Pretty Good Privacy
Encyclopedia
Pretty Good Privacy is a data encryption and decryption computer program
Computer program
A computer program is a sequence of instructions written to perform a specified task with a computer. A computer requires programs to function, typically executing the program's instructions in a central processor. The program has an executable form that the computer can use directly to execute...

 that provides cryptographic privacy
Privacy
Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively...

 and authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...

 for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security of e-mail communications. It was created by Phil Zimmermann
Phil Zimmermann
Philip R. "Phil" Zimmermann Jr. is the creator of Pretty Good Privacy , the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone....

 in 1991.

PGP and similar products follow the OpenPGP standard (RFC 4880) for encrypting and decrypting data
Data
The term data refers to qualitative or quantitative attributes of a variable or set of variables. Data are typically the results of measurements and can be the basis of graphs, images, or observations of a set of variables. Data are often viewed as the lowest level of abstraction from which...

.

How PGP encryption works

PGP encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...

 uses a serial combination of hashing
Cryptographic hash function
A cryptographic hash function is a deterministic procedure that takes an arbitrary block of data and returns a fixed-size bit string, the hash value, such that an accidental or intentional change to the data will change the hash value...

, data compression
Data compression
In computer science and information theory, data compression, source coding or bit-rate reduction is the process of encoding information using fewer bits than the original representation would use....

, symmetric-key cryptography, and, finally, public-key cryptography
Public-key cryptography
Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private...

; each step uses one of several supported algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...

s. Each public key is bound to a user name and/or an e-mail
E-mail
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the...

 address. The first version of this system was generally known as a web of trust
Web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure ,...

 to contrast with the X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...

 system which uses a hierarchical approach based on certificate authority
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...

 and which was added to PGP implementations later. Current versions of PGP encryption include both options through an automated key management server.

Compatibility

As PGP evolves, PGP systems that support newer features and algorithms are able to create encrypted messages that older PGP systems cannot decrypt, even with a valid private key. Thus, it is essential that partners in PGP communication understand each other's capabilities or at least agree on PGP settings.

Confidentiality

PGP can be used to send messages confidentially. For this, PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is also called a session key. The session key is protected by encrypting it with the receiver's public key thus ensuring that only the receiver can decrypt the session key. The encrypted message along with the encrypted session key is sent to the receiver.

Digital signatures

PGP supports message authentication and integrity checking. The latter is used to detect whether a message has been altered since it was completed (the message integrity property), and the former to determine whether it was actually sent by the person/entity claimed to be the sender (a digital signature
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...

). In PGP, these are used by default in conjunction with encryption, but can be applied to the plaintext
Plaintext
In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties....

 as well. The sender uses PGP to create a digital signature for the message with either the RSA or DSA
Digital Signature Algorithm
The Digital Signature Algorithm is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology in August 1991 for use in their Digital Signature Standard , specified in FIPS 186, adopted in 1993. A minor...

 signature algorithms. To do so, PGP computes a hash (also called a message digest) from the plaintext, and then creates the digital signature
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...

 from that hash using the sender's private key.

Web of trust

Both when encrypting messages and when verifying signatures, it is critical that the public key used to send messages to someone or some entity actually does 'belong' to the intended recipient. Simply downloading a public key from somewhere is not overwhelming assurance of that association; deliberate (or accidental) impersonation is possible. PGP has, from its first versions, always included provisions for distributing a user's public keys in an 'identity certificate' which is also constructed cryptographically so that any tampering (or accidental garble) is readily detectable. But merely making a certificate which is impossible to modify without being detected effectively is also insufficient. It can prevent corruption only after the certificate has been created, not before. Users must also ensure by some means that the public key in a certificate actually does belong to the person/entity claiming it. From its first release, PGP products have included an internal certificate 'vetting scheme' to assist with this; a trust model which has been called a web of trust
Web of trust
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure ,...

. A given public key (or more specifically, information binding a user name to a key) may be digitally signed by a third party user to attest to the association between someone (actually a user name) and the key. There are several levels of confidence which can be included in such signatures. Although many programs read and write this information, few (if any) include this level of certification when calculating whether to trust a key.

