This method of keeping messages safe from electronic voyeurs did not escape the attention of the United States Government, and in 1993 a criminal investigation was undertaken into Zimmermann and PGP due to cryptography-related export regulations. Since no one but Bob knows his private key, no one but Bob can decrypt the message, and it is thus safe from prying eyes at all steps of the delivery process. The message is then sent using normal delivery methods to Bob, who uses his private key (the other half of Bob’s key pair, only visible and usable by him) to decrypt the message. Alice locates Bob’s public key (one half of Bob’s key pair, publicly available for all to see and download) through a keyserver, Bob’s website, or any other method, and uses it to encrypt her message. PGP works like this: Alice wants to send an encrypted message to Bob. To this end, he created the cross between public-key and symmetric key encryption known as of Pretty Good Privacy that remains publicly unbroken to this day. The politically-conscious Zimmermann wanted to devise a solution to allow users to post to the early Bulletin Board Systems and store files without being snooped on. Version 1.0 of PGP was written in 1991 by Philip Zimmermann. Let’s start with a brief look at how far PGP has come since those early days of BBSes, cypherpunks, and the government lawsuits that love them. The second article will deal with PGP Universal’s technical details, and examine how the product functions in the business environment. This article is the first of two reviewing PGP Universal, and will serve to set the scene and introduce the reader to both the product and PGP in general. The solution is PGP Universal, which is a set of encryption tools that help an organization’s users encrypt everything from email, to instant messages, or even entire hard drives, without having to invest in multiple products. PGP Corporation – the company that owns and distributes PGP – has taken this to heart and crafted a solution to help companies both big and small encrypt everyday email, without having to go through the hassle of generating public and private keys or even consciously clicking an ‘encrypt’ button before sending a message. And terms such as “public key”, “private key”, and “digital signature” are viewed as concepts best left to the experts. Encryption is seen as just too difficult to set up, for a home user and especially for the workplace. Why is this? A combination of different factors have deterred both the average Joe Internet and not-so-average Bob Company from buying into the world of email encryption. Along with S/MIME, PGP has been given the honor of being one of only two email encryption systems approved for use by the National Institute of Standards and Technology.Īnd yet, despite all of these accomplishments and praises, many users and organizations still refrain from using PGP or other encryption mechanisms to secure their email. Government lawsuits, acquisitions, revisions, and finally a massive buyback of assets from erstwhile owner Network Associates in 2002 all befell the little piece of software initially used to help users securely post to Bulletin Board Systems.īut throughout all of this, the encryption itself has remained unbroken – in spite of claims ranging from lonely teenagers breaking it to the US government forcing Zimmermann to implant backdoors into the software. Pretty Good Privacy (PGP) has had quite a history since Phil Zimmermann released the first version in 1991.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |