Pretty Good Privacy

From Citizendium
Revision as of 06:03, 29 November 2008 by imported>Sandy Harris (update rfc reference)
Jump to navigation Jump to search
This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Pretty Good Privacy or PGP is a hybrid cryptosystem for email security, originally developed by Phil Zimmerman.

All versions use a public key cryptosystem to provide digital signatures and to manage keys for a block cipher which does the actual message encryption.

The original PGP used a block cipher called Bassomatic, devised by Zimmerman. This was quickly shown to be weak, and replaced with IDEA in version 2.0. In version 3.0. they switched to CAST-128 which, unlike IDEA, was free of patent restrictions.

Upon original release, it was famously subject to the United States export control of encryption technologies which prevented it's distribution outside of the US. Visitors to the PGP website who attempted to download the software from a non-US IP address were denied. Zimmerman was investigated by the US Customs Service, and gave testimony to the US Senate, arguing for a change to the export control laws on the basis of the importance of privacy for civil liberties and human rights. PGP and subsequent encryption software has been used by human rights campaigners and dissidents to protect the privacy of communications and data used in the fight for civil rights in oppressive regimes[1].

There is an Internet standard for "Open PGP", RFC 4880 [2].

An Open Source implementation of that standard, GNU Privacy Guard (GPG), is available [1].

References

References