a digital data encryption program Created by Phil Zimmerman Presented by Netiva Caftori

A word about PGP

one of the strongest encryption tools available

Encryption is the process whereby codes are used to attempt to conceal the meaning of a message Cryptography is the science of writing messages in secret codes . It is about the right to privacy, freedom of speech, freedom of political association, freedom of the press, freedom from unreasonable search and seizure, freedom to be left alone to promote awareness of the privacy issue in a digital age

Where did PGP come from

does it work?
PGP is the culmination of a long history of cryptographic discoveries. PGP uses public and private Key encryption

and

how

Your Public Key is used to encrypt a message

you'll share your Public Key with anyone you wish

you'll guard your Private Key secret The Private Key is used to decrypt data that have been encrypted using your Public Key.

Public and Private Key encryption the message encrypted using your Public Key can only be decrypted by you, the owner of the corresponding Private Key encryption solves 1of 2 major problems with older methods, namely that you had to somehow share the key with anyone you wanted to be able to read (decrypt) your secret message

The second major problem with older methods Unlike earlier encryption methods, the security of PGP encryption lies entirely with the key.

It is PGP's selection of the complex keys used to do an encryption that makes it next to impossible to crack.

Key attributes of Secret key vs. Public key

Thousands years use

DES Fast Keys shared between usually only 2 people 128 bit No non-repudiation (need 3rd party as witness)

Less than 50 years RSA Slow Private: concealed Public: widely shared 1,024 Nonrepudiation: Cant deny having sent a message

Vocabulary, definitions, and acronyms

Symmetric encryption Asymmetric encryption Plaintext Cyphertext Cryptanalyst Fi(n)=# positive integers <n relatively prime to n DES=Data Encryption Standard NSA=National Security Agency Authentication Man-in-the-middle Trapdoors Key escrow Brute force attack

Public key encryption systems

1976: Diffie and Hellman Merkle-Hellman Knapsacks 1978: Rivest-Shamir-Adelman (RSA) 1984: El gamal and digital signature Hash algorithm

RSA Encryption operates with arithmetic mod n

e=encryption key; d=decryption key P=plaintext---> Pe mod n =cyphertext (Pe)d mod n = P recovered plaintext Encryption and decryption are mutual inverses and commutative Select large n=pq p & q prime Choose e relatively prime to (p-1)(q-1) Select d so e*d=1 mod (p-1)(q-1) Or e*d=1 mod fi(n) as fi(p)=p-1 for p prime Euler-Fermat: x**fi(n)=1mod n for all x relatively prime to n

Simple knapsack example

Private key Superincreasing sequence 1 A 3 5 B C X 23 Public key Mod 101

23 69 115 230 460 920

23 69 14 28 56 11

10 D 20 E 40 F

Public key cryptography is based on multiplicative inverses

Suppose message to encrypt is ABC Translate to 23+69+14=106 106 is sent Since 23*22=1 mod 101 the recipient will multiply 106x22=2332=9 mod 101 And infer that the message is ABC since 9=1+3+5 An interceptor will spend a long time figuring it out.

RSA vs. Knapsack

An error was discovered in the knapsack encryption by Shamir (from RSA), and is no longer used. Modular inverse pairs are more used in RSA than in Knapsack. RSA is the most widely used public key cryptographic system. It bases its security on the difficulty of performing inverse calculations.

PGP is a remarkable phenomenon that provides confidentiality, authentication, and compression for email and data storage. Its building blocks are made of the best available cryptographic algorithms: RSA, DSS, Diffie-Hellman. It is independent of operating system and processor. It has a small set of easy-to-use commands

Conclusions
Because PGP is freely available via the Internet, and has a fully compatible lowcost commercial version it is now widely used. It has a wide range of applicability from corporations to individuals who wish to communicate worldwide securely over the Internet and other networks. It is not controlled by any government which makes it attractive to many.