Public Key Encryption

Modern Public Key Encryption

Electronic communication today demands privacy and authentication of messages. A message is kept private to ensure that it is readable only by the intended recipient. Before electronic communication, secret codes and ciphers known only to the sender and recipient were used to ensure that a message was kept private. A message is authentic if the source of the message can be verified. On physical documents, authenticity could be verified through the use of a seal or stamp on the document.

Popular modern encryption systems need to be able to perform both privacy and authentication, and to be practical, all communication must be done over the same medium. These requirements make symmetric encryption impossible because the sharing of symmetric keys over an untrusted medium would make the encrypted messages untrustable. Mathematical techniques have allowed both key sharing and message passing to be done securely over the same medium.

PGP: “Public Key Cryptography for the Masses”

PGP (which stands for Pretty Good Privacy) is a free, open-source cryptographic system that allows for message privacy and authentication over an untrusted channel.

Internal Mechanisms

Obtaining a Public and Private Key

Each person using PGP generates their own a public and a private key pair based on the RSA (Rivest, Samir, and Adelman) encryption algorithm. The RSA algorithm is a public-key algorithm based on the factorization of large primes. Their public key is intended for everyone to see and is used to encrypt messages to be sent to that person. Encrypting a message using the recipient's public key ensures the message will be private. The private key is used to decrypt messages that are encrypted using that person's public key. Messages encrypted by a person's public key may only be decrypted by that person's private key, and messages encrypted by that person's private key may only be decrypted by that person's public key. This symmetric nature ensures both message privacy and authenticity.

Sending A Message

Messages sent over PGP are encrypted using IDEA (International Data Encryption Algorithm), a symmetric key encryption algorithm. Each message is encrypted using a randomly generated 128-bit message key. Each message is chunked into 64-bit segments, and each chunk is encrypted eight times to make brute force cracking of the message nearly impossible.
The message is then checksummed using the MD5 (Message Digest) Algorithm which protects the encrypted message against alteration.
The message key is then encrypted using the recipient's public key and the sender's private key. This ensures both privacy and authenticity.
The recipient may decrypt the message based on their private key and the sender's public key.

Weaknesses

Sharing of public keys: Verifying the authenticity of public keys is necessary to ensure secure communication.

Vulnerability to brute force attacks: Message security is ensured by long encryption key length. Speed of encryption and decryption is encumbered by long encryption keys. The 128-bit IDEA encryption key has been used as a compromise between speed and security. As computers become faster, the length of the message key may need to be lengthened to ensure privacy.

back

links
PGP Website
Intro to PGP

The views and opinions expressed in this page are strictly those of the page author.
The contents of this page have not been reviewed or approved by the University of Minnesota.

The views and opinions expressed in this page are strictly those of the page author.The contents of this page have not been reviewed or approved by the University of Minnesota.

The views and opinions expressed in this page are strictly those of the page author.
The contents of this page have not been reviewed or approved by the University of Minnesota.