The web of trust protocol was first described by Zimmermann
Phil Zimmermann
Philip R. "Phil" Zimmermann Jr. is the creator of Pretty Good Privacy , the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone....

 in 1992 in the manual for PGP version 2.0:
The web of trust mechanism has advantages over a centrally managed public key infrastructure
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...

 scheme such as that used by S/MIME
S/MIME
S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. S/MIME was originally developed by RSA Data Security Inc...

 but has not been universally used. Users have been willing to accept certificates and check their validity manually or to simply accept them. No satisfactory solution has been found for the underlying problem.

Certificates

In the (more recent) OpenPGP specification, trust signatures can be used to support creation of certificate authorities
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...

. A trust signature indicates both that the key belongs to its claimed owner and that the owner of the key is trustworthy to sign other keys at one level below their own. A level 0 signature is comparable to a web of trust signature since only the validity of the key is certified. A level 1 signature is similar to the trust one has in a certificate authority because a key signed to level 1 is able to issue an unlimited number of level 0 signatures. A level 2 signature is highly analogous to the trust assumption users must rely on whenever they use the default certificate authority list (like those included in web browsers); it allows the owner of the key to make other keys certificate authorities.

PGP versions have always included a way to cancel ('revoke') identity certificates. A lost or compromised private key will require this if communication security is to be retained by that user. This is, more or less, equivalent to the certificate revocation list
Certificate revocation list
In the operation of some cryptosystems, usually public key infrastructures , a certificate revocation list is a list of certificates that have been revoked, and therefore should not be relied upon.-Revocation States:There are two different states of revocation defined in RFC 3280:* Revoked: A...

s of centralized PKI schemes. Recent PGP versions have also supported certificate expiration dates.

The problem of correctly identifying a public key as belonging to a particular user is not unique to PGP. All public key / private key cryptosystems have the same problem, if in slightly different guise, and no fully satisfactory solution is known. PGP's original scheme, at least, leaves the decision whether or not to use its endorsement/vetting system to the user, while most other PKI schemes do not, requiring instead that every certificate attested to by a central certificate authority
Certificate authority
In cryptography, a certificate authority, or certification authority, is an entity that issues digital certificates. The digital certificate certifies the ownership of a public key by the named subject of the certificate...

 be accepted as correct.

Security quality

To the best of publicly available information, there is no known method which will allow a person or group to break PGP encryption by cryptographic or computational means. Indeed, in 1996, cryptographer Bruce Schneier
Bruce Schneier
Bruce Schneier is an American cryptographer, computer security specialist, and writer. He is the author of several books on general security topics, computer security and cryptography, and is the founder and chief technology officer of BT Managed Security Solutions, formerly Counterpane Internet...

 characterized an early version as being "the closest you're likely to get to military-grade encryption." Early versions of PGP have been found to have theoretical vulnerabilities and so current versions are recommended. In addition to protecting data in transit over a network, PGP encryption can also be used to protect data in long-term data storage such as disk files. These long-term storage options are also known as data at rest, i.e. data stored, not in transit.

The cryptographic security of PGP encryption depends on the assumption that the algorithms used are unbreakable by direct cryptanalysis
Cryptanalysis
Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information that is normally required to do so. Typically, this involves knowing how the system works and finding a secret key...

 with current equipment and techniques. For instance, in the original version, the RSA algorithm was used to encrypt session keys; RSA's security depends upon the one-way function
One-way function
In computer science, a one-way function is a function that is easy to compute on every input, but hard to invert given the image of a random input. Here "easy" and "hard" are to be understood in the sense of computational complexity theory, specifically the theory of polynomial time problems...

 nature of mathematical integer factoring
Integer factorization
In number theory, integer factorization or prime factorization is the decomposition of a composite number into smaller non-trivial divisors, which when multiplied together equal the original integer....

. Likewise, the symmetric key algorithm used in PGP version 2 was IDEA
International Data Encryption Algorithm
In cryptography, the International Data Encryption Algorithm is a block cipher designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. As a block cipher, it is also symmetric. The algorithm was intended as a replacement for the Data Encryption Standard[DES]...

