PGP

Pretty Good Privacy

Publisher: O'Reilly, 1995, 393 pages

ISBN: 1-56592-098-8

Last modified: May 25, 2021, 11:26 p.m.

Synopsis

PGP — Pretty Good Privacy — is a freely available encryption program written by Phil Zimmermann which provides individuals with the kind of strong cryptography that has, in the past, been available only to the military, intelligence agencies, and larger corporations.

You can use PGP to encrypt your files and electronic mail. You can also use PGP to "sign" documents with a tamper-proof digital signature, proving that you wrote these documents and that they weren't modified during transmission.

PGP has always been popular, but now that fully legal versions are available, the program has moved into the mainstream. Now, everybody wants to use PGP — to protect financial records, love letters, political manifestos, and ordinary files and email. "Encryption for the masses!" is more than just a slogan: it's quite literally what PGP offers.

PGP: Pretty Good Privacy is a complete users's guide containing everything you need to know to acquire, install, configure, and use the program effectively. In addition to its technical details, the book also contains the fascinating, behind-the-scenes story of how PGP was developed. It chronicles the battles over patent infringement and U.S. export restrictions on cryptography; it looks at the personalities — Phil Zimmermann, Jim Bidzos, and others — behind the software; and it explores the conflcts between individual privacy and U.S. government cryptographic controls.

PGP Overview

Introduction to PGP

Why PGP? The Case for Encryption

Your Mail Can Go Astray
Protecting Your Privacy

Where Did PGP Come From?
Basic PGP Terminology

Keys: Public, Secret, and Session
Key Certificates
Key Rings
Pass Phrases
Digital Signatures
Signatures on Key Certificates

How to Run PGP

The Command Line Interface
Getting Help (-h Option)
Specifying Command Line Arguments
Using ASCII Armor (-a Option)
Encrypting and Signing Email (-e and -s Options)

PGP File Extensions
PGP Environment Variables
PGP Configuration Variables
The PGP Language File
PGP and Its Competitors

Key Certificates with PGP

Cryptographic Basics

How Does Simple Cryptography Work?

Codes
Ciphers

Substitution Ciphers

One-Time Pads
Keys and Key-Length
Breaking the Code

Brute force (key search) attack
Cryptanalysis

Private Key Cryptography

Private Key Algorithms
A Private Key Example
Problems with Private Key Cryptography
The Key Distribution Center
The Outlook for Private Key

Public Key Cryptography

Public Key Systems
Advantages of Public Key Systems
Digital Signatures
Using Private and Public Key Cryptography Together

How Good is Cryptography?

The Strong and the Weak
The Case for Weakness
What Encryption Can't Do

U.S. Restrictions on Cryptography

Cryptography and the U.S. Patent System
Cryptography and Export Controls

Cryptography History and Policy

Cryptography Before PGP

Cryptography Through the Ages
National Security and the NSA
Lucifer and the DES

The National Bureau of Standards
The Security of the DES
DES Cracking
Alternatives to the DES

Public Key Cryptography

Ralph Merkle's Puzzles
Diffie-Hellman Multi-User Techniques
Diffie-Hellman Exponential Key Exchange
The Birth of RSA

How Does RSA Work?
Technical Memorandum #82

The Rise and Fall of Knapsacks

Taking Public Key to Market

A Pretty Good History of PGP

Phil Zimmermann: On the Road to PGP

Metamorphic Systems
Charlie Merritt

Phil Zimmermann Meets Public Key

Face to Face with Jim Bidzos
The Rise of RSA Data Security
Working with Big Jim
A Pretty Good Program
The Anti-Crime Bill S-266

The Birth of PGP — Version 1.0
PGP Grows Up

Bass-O-Matic
The Real Thing — PGP Version 2.0
The Cypherpunks
PEM, RSAREF, and RIPEM
ViaCrypt
MIT Steps In
Throwing PGP into the Wind
The Federal Investigation of Zimmermann
Whither PGP?

RSA-129 Solved!

Privacy and Public Policy

Wiretapping and the U.S. Government
The FBI's Digital Telephony Plan

The Untold Cost of Digital Telephony
Return of Digital Telephony
Where's the Beef?
An Information Superhighway that's "Wired for Sound"

The NSA's Clipper Chip

Inside Clipper
Who Gets the Keys?
The Battle over Clipper and the EES
Problems with Clipper

Cryptography Patents and Export

Patents and Policy
Export: 40 Bits is not Enough!
The Digital Signature Standard

The Battle over the DSS
The DSS and Patents

The Fall of PKP?

The Cylink Lawsuit
The Schlafly Lawsuit

Using PGP

Protecting Your Files

Encrypting and Decrypting Files

Encrypting a File
Making a Mistake
Erasing the Original File (-w Option)
Retrieving Your Encrypted File (Default Option)

The Pass Phrase

Should You Use a Different Pass Phrase for Every File?
How to Pick a Pass Phrase
Good Pass Phrases
Why Use a Long Pass Phrase?

Creating PGP Keys

Making Public Key Cryptography Work
The Theory Behind the Keys
Using PGP to Create Keys (-kg Option)

Choosing the Length of Your Public Key
Entering Your User ID
Picking Your Pass Phrase
Creating Randomness
What If PGP Won't Generate Keys?

