a digital data encryptionprogramCreated byPhil ZimmermanPresented byNetiva Caftori
A word about PGPone of the strongest encryption tools availableEncryption is the process whereby codesare used to attempt to conceal themeaning of a messageCryptography is the science of writingmessages in secret codes . It is about theright to privacy, freedom of speech,freedom of political association, freedomof the press, freedom from unreasonablesearch and seizure, freedom to be leftaloneto promote awareness of the privacy issuein a digital age
Where did PGP come from and howdoes it work?PGP is theculmination of a longhistory ofcryptographicdiscoveries.PGP uses public andprivate Keyencryptionyoull share yourPublic Key withanyone you wishYour Public Key isused to encrypt amessageyoull guard yourPrivate Key secretThe Private Key isused to decryptdata that havebeen encryptedusing your PublicKey.
Public and Private Key encryptionthe message encryptedusing your Public Key canonly be decrypted by you,the owner of thecorresponding Private Keyencryption solves 1of 2major problems witholder methods, namelythat you had to somehowshare the key withanyone you wanted to beable to read (decrypt) yoursecret message
The second major problem witholder methodsUnlike earlier encryptionmethods, the security ofPGP encryption liesentirely with the key.It is PGPs selection of thecomplex keys used to doan encryption that makesit next to impossible tocrack.
Key attributes ofSecret key vs. Public keyThousands years useDESFastKeys sharedbetween usuallyonly 2 people128 bitNo non-repudiation(need 3rd party aswitness)Less than 50 yearsRSASlowPrivate: concealedPublic: widelyshared1,024Nonrepudiation:Can’t deny havingsent a message
Vocabulary, definitions, and acronymsSymmetricencryptionAsymmetricencryptionPlaintextCyphertextCryptanalystFi(n)=# positiveintegers <nrelatively prime to nDES=DataEncryptionStandardNSA=NationalSecurity AgencyAuthenticationMan-in-the-middleTrapdoorsKey escrowBrute force attack
Public key encryption systems1976: Diffie and HellmanMerkle-Hellman Knapsacks1978: Rivest-Shamir-Adelman (RSA)1984: El gamal and digital signatureHash algorithm
RSA Encryptionoperates with arithmetic mod ne=encryption key; d=decryption keyP=plaintext---> Pe mod n =cyphertext(Pe)d mod n = P recovered plaintextEncryption and decryption are mutual inverses andcommutativeSelect large n=pq p & q primeChoose e relatively prime to (p-1)(q-1)Select d so e*d=1 mod (p-1)(q-1)Or e*d=1 mod fi(n) as fi(p)=p-1 for p primeEuler-Fermat: x**fi(n)=1mod n for all x relativelyprime to n
Simple knapsack examplePrivate key Public keySuper-increasingsequenceX 23 Mod 1011 A 23 233 B 69 695 C 115 1410 D 230 2820 E 460 5640 F 920 11
Public key cryptography is basedon multiplicative inversesSuppose message to encrypt is ABCTranslate to 23+69+14=106106 is sentSince 23*22=1 mod 101 the recipient willmultiply 106x22=2332=9 mod 101And infer that the message is ABC since9=1+3+5An interceptor will spend a long timefiguring it out.
RSA vs. KnapsackAn error was discovered in theknapsack encryption by Shamir (fromRSA), and is no longer used.Modular inverse pairs are more usedin RSA than in Knapsack.RSA is the most widely used publickey cryptographic system.It bases its security on the difficulty ofperforming inverse calculations.
PGP is a remarkable phenomenon thatprovides confidentiality, authentication, andcompression for email and data storage.Its building blocks are made of the bestavailable cryptographic algorithms: RSA,DSS, Diffie-Hellman.It is independent of operating system andprocessor.It has a small set of easy-to-usecommands
ConclusionsBecause PGP is freely available via theInternet, and has a fully compatible low-cost commercial version it is now widelyused.It has a wide range of applicability fromcorporations to individuals who wish tocommunicate worldwide securely over theInternet and other networks.It is not controlled by any governmentwhich makes it attractive to many.