, which might, at some future time, be found to have a previously unsuspected cryptanalytic flaw. Specific instances of current PGP, or IDEA, insecurities—if they exist—are not publicly known. As current versions of PGP have added additional encryption algorithms, the degree of their cryptographic vulnerability varies with the algorithm used. In practice, each of the algorithms in current use is not publicly known to have cryptanalytic weaknesses.

New versions of PGP are released periodically and vulnerabilities that developers are aware of are progressively fixed. Any agency wanting to read PGP messages would probably use easier means than standard cryptanalysis, e.g. rubber-hose cryptanalysis
Rubber-hose cryptanalysis
In cryptography, rubber-hose cryptanalysis is the extraction of cryptographic secrets from a person by coercion or torture, in contrast to a mathematical or technical cryptanalytic attack....

 or black-bag cryptanalysis
Black-bag cryptanalysis
In cryptography, black-bag cryptanalysis is a euphemism for the acquisition of cryptographic secrets via burglary, or the covert installation of keystroke logging or trojan horse software/hardware on target computers or ancillary devices...

 i.e. installing some form of trojan horse
Trojan horse (computing)
A Trojan horse, or Trojan, is software that appears to perform a desirable function for the user prior to run or install, but steals information or harms the system. The term is derived from the Trojan Horse story in Greek mythology.-Malware:A destructive program that masquerades as a benign...

 or keystroke logging
Keystroke logging
Keystroke logging is the action of tracking the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored...

 software/hardware on the target computer to capture encrypted keyrings and their passwords. The FBI has already used this attack against PGP in its investigations. However, any such vulnerabilities apply not just to PGP, but to all encryption software.

In 2003, an incident involving seized Psion PDA
PDA
A PDA is most commonly a Personal digital assistant, also known as a Personal data assistant, a mobile electronic device.PDA may also refer to:In science, medicine and technology:...

s belonging to members of the Red Brigade indicated that neither the Italian police
Italian police
Law enforcement in Italy is provided by eight separate police forces, six of which are national groups in Italy.During 2005 in Italy, the number of active police officers from all agencies totaled 324,339, the highest number in the European Union both overall and per capita, twice the number of...

 nor the FBI were able to decrypt PGP-encrypted files stored on them.

A more recent incident in December 2006 (see United States v. Boucher
United States v. Boucher
In re Boucher, No. 2:06-mj-91, 2009 WL 424718, is a federal criminal case in Vermont, which was the first to address directly the question of whether a person can be compelled to reveal his or her encryption passphrase or password, despite the U.S. Constitution's Fifth Amendment protection against...

) involving US customs agents
United States Customs Service
Until March 2003, the United States Customs Service was an agency of the U.S. federal government that collected import tariffs and performed other selected border security duties.Before it was rolled into form part of the U.S...

 and a seized laptop PC which allegedly contained child pornography
Child pornography
Child pornography refers to images or films and, in some cases, writings depicting sexually explicit activities involving a child...

 indicates that US Government agencies find it "nearly impossible" to access PGP-encrypted files. Additionally, a judge ruling on the same case in November 2007 has stated that forcing the suspect to reveal his PGP passphrase would violate his Fifth Amendment
Fifth Amendment to the United States Constitution
The Fifth Amendment to the United States Constitution, which is part of the Bill of Rights, protects against abuse of government authority in a legal procedure. Its guarantees stem from English common law which traces back to the Magna Carta in 1215...

 rights i.e. a suspect's constitutional right not to incriminate himself. The Fifth Amendment issue has been opened again as the case was appealed and the federal judge again ordered the defendant to provide the key.

Evidence suggests that as of 2007, British police investigators are unable to break PGP, so instead have resorted to using RIPA
Regulation of Investigatory Powers Act 2000
The Regulation of Investigatory Powers Act 2000 is an Act of the Parliament of the United Kingdom, regulating the powers of public bodies to carry out surveillance and investigation, and covering the interception of communications...

 legislation to demand the passwords/keys. In November 2009 a British citizen was convicted under RIPA legislation and jailed for 9 months for refusing to provide police investigators with encryption keys to PGP-encrypted files.

