W W W . L E S V E . O R G

Monday, September 6, 2010 01:30 GMT (Local Swedish time: 03:30)

Gnu Private Guard

Introduction

Can you trust your ISP provider that he/she not read your e-mail or maybe worse change the contents of your email so that the information is all wrong. A little change like a meeting date, phone number or other vital information can spoil a lot for you. In the middle 1990 a guy name Philip Zimmermann saw this problem and write a program called Pretty Good Privacy. The US laws did not permit export of such a program as Electronic Media. So Phil printed the source code (in C) in a book and sell that all over the world.
The program Pretty Good Privacy give the short name PGP.

What is Pretty Good Privacy ?

In conventional cryptosystems, a key is used to encrypt a message or a file. The same key is then used to decrypt the message. Consequently the key must then be sent to the recipient. Often it is difficult or impossible to send the key to the recipient because of the lack of a secure channel over which to do this, if a secure channel were avaliable then perhaps cryptography wouldn't even be necessary.
Public key cryptography is a system in which keys are generated in pairs, one public and one private key. The public key is freely distributed, while the private key is kept secret. Messages encrypted with the public key require the corresponding private key for decryption. This eliminates the need for a secure channel over which to send keys.

But the problem with PGP

PGP provides everyone with the means to conduct secure correspondence over an insecure network. # Why should I encrypt my messages? Because the e-mail you send and recieve is nobody's business except yours and your intended recipient's. Perhaps you feel you have nothing to hide. That is good, however it still makes sense to put your mail in an "envelope". There are many reasons why law abiding citizens should use crypto for their communications across the insecure internet. See the PGP documentation for a much more in-depth discussion of these issues. # How good is PGP? See the PGP manuals for details on this but, suffice it to say, that it's nearly impossible to break the code of a PGP encrypted message using standard code breaking methods. Furthermore, PGP encrypts messages with a different random key every time it is used, so even if someone had the resourses and inclination to crack one of your PGP encrypted messages, it would not help them to decrypt another one generated with the same key. This is not to say that PGP does not have it's weaknesses though. The way PGP is most vulnerable is the possibility of another person tampering with your "keyrings" or guessing your password. PGP has addressed these issues and in order to use it confidently one must read the manuals.