Scribd
Upload
19 views7 pages

PGP

Pretty Good Privacy (PGP) is an email security program that ensures privacy, authentication, and data integrity through a combination of cryptographic techniques. It operates by applying hashing, digital signatures, compression, and both symmetric and public-key encryption, making it widely accepted and available on various platforms. PGP also incorporates features like email compatibility and segmentation to facilitate secure communication over the internet.

Uploaded by

jebas5294
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views7 pages

PGP

Pretty Good Privacy (PGP) is an email security program that ensures privacy, authentication, and data integrity through a combination of cryptographic techniques. It operates by applying hashing, digital signatures, compression, and both symmetric and public-key encryption, making it widely accepted and available on various platforms. PGP also incorporates features like email compatibility and segmentation to facilitate secure communication over the internet.

Uploaded by

jebas5294
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Pretty Good Privacy (PGP)

Pretty Good Privacy (PGP) is an e-mail security program that provides privacy,
authentication, compression, e-mail compatibility, and segmentation.
It was developed by Philip Zimmerman and is widely used for securing e-mail and file
storage.

PGP combines the best features of hashing, digital signatures, compression, symmetric
encryption, and public-key encryption in one integrated package.

Characteristics of PGP

1. Available free on many platforms (Windows, UNIX, Macintosh).

2. Uses strong cryptographic algorithms (RSA, IDEA, CAST-128, 3DES).

3. Widely accepted standard; now part of OpenPGP.

4. No government control — distributed source model.

5. Available on the Internet standards track.

PGP Operation – General Overview

PGP applies the following transformations to a message:

1. Hash function

2. Digital signature generation

3. Compression

4. Symmetric encryption using a session key

5. Public-key encryption of the session key

6. Radix-64 conversion

All these steps produce a secure e-mail that provides authenticity and confidentiality.
PGP Working Block Diagram

PGP Process (Sender → Receiver) – Clean Text Version

Sender Side (User A → User B)

1. User A wants to send a message (P) to user B securely.


Both users have their own public and private RSA keys, and each knows the other's
public key.

2. User A applies a hash function (MD5) to the plaintext message P.


This produces a message digest.

3. The message digest is encrypted using User A’s private RSA key, producing a
digital signature.

4. Message and signature are concatenated.

5. The concatenated output is compressed using the ZIP algorithm.


This produces P₁Z.

6. A 128-bit IDEA session key (Kₘ) is generated.


The compressed message (P₁Z) is encrypted using IDEA with this session key.

7. The session key Kₘ is encrypted using User B’s public RSA key (Bₚ).

8. The encrypted session key and encrypted message are concatenated.

9. The final output is converted to Base-64 (Radix-64) to make it e-mail compatible.

This completes the sending process.


Receiver Side (User B)

1. User B receives the Base-64 encoded message and converts it back to binary.

2. User B decrypts the session key (Kₘ) using his private RSA key.

3. Using Kₘ, User B decrypts the IDEA-encrypted message and obtains P₁Z.

4. User B decompresses P₁Z using the ZIP algorithm to recover the concatenated
message and signature.

5. User B now separates:

o the plaintext message P

o the encrypted hash (signature)

6. User B decrypts the signature using User A’s public RSA key to retrieve the original
hash digest.

7. User B computes his own MD5 hash of the received plaintext message.

8. If both hashes match, the message:

o is authentic,

o has integrity,

o and is confirmed to be sent by User A.

Notation Used in PGP

Kₛ – Session key used in the conventional (symmetric) encryption scheme.

PRₐ – Private key of User A, used in public-key encryption schemes.

PUₐ – Public key of User A, used in public-key encryption schemes.

EP – Public-key encryption operation.

DP – Public-key decryption operation.

EC – Conventional (symmetric) encryption operation.

DC – Conventional (symmetric) decryption operation.


H – Hash function (MD5/SHA-1).

|| – Concatenation operation.

Z – Compression using the ZIP algorithm.

R64 – Conversion to Radix-64 ASCII format.

4.1.1 PGP Operation

PGP operation involves five di erent services:

1. Authentication

2. Confidentiality

3. Compression

4. E-mail Compatibility

5. Segmentation

PGP Operation Flow

PGP for Authentication

1. Sender creates a hash (MD5/SHA-1) of the message.

2. Hash is encrypted using sender’s private key → digital signature.

3. Signature + message is sent.


At Receiver:

1. Receiver decrypts signature using sender’s public key.

2. Computes hash of message and compares with received one.

PGP for Confidentiality

1. Sender generates a random session key.

2. Message is compressed.

3. Message is encrypted using session key (symmetric encryption).

4. Session key is encrypted using receiver’s public key.

5. Both are sent to the receiver.

At Receiver:

1. Receiver decrypts session key using private key.

2. Uses session key to decrypt the message.

PGP for Both Confidentiality + Authentication


At Sender (User A → User B)

1. Sender computes hash of the message using SHA-1.

2. Sender encrypts the hash with own private key → digital signature.

3. Signature is attached to the plaintext message.

4. The combined message + signature is compressed (ZIP).

5. A random session key (Kₛ) is generated.

6. Compressed data is encrypted using the session key (CAST-128 / IDEA / 3DES).

7. Session key is encrypted using receiver’s public key (PU_b).

8. Encrypted session key + encrypted message are sent to the receiver, often after
Radix-64 conversion.

At Receiver (User B)

1. Receiver decrypts the session key using their private key (PR_b).

2. Receiver decrypts the message using the recovered session key.

3. Receiver decompresses the data.

4. Receiver separates message and signature.

5. Receiver computes hash of the received message.

6. Receiver decrypts the signature using sender’s public key (PU_a).

7. If both hashes match → message is authentic and unmodified.


3. Compression in PGP

In PGP, compression is performed before encryption to reduce message size and


improve transmission e iciency.

 The message along with the digital signature is compressed.

 PGP uses the ZIP compression algorithm, based on LZ77 (Lempel–Ziv)


compression technique.

 By default, PGP applies the signature first, then compresses, and finally
encrypts the message.

 This approach allows long-term storage of uncompressed original messages


along with their signatures.

 Compression also separates the message verification process from the


encryption method, ensuring flexibility and e iciency.

 Overall, PGP achieves compression using the ZIP algorithm.

4. Email Compatibility

Email systems accept only ASCII characters.


PGP converts the binary encrypted output into printable ASCII format using Radix-64
encoding (Base64).
This allows the encrypted message to be safely transmitted over e-mail without corruption.

5. Segmentation and Reassembly

Email messages have size limits (around 50,000 octets).


PGP automatically breaks large encrypted messages into smaller segments for
transmission.
At the receiving side, PGP reassembles all segments back into the original message
before decryption.

You might also like