Early history

Phil Zimmermann
Phil Zimmermann
Philip R. "Phil" Zimmermann Jr. is the creator of Pretty Good Privacy , the most widely used email encryption software in the world. He is also known for his work in VoIP encryption protocols, notably ZRTP and Zfone....

 created the first version of PGP encryption in 1991. The name, "Pretty Good Privacy", is humorously ironic and was inspired by the name of a grocery store, "Ralph's Pretty Good Grocery", featured in radio host Garrison Keillor
Garrison Keillor
Gary Edward "Garrison" Keillor is an American author, storyteller, humorist, and radio personality. He is known as host of the Minnesota Public Radio show A Prairie Home Companion Gary Edward "Garrison" Keillor (born August 7, 1942) is an American author, storyteller, humorist, and radio...

's fictional town, Lake Wobegon
Lake Wobegon
Lake Wobegon is a fictional town in the U.S. state of Minnesota, said to have been the boyhood home of Garrison Keillor, who reports the News from Lake Wobegon on the radio show A Prairie Home Companion....

. This first version included a symmetric-key algorithm
Symmetric-key algorithm
Symmetric-key algorithms are a class of algorithms for cryptography that use trivially related, often identical, cryptographic keys for both encryption of plaintext and decryption of ciphertext. The encryption key is trivially related to the decryption key, in that they may be identical or there is...

 that Zimmermann had designed himself, named BassOmatic
BassOmatic
In cryptography, BassOmatic was the symmetric-key cipher designed by Phil Zimmermann as part of his email encryption software, PGP . Comments in the source code indicate that he had been designing the cipher since as early as 1988, but it was not publicly released until 1991...

 after a Saturday Night Live
Saturday Night Live
Saturday Night Live is a live American late-night television sketch comedy and variety show developed by Lorne Michaels and Dick Ebersol. The show premiered on NBC on October 11, 1975, under the original title of NBC's Saturday Night.The show's sketches often parody contemporary American culture...

 sketch. Zimmermann had been a long-time anti-nuclear activist, and created PGP encryption so that similarly inclined people might securely use BBS
Bulletin board system
A Bulletin Board System, or BBS, is a computer system running software that allows users to connect and log in to the system using a terminal program. Once logged in, a user can perform functions such as uploading and downloading software and data, reading news and bulletins, and exchanging...

s and securely store messages and files. No license was required for its non-commercial use. There was not even a nominal charge, and the complete source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...

 was included with all copies.

In a posting of June 5, 2001, entitled "PGP Marks 10th Anniversary", Zimmermann describes the circumstances surrounding his release of PGP:
PGP found its way onto the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...

, and it very rapidly acquired a considerable following around the world. Users and supporters included dissidents in totalitarian countries (some affecting letters to Zimmermann have been published, and some have been included in testimony before the US Congress), civil libertarians in other parts of the world (see Zimmermann's published testimony in various hearings), and the 'free communications' activists who call themselves cypherpunk
Cypherpunk
A cypherpunk is an activist advocating widespread use of strong cryptography as a route to social and political change.Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography...

s (who provided both publicity and distribution).

Criminal investigation

Shortly after its release, PGP encryption found its way outside the United States
United States
The United States of America is a federal constitutional republic comprising fifty states and a federal district...

, and in February 1993 Zimmermann became the formal target of a criminal investigation by the US Government for "munitions
United States Munitions List
The United States Munitions List is a list of articles, services, and related technology designated as defense-related by the United States federal government. This designation is pursuant to sections 38 and 47 of the Arms Export Control Act...

 export without a license". Cryptosystems using keys larger than 40 bits were then considered munitions within the definition of the US export regulations; PGP has never used keys smaller than 128 bits so it qualified at that time. Penalties for violation, if found guilty, were substantial. After several years, the investigation of Zimmermann was closed without filing criminal charges against him or anyone else.

Zimmermann challenged these regulations in a curious way. He published the entire source code
Source code
In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...

 of PGP in a hardback book, via MIT Press
MIT Press
The MIT Press is a university press affiliated with the Massachusetts Institute of Technology in Cambridge, Massachusetts .-History:...

