Introduction to PGP

Source: Internet
Author: User
Keywords PGP
This article mainly introduces some principles and background knowledge about PGP implementation. Other documents on the installation and use of PGP refer to other documentation provided with this article. PGP pretty-Privacy is a mail encryption software based on RSA public key encryption system. You can use it to keep your emails secret to prevent unauthorized reading, and it can also digitally sign your emails so that the recipient can be sure you sent them. It allows you to safely communicate with people you've never met before, and you don't need any confidential channels to pass the keys. It uses: Prudent Key management, a RSA and traditional encryption of the hybrid algorithm for digital signature of the message digest algorithms, encryption, and so on, there is a good ergonomics design. It's powerful and fast. and its source code is free. In fact, the function of PGP is more than that: PGP can be used to encrypt files, and can use PGP instead of Uuencode to generate Radix 64 format (the MIME BASE 64 format) encoding files. The founder of PGP is Phil Zimmermann of the United States. His creativity lies in his combination of the convenience of RSA PKI and the high speed of traditional encryption system, and the ingenious design of digital signature and key authentication management mechanism. So PGP becomes the most popular public key encryption package. PGP is an encryption software that is used by the public. Encryption is for security, and privacy is a fundamental human right. In modern society, email and file transfer on the Internet has become a part of life. The security of messages is becoming more and more prominent, and it is known that data transmitted over the Internet is unencrypted. If you do not protect your own information, the third party will easily gain your privacy. Another problem is information authentication, how to let the recipient believe that the message has not been tampered with by a third party, the need for digital signature technology. The characteristics of the RSA PKI make it very suitable to meet the above two requirements: confidentiality (Privacy) and authentication (authentication). RSA (Rivest-shamir-adleman) algorithm is a public key system based on the assumption of large number of impossible mass factorization. To put it simply is to find two big prime numbers, one to the world, one to not tell anyone. One is called a "public key", and the other is called "Private key" (Secretkey or private key). The two keys are complementary, that is, the cipher with a public key can be decrypted with a private key, and vice versa. Suppose a to send a letter to B, they know each other's public key. A will use B's public key encrypted mail sent, B received can use their own private key to decrypt the original. Because no one else knowsDoug B's private key so even if a I can not decrypt the letter, which solves the problem of confidentiality of the letter. On the other hand because everyone knows B's public key, they can send a letter to B, then B can not be sure is not a letter. The issue of authentication arises when digital signatures are useful. Explain what is "Mail Digest" (Message Digest) before you explain the digital signature. The single word is to an email with an algorithm to calculate a can reflect the "essence" of the message, once the message changes in the number will change, then this number plus the author's name (actual In the author's key) there are dates and so on, which can be used as a signature. Rather, PGP is a 128-bit binary number as "Mail Digest", the algorithm used to generate it is called MD5 (Message Digest 5), and MD5 's author is that the code used in Ron Rivest,pgp is written by Colin Plumb, which is itself a public Software. So there is no mention of it in the legal terms of PGP. MD5 is a one-way hashing algorithm, it is not like CRC checksum, it is difficult to find an alternative mail and the original has the same "essence." Back to the digital signature, a use their own private key to the above 128-bit "essence" encryption, attached to the message, and then use B's public key to encrypt the entire message. After this cipher is received by B, B will use his private key to decrypt the mail, get a copy of the original and signature, B PGP also from the original calculation of a 128-bit "essence" to use a public key to decrypt the signature of the number comparison, if it is true that this mail is indeed a sent. Such two requirements were met. PGP can also be signed and not encrypted, which applies when a statement is made publicly, the person who confirms his identity (as it is on the web) can sign with his private key. This allows the recipient to confirm the identity of the sender, or to prevent the sender from denying his own statement. This has great application in the commercial field, it can prevent the sender to deny and the letter was tampered with on the way. So why does PGP use RSA and the traditional encryption of the miscellaneous algorithm? Because the RSA algorithm calculation is very high in speed is not suitable for encryption of large amounts of data, so PGP is actually used to encrypt not RSA itself, but the use of a kind of traditional encryption algorithm called idea. Let me explain what traditional cryptography is, simply by encrypting the plaintext with a key and decrypting it with the same key. The representative of this method is DES (US-dataencryption Standard), that is, multiplication encryption, its main disadvantage is that the key to the delivery channel can not solve the security problem, not suitable for network environment mail encryption needs. IDEA is a patented algorithm, the patent holder is ETH and a Swiss company: Ascom-tech AG. IDEA implementations for non-commercial use do not pay them. Idea has a much faster