PGP

Pretty Good Privacy

Simson Garfinkel

Publisher: O'Reilly, 1995, 393 pages

ISBN: 1-56592-098-8

Keywords: IT Security

Last modified: May 25, 2021, 11:26 p.m.

PGP — Pretty Good Privacy ­— is a freely available encryption program written by Phil Zimmermann which provides individuals with the kind of strong cryptography that has, in the past, been available only to the military, intelligence agencies, and larger corporations.

You can use PGP to encrypt your files and electronic mail. You can also use PGP to "sign" documents with a tamper-proof digital signature, proving that you wrote these documents and that they weren't modified during transmission.

PGP has always been popular, but now that fully legal versions are available, the program has moved into the mainstream. Now, everybody wants to use PGP — to protect financial records, love letters, political manifestos, and ordinary files and email. "Encryption for the masses!" is more than just a slogan: it's quite literally what PGP offers.

PGP: Pretty Good Privacy is a complete users's guide containing everything you need to know to acquire, install, configure, and use the program effectively. In addition to its technical details, the book also contains the fascinating, behind-the-scenes story of how PGP was developed. It chronicles the battles over patent infringement and U.S. export restrictions on cryptography; it looks at the personalities — Phil Zimmermann, Jim Bidzos, and others — behind the software; and it explores the conflcts between individual privacy and U.S. government cryptographic controls.

