Pretty Good Privacy

Pretty Good Privacy
Written by Sagar RabidasJanuary 10, 2022
9 min read
Sagar Rabidas

Software Developer

In this blog, we will discuss Pretty Good Privacy.

Pretty Good Privacy:-

Pretty Good Privacy is a cryptographic approach that is used to provide cryptographic authentication and privacy for information verbal exchange, used for encryption and decryption of textual content, signing, electronic mail, files, and for securing the e-mail verbal exchange. Phil Zimmerman is the father of pretty exact privacy. It's far quite easy to apply and is completely free, including its supply code and documentation. A low-cost business version of PGP is also available for an organization that requires assist.

Pretty Good Privacy works:-

In PGP, the sender must include the identifier of the algorithm used in the message along with the values of keys.

Pretty Good Privacy involves 5 basic steps, which are as follows:

  • Digital Signature
  • Compression
  • Encryption
  • Digital Enveloping
  • Base-64 encoding
  • let’s discuss these steps in detail.

Step #1 – Digital Signature

In this step, the sender’s digital signature is created. It consists of email messages where the sender email message is encrypted using the SHA 1 algorithm to produce the message digest. Then this message digest is encrypted using the private key of the sender. the result of this process is Sender’s digital signature.

Step #2 – Compression

In this step, both the input message and digital signature are compressed together to reduce the final message’s size that will be transmitted through the mail. Dor compression process, the ZIP program is used, which is based on the Lempel Ziv algorithm.

Lempel Ziv algorithm finds the repeated words or strings and then stores them in a variable. Then it replaces the actual occurrence of repeated word or string with a pointer to the corresponding variable. Since the pointer required less amount of memory than the original string, this method results in data compression.

Step #3 – Encryption

In this step, the compressed file which is generated in step 2 is encrypted with a symmetric key using the IDEA algorithm.

Step #4 – Digital Enveloping

In this step, the symmetric key used in the step is encrypted with the receiver’s public key. Output generated from step 3 (Encryption), and step 4 (Digital Enveloping) together form digital enveloping.

Step #5 – Base-64 Encoding

In this step, the final output of step 4 is used as Base-64 encoding.

Pretty Good Privacy Algorithms:-

Pretty Good Privacy support various numbers of algorithms. The most common of them are as follows.

  • Encryption: For the encryption process, it uses algorithms such as IDEA, AES, DES 3, etc.
  • Message Digest: For message digest, it uses MD5, SHA1, RIPE-MD
  • Asymmetric key: For asymmetric key, it uses RSA and DSS where RSA is used for encryption and signing, and DSS is used for signing only.
  • Keyrings: While a sender wants to ship an email message to another unmarried recipient, there's no hassle, but while the consumer desires to send an email message to multiple recipients, the complexity will increase. If a desire to ship a message to ten humans, he wishes some of these 10 humans’ public keys. I.E. A wants a keyring of 10 people. Pretty top privateness specifies a ring of public-personal keys. That is due to the fact a might also need to exchange his public-non-public key pair or may also want to apply unique key pairs for a different institution of customers. In different phrases, we will say that each quite true privateness user desires to have units of key earrings, one is a hoop of his public-non-public key pair, and every other is a ring of public keys of different customers.

Case #1

A need to send a message to another user in the system

  • A create a message digest of the original message and encrypt it using his private key and generate the digital signature.
  • A create a one-time symmetric key.
  • A encrypts the symmetric key with the public key of the receiver.
  • A encrypts the original message with a one-time symmetric key
  • A encrypts digital signature with one time symmetric key
  • A sends an encrypted digital signature and original message to the receiver.

Case #2

A received message from one of the users in the system

  • To get the one-time symmetric key created by sender A uses his private key.
  • Using a one-time symmetric key, A decrypts the message
  • A calculate the message digest (MD1) of the original message
  • Using one-time symmetric key A tries to get the original digital signature
  • To decrypt t digital signature, A uses the public key from the keyring and get the original message digest (MD2)
  • A compares MD1 and MD2. If it matches, it sure about message integrity and authentication of a message sender

Pretty Good Privacy Certificate

To trust the person’s public key, we want to have that consumer’s digital certificate. PGP can use a certificate that is issued using ca or can use its certificate. Within the case of x.509, ca is the basis of who issues certificates to others. In PGP, matters work otherwise. There is no ca. Every person can sign the certificates belonging to anybody else inside the loop. There may be no hierarchy or consider, or shape. Users may have certificates issued by using special users.

For example, a persona can also have a certificate signed using person b and any other by way of personal c. So if person x wants to confirm user a’s certificates, he has two alternatives: consumer a and person b; another is consumer a and person c.

Cyber Security
Ethical Hacking
Pretty Good Privacy
Was this blog helpful?
You must be Logged in to comment
Code Block
Sagar Rabidas
Software Developer
+8 more
300 Blog Posts
14 Discussion Threads
Trending Technologies
Frontend Development24
Backend Development20
Server Administration17
Linux Administration26
Data Center24
Penetration Testing16
Recommended Threads

Techiio is on the journey to build an ocean of technical knowledge, scouring the emerging stars in process and proffering them to the corporate world.

Follow us on:

Subscribe to get latest updates

You can unsubscribe anytime from getting updates from us
Developed and maintained by Wikiance
Developed and maintained by Wikiance