encryption rate than RSA, so in fact PGP uses a random-generated key (each time encryption is different) to encrypt the plaintext using the idea algorithm and then encrypt the key with the RSA algorithm. The recipient is also using RSA to decrypt the following secret key, and then use idea to decrypt the message itself. This kind of chain encryption to achieve both the confidentiality of the RSA system, but also the idea of the fast algorithm. PGP Creative half on this point, why the RSA System 70 's proposed, has not been widely used? The speed is too slow! So where is the other half of PGP's creativity? Let me talk about the key management of PGP. A mature encryption system must have a mature key management mechanism matching. The public key system is proposed in order to solve the traditional encryption system key allocation is difficult to keep secret the shortcomings. For example, network Hacker is one of the common means of "listening", if the key is transmitted over the network is too dangerous. For example: In the old version of Novellnetware, the user's password is transmitted in plaintext on the line, so that the listener can easily get someone else's password. Of course, the user password for the data header in Netware 4.1 is now encrypted. For PGP, the public key should be open, there is no defense of the problem of listening. However, there are still security issues in the release of the public key, such as the tampering of the public key (tampering), which may be the biggest flaw in the PKI, because most beginners cannot find it quickly. You have to be sure that the key you get is the one that it seems to belong to. To make this clear, let me give you an example of how to properly use PGP to plug this loophole. In your communication with Alice, for example, suppose you want to send a letter to Alice, you must have Alice's spoon, you download Alice from the BBS from the public key, and it encrypted the letter with BBS email function sent to Alice. Unfortunately, you and Alice do not know that another user named Charlie's user to sneak into the BBS, his own with Alice's name generated by the key pair in the public key to replace Alice's spoon. The public key you use to send the letter is not Alice's but Charlie's, everything seems to be normal, because you get the public key username is "Alice". So Charlie can use his private key to decrypt your letter to Alice, and even he can use Alice's real public key to forward you to ALice letter, so that no one will be suspicious, he would like to change your letter to Alice is no problem. What's more, he can fake Alice's signature to you or someone else, because the spoons in your hands are forged and you think it's really Alice's letter. The best way to prevent this is to avoid any other person having the opportunity to tamper with a public key, such as getting her spoon directly from Alice, but it's hard when she's miles away or can't see it. PGP develops a public key introduction mechanism to solve this problem. For example, if you and Alice have a mutual friend, David, and David knows that Alice's spoon is right in his hand (about how to authenticate a public key, PGP has a way to go, and then it says here that David has certified her public key with Alice). So David could sign Alice's public key with his own private key (that is, the signature method above), indicating that he guaranteed that the spoon belonged to Alice. Of course you need to use David's public key to check the spoon he gave you Alice, and David can also give Alice a certificate of your public key so that David becomes a "referral" between you and Alice. So Alice or David can safely upload David signed Alice's key to the BBS for you to take, no one can tamper with it without being found, even the BBS administrator. This is the security means by which public key is passed. Some people ask: "How can you safely get David's spoon, is this not a chicken or egg first?" It is true that the David's spoon you have got is also fake, but this requires the rogue to be involved in the whole process, he must be familiar with the three of you, and planning for a long time, which is generally impossible. Of course, PGP's suggestion that this might also be preventative is that it is the role of a person or institution that is universally trusted. He is called a "key waiter" or "certified authority", and every public key he signs is considered true, so as long as everyone has a copy of his public key on the line, certified this person's public key is convenient, because he widely provide this service, counterfeit his public key is very difficult, because his public key is widely circulated. Such "authority" is suitable for non-personal control organizations or government agencies, and now has a hierarchy of certification institutions exist. For those who are very dispersed, PGP favours the use of private key referrals, since such an organic unofficial can better reflect people's natural social interactions, and people are free to choose the people they trust to introduce them. It's just like meeting people you don't know. Each public key has at least one username (user ID), please use your own full name, preferably plus my email address, so as not to confuse. Note! One rule you must follow is that you must first authenticate the!!! Before you use any of the public keys. No matter what temptation you are, of course there will be the temptation, you do not, absolutely not, directly trust a public channel (by which it is those who look confidential) the public spoon, remember to use the public spoon introduced by acquaintances, or their own personally certified with each other. Also you should not casually sign for others to authenticate their public key, just like you in real life, the home door key you will only hand over to the trust person. Next, I'll talk about how to