  1. PGP Overview
    1. Introduction to PGP
      • Why PGP? The Case for Encryption
        • Your Mail Can Go Astray
        • Protecting Your Privacy
      • Where Did PGP Come From?
      • Basic PGP Terminology
        • Keys: Public, Secret, and Session
        • Key Certificates
        • Key Rings
        • Pass Phrases
        • Digital Signatures
        • Signatures on Key Certificates
      • How to Run PGP
        • The Command Line Interface
        • Getting Help (-h Option)
        • Specifying Command Line Arguments
        • Using ASCII Armor (-a Option)
        • Encrypting and Signing Email (-e and -s Options)
      • PGP File Extensions
      • PGP Environment Variables
      • PGP Configuration Variables
      • The PGP Language File
      • PGP and Its Competitors
        • Key Certificates with PGP
    2. Cryptographic Basics
      • How Does Simple Cryptography Work?
        • Codes
        • Ciphers
          • Substitution Ciphers
        • One-Time Pads
        • Keys and Key-Length
        • Breaking the Code
          • Brute force (key search) attack
          • Cryptanalysis
      • Private Key Cryptography
        • Private Key Algorithms
        • A Private Key Example
        • Problems with Private Key Cryptography
        • The Key Distribution Center
        • The Outlook for Private Key
      • Public Key Cryptography
        • Public Key Systems
        • Advantages of Public Key Systems
        • Digital Signatures
        • Using Private and Public Key Cryptography Together
      • How Good is Cryptography?
        • The Strong and the Weak
        • The Case for Weakness
        • What Encryption Can't Do
      • U.S. Restrictions on Cryptography
        • Cryptography and the U.S. Patent System
        • Cryptography and Export Controls
  2. Cryptography History and Policy
    1. Cryptography Before PGP
      • Cryptography Through the Ages
      • National Security and the NSA
      • Lucifer and the DES
        • The National Bureau of Standards
        • The Security of the DES
        • DES Cracking
        • Alternatives to the DES
      • Public Key Cryptography
        • Ralph Merkle's Puzzles
        • Diffie-Hellman Multi-User Techniques
        • Diffie-Hellman Exponential Key Exchange
        • The Birth of RSA
          • How Does RSA Work?
          • Technical Memorandum #82
        • The Rise and Fall of Knapsacks
      • Taking Public Key to Market
    2. A Pretty Good History of PGP
      • Phil Zimmermann: On the Road to PGP
        • Metamorphic Systems
        • Charlie Merritt
      • Phil Zimmermann Meets Public Key
        • Face to Face with Jim Bidzos
        • The Rise of RSA Data Security
        • Working with Big Jim
        • A Pretty Good Program
        • The Anti-Crime Bill S-266
      • The Birth of PGP — Version 1.0
      • PGP Grows Up
        • Bass-O-Matic
        • The Real Thing — PGP Version 2.0
        • The Cypherpunks
        • PEM, RSAREF, and RIPEM
        • ViaCrypt
        • MIT Steps In
        • Throwing PGP into the Wind
        • The Federal Investigation of Zimmermann
        • Whither PGP?
      • RSA-129 Solved!
    3. Privacy and Public Policy
      • Wiretapping and the U.S. Government
      • The FBI's Digital Telephony Plan
        • The Untold Cost of Digital Telephony
        • Return of Digital Telephony
        • Where's the Beef?
        • An Information Superhighway that's "Wired for Sound"
      • The NSA's Clipper Chip
        • Inside Clipper
        • Who Gets the Keys?
        • The Battle over Clipper and the EES
        • Problems with Clipper
    4. Cryptography Patents and Export
      • Patents and Policy
      • Export: 40 Bits is not Enough!
      • The Digital Signature Standard
        • The Battle over the DSS
          The DSS and Patents
      • The Fall of PKP?
        • The Cylink Lawsuit
        • The Schlafly Lawsuit
  3. Using PGP
    1. Protecting Your Files
      • Encrypting and Decrypting Files
        • Encrypting a File
        • Making a Mistake
        • Erasing the Original File (-w Option)
        • Retrieving Your Encrypted File (Default Option)
      • The Pass Phrase
        • Should You Use a Different Pass Phrase for Every File?
        • How to Pick a Pass Phrase
        • Good Pass Phrases
        • Why Use a Long Pass Phrase?
    2. Creating PGP Keys
      • Making Public Key Cryptography Work
      • The Theory Behind the Keys
      • Using PGP to Create Keys (-kg Option)
        • Choosing the Length of Your Public Key
        • Entering Your User ID
        • Picking Your Pass Phrase
        • Creating Randomness
        • What If PGP Won't Generate Keys?
      • PGP Key Rings Rings: A Place for Your Keys
    3. Managing PGP Keys
      • Secret and Public Key Rings
      • Viewing Keys (-kv Option)
        • Viewing Keys on Your Public Key Ring
        • Viewing Keys on Your Secret Key Ring
        • Viewing Keys on Other Key Rings
        • Getting More Information about Keys (-kvc Option)
      • Changing Your Key Certificate (-ke Option)
        • Changing Your Pass Phrase
        • Changing Your User ID (-ke Option)
        • Editing with Options
        • Changing Your User ID (-ke and -kr Options)
      • Giving Your Public Key to Someone
        • Copying Your Public Key Ring
        • Extracting Your Public Key (-kx Option)
        • Extracting Printable Keys with ASCII Armor (-kxa Option)
        • Using Filter Mode (-f Option)
        • Extracting Multiple Keys into a Single ASCII-Armored File
      • Auditing Keys to Key Rings (-ka Option)
        • Adding Someone's Key to Your Public Key RIng
        • Adding a Key to a Specified Key Ring