PGP Key Rings Rings: A Place for Your Keys

Managing PGP Keys

Secret and Public Key Rings
Viewing Keys (-kv Option)

Viewing Keys on Your Public Key Ring
Viewing Keys on Your Secret Key Ring
Viewing Keys on Other Key Rings
Getting More Information about Keys (-kvc Option)

Changing Your Key Certificate (-ke Option)

Changing Your Pass Phrase
Changing Your User ID (-ke Option)
Editing with Options
Changing Your User ID (-ke and -kr Options)

Giving Your Public Key to Someone

Copying Your Public Key Ring
Extracting Your Public Key (-kx Option)
Extracting Printable Keys with ASCII Armor (-kxa Option)
Using Filter Mode (-f Option)
Extracting Multiple Keys into a Single ASCII-Armored File

Auditing Keys to Key Rings (-ka Option)

Adding Someone's Key to Your Public Key RIng
Adding a Key to a Specified Key Ring
No Duplicates Allowed

Removing Keys from Key Rings (-kr Option)

Removing Keys from Your Public Key Ring
Removing Keys from a Specified Key Ring

A Starter Set of Public Keys

Encrypting Email

Sending Encrypted Email

Step 1: Creating the Message

Creating a message with your word processor
Creating a message from the keyboard
Running PGP in filter mode

Step 2: Getting the Recipient's Public Key
Step 3: Encrypting the Message (-e Option)
Step 4: Sending the Message

Doing It All at Once (-f Option)

Encrypting and Sending a Message at the Same Time
Typing, Encrypting, and Sending at the Same Time

Receiving Encrypted Email

Decrypting Email
Changing the Output File (-o Option)
Viewing the Decrypted File (-m Option)
User Unknown

Sending and Receiving Huge Documents

Changing the Size of Armored Files

Sending an Encrypted File to a Mailing List

Encrypting and Sending to Multiple People
Adding Yourself to the Mailing List
Adding Yourself Automatically to the List

Using Digital Signatures

How Do Digital Signatures Work?

The MD5 Message Digest Function
Message Digests and Public Key
RSA Digital Signatures

PGP's Digital Signatures

Signing a Message (-s Option)
Verifying a Digital Signature
Selecting from Multiple Secret Keys (-u Option)
Signing and Encrypting a Message (-se Option)
Receiving Signed Mail
Creating Detached Signatures (-sb Option)

Certifying and Distributing Keys

Forged Keys
The Web of Trust
Adding a Key with Signatures (-ka Option)

Adding a Key for Phil's Pretty Good Pizza

The fingerprint
The certification

Adding a Key for Terrence Talbot, Esq.

Levels of trust

Adding a Key for Sam Spade

Viewing Signatures

Checking Your Keys and Signatures (-kc Option)
Checking Your Keys and Signatures (-kvv Option)
Checking all the Fingerprints for Your Keys (-kvc Option))

Changing Your Trust in a Person (-ke Option)

Why Change the Level of Trust?
Specifying a Different Key Ring

Signing a Key (-ks Option)

Signing with a Different Secret Key (-u Option)

Removing a Signature (-krs Option)
Unknown Signers
Certifying the Keys in keys.asc (Version 2.6.1)

Revoking, Disabling, and Escrowing Keys

Revoking Your Public Key

What is a Key Revocation Certificate?
Making a Key Revocation Certificate (-kd Option)
Questions about Revoking Keys

Disabling a Public Key (-kd Option)
A Manual System for Escrowing Keys

Simple Key Escrow
Split-Key Escrow

PGP Configuration File

What is the PGP Configuration File?
Where is the Configuration File?
Editing the Configuration File
Specifying a Configuration Variable on the Command Line
Inside the PGP Configuration File
Configuration Variable Summary

PGP Internet Key Server

Communicating with a Key Server
Key Server Commands

Getting Help
Finding out Who is on the Server
Adding Your Key to the Server
Getting a Public Key from the Server
Getting a Set of Public Keys
getting Updated Keys

Where are the Key Servers?

Appendices

Getting PGP

Getting PGP from MIT

What to Type

Other Ways of Getting PGP

University of Hamburg: Lots of Crypto Resources
University of California at Berkeley: The Cypherpunks
Netcom: The PGP FAQ and Other Information
Electronic Frontier Foundation
Other Sources

Installing PGP on a PC

Choosing a Directory
Unpacking PGP
Verifying Your Copy of PGP
Setting up the PGP
Environment on a PC

PGPPATH Environment Variable
TZ Environment Variable
A Sample autoexec.bat File

Creating Your Secret Key/Public Key Pair

Installing PGP on a UNIX System

Unpacking PGP on UNIX

Getting a C Compiler
Building the RSAREF Library
Building PGP

Verifying Your Copy of PGP
Finishing the PGP Installation Under UNIX
The Dangers of Using PGP in a Multi-User Environment

Installing PGP on a Macintosh

Getting MacPGP
Installing MacPGP

Copying the File
Decoding the File
Creating a Setup Folder
Creating a PGP Folder
Launching MacPGP
Creating Your Keys
Adding Keys to Your Key Ring
MacBinarizing the Distribution
Certifying the Keys

Versions of PGP
The Mathematics of Cryptography

How Diffie-Hellman Works
How RSA Works

The Security of RSA
How Large is Very Large?
How Random is Random?

Dr. Ron Rivest on the Difficulty of Factoring

Abstract
Factoring Algorithms
Costs of Computation
Results
Conclusions

PGP

Pretty Good Privacy

Synopsis

Table of Contents

Reviews

PGP

Reviewed by Roland Buresund

OK ***** (5 out of 10)

Opinion

Comments

New Comment