, which was distributed and sold widely. Anybody wishing to build their own copy of PGP could buy the $60 book, cut off the covers, separate the pages, and scan them using an OCR
Optical character recognition
Optical character recognition, usually abbreviated to OCR, is the mechanical or electronic translation of scanned images of handwritten, typewritten or printed text into machine-encoded text. It is widely used to convert books and documents into electronic files, to computerize a record-keeping...

 program, creating a set of source code text files. One could then build the application using the freely available GNU Compiler Collection
GNU Compiler Collection
The GNU Compiler Collection is a compiler system produced by the GNU Project supporting various programming languages. GCC is a key component of the GNU toolchain...

. PGP would thus be available anywhere in the world. The claimed principle was simple: export of munitions—guns, bombs, planes, and software—was (and remains) restricted; but the export of books is protected by the First Amendment
First Amendment to the United States Constitution
The First Amendment to the United States Constitution is part of the Bill of Rights. The amendment prohibits the making of any law respecting an establishment of religion, impeding the free exercise of religion, abridging the freedom of speech, infringing on the freedom of the press, interfering...

. The question was never tested in court with respect to PGP. In cases addressing other encryption software, however, two federal appeals courts have established the rule that cryptographic software source code is speech protected by the First Amendment (the Ninth Circuit Court of Appeals
United States Court of Appeals for the Ninth Circuit
The United States Court of Appeals for the Ninth Circuit is a U.S. federal court with appellate jurisdiction over the district courts in the following districts:* District of Alaska* District of Arizona...

 in the Bernstein case
Bernstein v. United States
Bernstein v. United States is a set of court cases brought by Daniel J. Bernstein challenging restrictions on the export of cryptography from the United States....

 and the Sixth Circuit Court of Appeals
United States Court of Appeals for the Sixth Circuit
The United States Court of Appeals for the Sixth Circuit is a federal court with appellate jurisdiction over the district courts in the following districts:* Eastern District of Kentucky* Western District of Kentucky...

 in the Junger case
Junger v. Daley
Junger v. Daley is a court case brought by Peter Junger challenging restrictions on the export of encryption software outside of the United States....

).

US export regulations regarding cryptography remain in force, but were liberalized substantially throughout the late 1990s. Since 2000, compliance with the regulations is also much easier. PGP encryption no longer meets the definition of a non-exportable weapon, and can be exported internationally except to 7 specific countries and a list of named groups and individuals (with whom substantially all US trade is prohibited under various US export controls).

PGP 3 and founding of PGP Inc.

During this turmoil, Zimmermann's team worked on a new version of PGP encryption called PGP 3. This new version was to have considerable security improvements, including a new certificate structure which fixed small security flaws in the PGP 2.x certificates as well as permitting a certificate to include separate keys for signing and encryption. Furthermore, the experience with patent and export problems led them to eschew patents entirely. PGP 3 introduced use of the CAST-128
CAST-128
in cryptography, CAST-128 is a block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Canadian government use by the Communications Security Establishment...

 (a.k.a. CAST5) symmetric key algorithm, and the DSA
Digital Signature Algorithm
The Digital Signature Algorithm is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology in August 1991 for use in their Digital Signature Standard , specified in FIPS 186, adopted in 1993. A minor...

 and ElGamal asymmetric key algorithms, all of which were unencumbered by patents.

After the Federal criminal investigation ended in 1996, Zimmermann and his team started a company to produce new versions of PGP encryption. They merged with Viacrypt (to whom Zimmermann had sold commercial rights and who had licensed RSA directly from RSADSI) which then changed its name to PGP Incorporated. The newly combined Viacrypt/PGP team started work on new versions of PGP encryption based on the PGP 3 system. Unlike PGP 2, which was an exclusively command line program, PGP 3 was designed from the start as a software library allowing users to work from a command line or inside a GUI
Gui
Gui or guee is a generic term to refer to grilled dishes in Korean cuisine. These most commonly have meat or fish as their primary ingredient, but may in some cases also comprise grilled vegetables or other vegetarian ingredients. The term derives from the verb, "gupda" in Korean, which literally...

 environment. The original agreement between Viacrypt and the Zimmermann team had been that Viacrypt would have even-numbered versions and Zimmermann odd-numbered versions. Viacrypt, thus, created a new version (based on PGP 2) that they called PGP 4. To remove confusion about how it could be that PGP 3 was the successor to PGP 4, PGP 3 was renamed and released as PGP 5 in May 1997.