        • No Duplicates Allowed
      • Removing Keys from Key Rings (-kr Option)
        • Removing Keys from Your Public Key Ring
        • Removing Keys from a Specified Key Ring
      • A Starter Set of Public Keys
    4. Encrypting Email
      • Sending Encrypted Email
        • Step 1: Creating the Message
          • Creating a message with your word processor
          • Creating a message from the keyboard
          • Running PGP in filter mode
        • Step 2: Getting the Recipient's Public Key
        • Step 3: Encrypting the Message (-e Option)
        • Step 4: Sending the Message
      • Doing It All at Once (-f Option)
        • Encrypting and Sending a Message at the Same Time
        • Typing, Encrypting, and Sending at the Same Time
      • Receiving Encrypted Email
        • Decrypting Email
        • Changing the Output File (-o Option)
        • Viewing the Decrypted File (-m Option)
        • User Unknown
      • Sending and Receiving Huge Documents
        • Changing the Size of Armored Files
      • Sending an Encrypted File to a Mailing List
        • Encrypting and Sending to Multiple People
        • Adding Yourself to the Mailing List
        • Adding Yourself Automatically to the List
    5. Using Digital Signatures
      • How Do Digital Signatures Work?
        • The MD5 Message Digest Function
        • Message Digests and Public Key
        • RSA Digital Signatures
      • PGP's Digital Signatures
        • Signing a Message (-s Option)
        • Verifying a Digital Signature
        • Selecting from Multiple Secret Keys (-u Option)
        • Signing and Encrypting a Message (-se Option)
        • Receiving Signed Mail
        • Creating Detached Signatures (-sb Option)
    6. Certifying and Distributing Keys
      • Forged Keys
      • The Web of Trust
      • Adding a Key with Signatures (-ka Option)
        • Adding a Key for Phil's Pretty Good Pizza
          • The fingerprint
          • The certification
        • Adding a Key for Terrence Talbot, Esq.
          • Levels of trust
        • Adding a Key for Sam Spade
      • Viewing Signatures
        • Checking Your Keys and Signatures (-kc Option)
        • Checking Your Keys and Signatures (-kvv Option)
        • Checking all the Fingerprints for Your Keys (-kvc Option))
      • Changing Your Trust in a Person (-ke Option)
        • Why Change the Level of Trust?
        • Specifying a Different Key Ring
      • Signing a Key (-ks Option)
        • Signing with a Different Secret Key (-u Option)
      • Removing a Signature (-krs Option)
      • Unknown Signers
      • Certifying the Keys in keys.asc (Version 2.6.1)
    7. Revoking, Disabling, and Escrowing Keys
      • Revoking Your Public Key
        • What is a Key Revocation Certificate?
        • Making a Key Revocation Certificate (-kd Option)
        • Questions about Revoking Keys
      • Disabling a Public Key (-kd Option)
      • A Manual System for Escrowing Keys
        • Simple Key Escrow
        • Split-Key Escrow
    8. PGP Configuration File
      • What is the PGP Configuration File?
      • Where is the Configuration File?
      • Editing the Configuration File
      • Specifying a Configuration Variable on the Command Line
      • Inside the PGP Configuration File
      • Configuration Variable Summary
    9. PGP Internet Key Server
      • Communicating with a Key Server
      • Key Server Commands
        • Getting Help
        • Finding out Who is on the Server
        • Adding Your Key to the Server
        • Getting a Public Key from the Server
        • Getting a Set of Public Keys
        • getting Updated Keys
      • Where are the Key Servers?
  4. Appendices
    1. Getting PGP
      • Getting PGP from MIT
        • What to Type
      • Other Ways of Getting PGP
        • University of Hamburg: Lots of Crypto Resources
        • University of California at Berkeley: The Cypherpunks
        • Netcom: The PGP FAQ and Other Information
        • Electronic Frontier Foundation
        • Other Sources
    2. Installing PGP on a PC
      • Choosing a Directory
      • Unpacking PGP
      • Verifying Your Copy of PGP
      • Setting up the PGP
      • Environment on a PC
        • PGPPATH Environment Variable
        • TZ Environment Variable
        • A Sample autoexec.bat File
      • Creating Your Secret Key/Public Key Pair
    3. Installing PGP on a UNIX System
      • Unpacking PGP on UNIX
        • Getting a C Compiler
        • Building the RSAREF Library
        • Building PGP
      • Verifying Your Copy of PGP
      • Finishing the PGP Installation Under UNIX
      • The Dangers of Using PGP in a Multi-User Environment
    4. Installing PGP on a Macintosh
      • Getting MacPGP
      • Installing MacPGP
        • Copying the File
        • Decoding the File
        • Creating a Setup Folder
        • Creating a PGP Folder
        • Launching MacPGP
        • Creating Your Keys
        • Adding Keys to Your Key Ring
        • MacBinarizing the Distribution
        • Certifying the Keys
    5. Versions of PGP
    6. The Mathematics of Cryptography
      • How Diffie-Hellman Works
      • How RSA Works
        • The Security of RSA
        • How Large is Very Large?
        • How Random is Random?
      • Dr. Ron Rivest on the Difficulty of Factoring
        • Abstract
        • Factoring Algorithms
        • Costs of Computation
        • Results
        • Conclusions
      • How PGP Picks Primes

Reviews

PGP

Reviewed by Roland Buresund

OK ***** (5 out of 10)

Last modified: May 21, 2007, 3:16 a.m.

One of the few good descriptions of PGP.

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

captcha

required