authenticate keys by telephone. Each key has its own identity (keyID), keyID is a eight-bit hexadecimal number, the probability of two keys having the same keyID is One-zero, and PGP also provides a more reliable way to identify the key: "Key fingerprint" (key ' s fingerprint). Each key corresponds to a string of digits (16 eight-bit hexadecimal digits), and this number may be even less repetitive. And no one can specify that a key that has a fingerprint be generated, the key is randomly generated, and the key cannot be reversed from the fingerprint. Then you can check the fingerprint with him on the phone after you get the public key, and then you will be able to authenticate his public key. If you can't make a phone call with Alice, you can authenticate David's public key with David by using David to authenticate Alice's public key, which is a combination of direct authentication and indirect introductions. This leads to a way of collecting your own public key with signatures of different people and sending it to public places, so you can hope that most people know at least one person and indirectly certify your public key. Also, you should send it back to your friend's public key, so that he can be authenticated by your other friends. It's kind of interesting, like the people in the real world. PGP will automatically find out for you which of your public keys are introduced by your friends, those who are friends of your friends introduced, and which are friends of friends of a friend introduced ... It will help you divide them into different levels of trust, allowing you to decide how much you trust them. You can specify a person's ability to have several layers of referral public key, which is decreased with the passing of authentication. The referral authentication mechanism is transitive, which is an interesting issue. The author of PGP, Phil Zimmermann. There is a saying: "Trust is not transitive; I have a friend who I believe never to lie." But he's a fool to assume the president doesn't lie, but obviously I don't think the president will lie. "The security of the PKI is the core of PGP security, and I'm not going to elaborate here." As with the traditional single key system, the private keySecrecy is also decisive. Relative to the public key, the private key does not exist tampered with the problem, but there are leaks. RSA's private key is a very long number, users can not remember it, PGP approach is to allow users to randomly generated RSA private key to specify a password (pass phase). Only by giving an export order to release the private key to use, password encryption private key method of confidentiality and PGP itself is the same. So the security of the private key is actually the first secret of the user password. Of course the private key file itself is also very dangerous, because the decoder needs to use the method of exhaustive test your password, although it is difficult but after all, loss of a layer of security. Just remember a little bit here, keep your private key like any privacy, and don't let anyone have access to it. The careful consideration of PGP in security issues is embodied in all aspects of PGP. For example, each encryption of the actual key is a random number, we all know that the computer can not produce real random numbers. The PGP program is very cautious about the generation of random numbers, and the key random numbers like the RSA key are generated from the time interval on which the user looks at the keyboard to obtain the random number of seeds. The Randseed.bin file on the disk is encrypted with the same strength as the message. This effectively prevents others from analyzing your cryptographic actual key rules from your Randseed.bin file. Here I mention the pre-compression process of PGP encryption, the PGP kernel uses the PKZIP algorithm to compress the plaintext before encryption. On the one hand, in the case of e-mail, compressed encryption after the 7BITS encoded ciphertext may be shorter than the plaintext, which saves the network transmission time. On the other hand, the plaintext is compressed, in fact, the equivalent of a transformation, the information is more cluttered, the ability to resist plaintext attacks more powerful. The PKZIP algorithm used in PGP is approved by the original author. The PKZIP algorithm is an accepted compression algorithm with a fairly good compression rate and compression speed. The PKZIP version 2.0 compatibility algorithm is used in PGP. OK, I'll introduce the security of PGP in the article "Security of PGP". I've talked about it so much just to let everyone know that PGP is safe, as long as you follow the right way to use it. For the installation and use of PGP, please refer to the article "the installation and use of PGP 2.6.3i". If there are some words that are not quite clear in the English document, please try to find clues in the article "PGP noun explanation". PGP 2.6.3i is the version of PGP I recommend you to use, please refer to the PGPI question and answer book for detailed questions about this version. In today's Internet, you'll be everywhere with PGP-signed articles, PGPVersion is also being updated quickly, and it is said that PGP 3.0 will be launched in a few months. More and more people in the world use PGP, we Chinese should also pay attention to protect their legitimate privacy rights. I translated and collated the articles in order to promote the use of PGP in China. Although it is a new thing, but we have to see in the Internet Space (cyberspace) it will certainly be able to grow quickly, although China started late, but not much worse than the United States, we should catch up. To force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passed (0 Votes) Original text: PGP Introduction return to Network security home

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.