PGP is a public key incryption program. It uses three known algorithms to encrypt, sign, decrypt, and authenticate message. It then converts the digitally encoded message or signature into a format suitable for text transmission by use of Radix-64.
Radix-64 is a method of converting binary file into text format. First, it breaks the bit stream of the binary file into bit groups of six. Next, it looks at each group of six as an individual character. It then converts each group of six bits into a text character. For example, '010111' would correspond to a decimal 23 which becomes (by Radix-64 definition) an upper case 'X'. Other bit groups would be converted by this chart as well. Once we have converted all six bit characters into a text format, it is ready for transmission via convenstional text modes such as email.
PGP operates with the use of asymmetric encryption keys, and therefore only the intended recipient of the message can decrypt it. The real strength of PGP lies in the fact that the number of possible keys are so enormous that it is relatively safe against malicious attacks. That is, it would be almost impossible for the attacker to attempt to read the message by using all possible keys one by one untill the message is decrypted.
To use PGP, you must generate a pair of keys. One key is the public key, the other is the private key. The private key allows you decrypt a message sent to you by some other user. To allow other users to encrypt a message intended only for you, you must provide them with a copy of your public key. A public key will not allow decryption of an encoded message. We can generate the key pair by giving a special command to the PGP program. The program will ask us certain questions and will ask for a pass phrase to allow the newly created private key to remain unusable by anyone but you.
PGP can also be used to authenticate that a message was sent by the key holder of the message. By generating an electronic signature, the sender cannot deny that he sent the message. An example of this would be someone sending an email request for work to be performed and then later denying that he made the request. This feature is a major benefit for the people in the business world. Most persons and companies like to get paid for their work. Upon receipt of the request, the sender's identity can be varified by using the sender's public key to confirm that the message was indeed sent by the party it appears to have come from.
PGP generates encrypted files by using the freeware UNIX ZIP compression utility and the following two encoding schemes:
1 IDEA (International Data Encryption Algorithm)
An algorithm for generating sharec, secret keys.
2. RSA (Rivest, Shamir and Adleman who first publicly described it)
an algorithm for public key encryption.
If the message is too short for compression, the PGP foregoes the compression and proceeds directly to the IDEA encryption.
PGP first generates a secret key for IDEA by using a random number that is generates either from a file in the root directory, or from the pattern of keystrockes by the end user. It then encrypts the text and places the secret key at the end of the message. Once this task has been completed, PGP utilizes the RSA algorithm to encrypt the secret key into another round of encryption. Since the secret key can only be decrypted by the holder of the intended private key, only the recipiend can decrypt.
No comments:
Post a Comment