OpenPGP

Inside PGP Inc., there was still concern about patent issues. RSADSI was challenging the continuation of the Viacrypt RSA license to the newly merged firm. The company adopted an informal internal standard called "Unencumbered PGP": "use no algorithm with licensing difficulties". Because of PGP encryption's importance worldwide (it is thought to be the most widely chosen quality cryptographic system), many wanted to write their own software that would interoperate with PGP 5. Zimmermann became convinced that an open standard for PGP encryption was critical for them and for the cryptographic community as a whole. In July 1997, PGP Inc. proposed to the IETF that there be a standard called OpenPGP. They gave the IETF permission to use the name OpenPGP to describe this new standard as well as any program that supported the standard. The IETF accepted the proposal and started the OpenPGP Working Group.

OpenPGP is on the Internet Standards Track
Internet standard
In computer network engineering, an Internet Standard is a normative specification of a technology or methodology applicable to the Internet. Internet Standards are created and published by the Internet Engineering Task Force .-Overview:...

 and is under active development. The current specification is RFC 4880 (November 2007), the successor to RFC 2440. Many e-mail clients provide OpenPGP-compliant email security as described in RFC 3156.

The Free Software Foundation
Free Software Foundation
The Free Software Foundation is a non-profit corporation founded by Richard Stallman on 4 October 1985 to support the free software movement, a copyleft-based movement which aims to promote the universal freedom to create, distribute and modify computer software...

 has developed its own OpenPGP-compliant program called GNU Privacy Guard
GNU Privacy Guard
GNU Privacy Guard is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP...

 (abbreviated GnuPG or GPG). GnuPG is freely available together with all source code under the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....

 (GPL) and is maintained separately from several Graphical User Interfaces (GUI
Gui
Gui or guee is a generic term to refer to grilled dishes in Korean cuisine. These most commonly have meat or fish as their primary ingredient, but may in some cases also comprise grilled vegetables or other vegetarian ingredients. The term derives from the verb, "gupda" in Korean, which literally...

s) that interact with the GnuPG library for encryption, decryption and signing functions (see KGPG, Seahorse
Seahorse (software)
Seahorse is a GNOME front-end application for managing PGP and SSH keys. Seahorse integrates with Nautilus, gedit and Evolution for encryption, decryption and other operations. It has HKP and LDAP key server support...

, MacGPG). Several other vendors have also developed OpenPGP-compliant software.

Network Associates acquisition

In December 1997, PGP Inc. was acquired by Network Associates, Inc. ("NAI"). Zimmermann and the PGP team became NAI employees. NAI was the first company to have a legal export strategy by publishing source code. Under NAI, the PGP team added disk encryption, desktop firewalls, intrusion detection, and IPsec
IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...

 VPNs to the PGP family. After the export regulation liberalizations of 2000 which no longer required publishing of source, NAI stopped releasing source code.

In early 2001, Zimmermann left NAI. He served as Chief Cryptographer for Hush Communications, who provide an OpenPGP-based e-mail service, Hushmail
Hushmail
Hushmail is a web-based email service offering PGP-encrypted e-mail, file storage, vanity domain service, and instant messaging . Hushmail uses OpenPGP standards and the source is available for download. Additional security features include hidden IP addresses in e-mail headers...

. He has also worked with Veridis and other companies. In October, 2001, NAI announced that its PGP assets were for sale and that it was suspending further development of PGP encryption. The only remaining asset kept was the PGP E-Business Server (the original PGP Commandline version). In February 2002, NAI canceled all support for PGP products, with the exception of the re-named commandline product. NAI (now McAfee
McAfee
McAfee, Inc. is a computer security company headquartered in Santa Clara, California, USA. It markets software and services to home users, businesses and the public sector. On August 19, 2010, electronics company Intel agreed to purchase McAfee for $7.68 billion...

