J. Kelly Cunningham ( deviate@lipschitz.sfasu.edu) - R. Kaszeta
11 September 1996
This document is meant as a brief overview of the methods that PGP uses for encryption, decryption, and authentication. This document does not cover how to use PGP. For information on using PGP you should read either the documentation included with PGP or PGP: Pretty Good Privacy by Simson Garfinkel, available from O'reilly and Associates.
PGP uses three cryptographic components: RSA, IDEA, and md5.
RSA consists of the components and . is your public key and is your private key. Anything encrypted by one can be decrypted by the other, and it is considered impossible to determine from .
Suppose X is a message. is meaningless gibberish, however . Similarly, is gibberish, but .
On the other hand, IDEA is a symmetric key cipher. IDEA uses a 128 bit key to transform a message into meaningless gibberish. The same key, when applied to the meaningless gibberish, will produce the original message.
Suppose X is a message and k is a key. Then is meaningless gibberish, but .
md5 will produce an essentially unique 128 bit one way hash of any input.
md5(X) is an essentially unique 128 bit representation of X.
is the conventional encryption of X with passphrase . Your private key is protected with conventional encryption.
You wish to encrypt the message X to a recipient whose public key is . PGP randomly generates a 128 bit key k. is applied to X to produce meaningless gibberish . is applied to k to produce meaningless gibberish . is sent to recipient. Since k is random X will never be encrypted the same way twice.
You have received . PGP applies to to retrieve . Now that you have k, PGP applies to to obtain
You wish to sign a message X. md5 is applied to X to obtain md5(X). is applied to md5(X) to obtain the ``signature'' . is sent to recipient.
Recipient, who has your public key, wishes to verify that a signed message, , came from you. PGP applies to to retrieve . Next, md5() is applied to X to obtain md5(X) directly from X. If the two match, then the message is the one you sent.
You wish to encrypt a signed the message X to a recipient whose public key is . PGP forms as in section 6. PGP then forms as in section 4.
You receive formed as in section 8. PGP retrieves
as in section 5. is authenticated as in section 7.
You wish to encrypt a message X to a list of recipients whose public keys are , , . Form the message as in section 4, but also attach , to get . If you wish to sign the message, form
as in section 8, but with several RSA encrypted IDEA keys.
is just data, and, as such, can be fed to to obtain a signature. When you sign your public key you are forming as in section 6. can now be authenticated as in section 7.
Other signatures can be attached to attest to the authenticity of . If the owners of , , and are convinced that belongs to you, then each can attach a signature to , forming
Someone in possession of , who trusts its owner, can authenticate as in section 7.
How PGP Works
This document was generated using the LaTeX2HTML translator Version 96.1 (Feb 5, 1996) Copyright © 1993, 1994, 1995, 1996, Nikos Drakos, Computer Based Learning Unit, University of Leeds.
The command line arguments were:
latex2html -split 0 -show_section_numbers pgp.tex.
The translation was initiated by Curtis L. Olson on Fri Sep 13 10:30:17 CDT 1996