uses one of several supported algorithms. Current versions of PGP encryption include options through an automated key management server.

The Web Of Trust

This is a feature of PGP styled encryption which to me makes it unique over other types of encryption. The Web Of Trust is as follows described by Zimmerman.

As time goes on, you will accumulate keys from other people that you may want to designate as trusted introduce-rs. Everyone else will each choose their own trusted introduce-rs. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.

While not widely used by PGP users, I urge you to use the WOT system implemented in PGP, as this allows users to be decentralized, peer checked, and disrupts bad-actors.

Components Of PGP

PGP is simplified and broke down into 4 sections which when added together makes it a very secure system. The Public Key, The Private Key, The Public PGP Fingerprint, and Trust Signatures.