) continues to sell and support the product under the name McAfee E-Business Server.

Current situation

In August 2002, several ex-PGP team members formed a new company, PGP Corporation
PGP Corporation
PGP Corporation, co-founded by Jon Callas and Phil Dunkelberger, is based in Menlo Park, California. PGP Corporation was funded by Rob Theis, General Partner, Doll Capital Management and Terry Garnett, General Partner, Venrock Associates. The company is the current owner of the Pretty Good Privacy...

, and bought the PGP assets (except for the command line version) from NAI. The new company was funded by Rob Theis of Doll Capital Management (DCM) and Terry Garnett of Venrock Associates. PGP Corporation supports existing PGP users and honors NAI's support contracts. Zimmermann now serves as a special advisor and consultant to PGP Corporation, as well as continuing to run his own consulting company. In 2003, PGP Corporation created a new server-based product called PGP Universal. In mid-2004, PGP Corporation shipped its own command line version called PGP Command Line, which integrates with the other PGP Encryption Platform applications. In 2005, PGP Corporation made its first acquisition—the German
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...

 software company Glück & Kanja Technology AG, which is now PGP Deutschland AG. In 2010, PGP Corporation acquired Hamburg-based certificate authority TC TrustCenter and its parent company, ChosenSecurity, to form its PGP TrustCenter division.

Since the 2002 purchase of NAI's PGP assets, PGP Corporation has offered worldwide PGP technical support from its offices in Draper
Draper, Utah
Draper is a city in Salt Lake and Utah Counties in the U.S. state of Utah, located about south of Salt Lake City along the Wasatch Front. Between 1990 and 2000 Draper was Utah's fastest-growing city over 5,000 people . Its population in 1990 was 7,143 and had grown to 25,220 by the 2000 census...

, Utah
Utah
Utah is a state in the Western United States. It was the 45th state to join the Union, on January 4, 1896. Approximately 80% of Utah's 2,763,885 people live along the Wasatch Front, centering on Salt Lake City. This leaves vast expanses of the state nearly uninhabited, making the population the...

, Offenbach, Germany
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...

 and Tokyo
Tokyo
, ; officially , is one of the 47 prefectures of Japan. Tokyo is the capital of Japan, the center of the Greater Tokyo Area, and the largest metropolitan area of Japan. It is the seat of the Japanese government and the Imperial Palace, and the home of the Japanese Imperial Family...

, Japan
Japan
Japan is an island nation in East Asia. Located in the Pacific Ocean, it lies to the east of the Sea of Japan, China, North Korea, South Korea and Russia, stretching from the Sea of Okhotsk in the north to the East China Sea and Taiwan in the south...

.

On April 29, 2010 Symantec Corp.
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...

 announced that it would acquire PGP for $300 million with the intent of integrating it into its Enterprise Security Group. This acquisition was finalized and announced to the public on June 7, 2010.

PGP Corporation encryption applications

This section describes commercial programs available from PGP Corporation
PGP Corporation
PGP Corporation, co-founded by Jon Callas and Phil Dunkelberger, is based in Menlo Park, California. PGP Corporation was funded by Rob Theis, General Partner, Doll Capital Management and Terry Garnett, General Partner, Venrock Associates. The company is the current owner of the Pretty Good Privacy...

. For information on other programs compatible with the OpenPGP specification, see OpenPGP implementations below.


While originally used primarily for encrypting the contents of e-mail messages and attachments from a desktop client, PGP products have been diversified since 2002 into a set of encryption applications which can be managed by an optional central policy server. PGP encryption applications include e-mail and attachments, digital signatures, laptop full disk encryption, file and folder security, protection for IM sessions, batch file transfer encryption, and protection for files and folders stored on network servers and, more recently, encrypted and/or signed HTTP request/responses by means of a client side (Enigform
Enigform
Enigform is a Mozilla Firefox extension authored by Arturo 'Buanzo' Busleiman which uses GnuPG to implement OpenPGP-signed HTTP requests. OpenPGP encryption began to be implemented in 2007. Some people believe it to be an alternative for the Secure Sockets Layer method for encrypting Hypertext...

