PRETTY GOOD PRIVACY

PGP Stands for pretty good Privacy (PGP) which is invented by Phil Zimmermann.

Some characteristics include:
 Uses the best available cryptographic algorithms as building blocks.

 Integrates these into a general-purpose algorithm that is processor-independent and easy to use.

 Package and documentation, including source code, are freely available on-line.

 PGP is now provided by Viacrypt in a compatible, low-cost commercial version.

PGP supplies FOUR basic services:

 Authentication

 Confidentiality

 Compression

 Email compatibility




PGP provides authentication through the use of Digital Signature.

It provides confidentiality through the use of symmetric block encryption.

It provides compression by using the ZIP algorithm, and EMAIL compatibility using the radix-64 encoding scheme.




AUTHENTICATION

 This is a digital signature function.

 Sender creates a message M.

 Sender generates a hash of M.

 Sender signs the hash using his private key and sends the result to the message.

 Receiver uses the sender’s public key to verify the signature and recover the hash code.


 Receiver generates a new hash code for M and compares it with the decrypted hash code.

CONFIDENTIALITY

 PGP provides encryption for messages sent or stored as files.

 Sender generates a message M and a random session key K.

 M is encrypted using key K.

 K is encrypted using the recipient’s public key, and prepended to the message.

 Receiver uses his private key to recover the session key.

 The session key is used to decrypt the message.

CONFIDENTIALITY & AUTHENTICATION

(a) Generic transmission diagram (from A)          (b) Generic reception diagram (to B)