) and a server side (mod openpgp) module. There is also a Wordpress plugin available, called wp-enigform-authentication, that takes advantage of the session management features of Enigform with mod_openpgp.

The PGP Desktop 9.x family includes PGP Desktop Email, PGP Whole Disk Encryption, and PGP NetShare. Additionally, a number of Desktop bundles are also available. Depending on application, the products feature desktop e-mail, digital signatures, IM security, whole disk encryption, file and folder security, self decrypting archives, and secure shredding of deleted files. Capabilities are licensed in different ways depending on features required.

The PGP Universal Server 2.x management console handles centralized deployment, security policy, policy enforcement, key management, and reporting. It is used for automated e-mail encryption in the gateway and manages PGP Desktop 9.x clients. In addition to its local keyserver, PGP Universal Server works with the PGP public keyserver—called the PGP Global Directory—to find recipient keys. It has the capability of delivering e-mail securely when no recipient key is found via a secure HTTPS browser session.

With PGP Desktop 9.x managed by PGP Universal Server 2.x, first released in 2005, all PGP encryption applications are based on a new proxy-based architecture. These newer versions of PGP software eliminate the use of e-mail plug-ins and insulate the user from changes to other desktop applications. All desktop and server operations are now based on security policies and operate in an automated fashion. The PGP Universal server automates the creation, management, and expiration of keys, sharing these keys among all PGP encryption applications.

The current shipping versions are PGP Desktop 10.2.0 (Windows and Mac-OS Platforms) and PGP Universal 3.2.0.

Also available are PGP Command Line, which enables command line-based encryption and signing of information for storage, transfer, and backup, as well as the PGP Support Package for BlackBerry which enables RIM BlackBerry devices to enjoy sender-to-recipient messaging encryption.

New versions of PGP applications use both OpenPGP and the S/MIME, allowing communications with any user of a NIST specified standard.

See also

  • E-mail encryption
    E-mail encryption
    Email encryption refers to encryption, and often authentication, of email messages, which can be done in order to protect the content from being read by unintended recipients....

  • E-mail privacy
    E-mail privacy
    The protection of email from unauthorized access and inspection is known as electronic privacy. In countries with a constitutional guarantee of the secrecy of correspondence, email is equated with letters and thus legally protected from all forms of eavesdropping.In the United States, privacy of...

  • Electronic envelope
    Electronic envelope
    An electronic envelope or e-envelope is almost like a postal Envelope in function. Where a paper Envelope privately encloses its contents like a mail message, so an Electronic envelope privately encloses its contents like an e-mail message. Currently, e-mail not enclosed in an electronic envelope...

  • GPG
    GNU Privacy Guard
    GNU Privacy Guard is a GPL Licensed alternative to the PGP suite of cryptographic software. GnuPG is compliant with RFC 4880, which is the current IETF standards track specification of OpenPGP...

    —free software equivalent
  • Key server (cryptographic)
    Key server (cryptographic)
    In computer security, a key server is a computer that receives and then serves existing cryptographic keys to users or other programs. The users' programs can be working on the same network as the key server or on another networked computer....

  • PGP word list
    PGP word list
    The PGP Word List is a list of words for conveying data bytes in a clear unambiguous way via a voice channel...

  • PGPDisk
    PGPDisk
    PGP Virtual Disk is an on-the-fly encryption system that allows one to create a virtual encrypted disk within a file.Older versions for Windows NT were freeware . These are still available for download, but no longer maintained...

  • Public-key cryptography
    Public-key cryptography
    Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private...

  • S/MIME
    S/MIME
    S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. S/MIME was originally developed by RSA Data Security Inc...

    —secured e-mail
  • X.509
    X.509
    In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...

  • ZRTP
    ZRTP
    ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol phone telephony call based on the Real-time Transport Protocol. It uses Diffie-Hellman key exchange and the Secure Real-time Transport Protocol for...


OpenPGP implementations


Support

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK