*[Note. This article is adapted from an earlier version that originally
appeared in the February 2000 issue of Archive magazine.]*

Have you ever thought about the privacy of your e-mail? A message sent over the Internet usually passes through several relaying hosts before reaching its destination. Anyone with privileged access to any of those computers can easily read it, just as a post office worker handling a postcard in transit can read its contents. There is also a risk of hackers.

In August 1999, hackers discovered a way to breach the security of Hotmail e-mail accounts, and the details were made public on the Internet, thus putting the privacy of 50 million subscribers at risk. The entire Hotmail system was closed down for a short time, while steps were taken to fix the problem. Can you be confident that your e-mail is secure?

Encryption is often used to ensure privacy. In the more traditional type of cryptography, the same secret key is used to encrypt and decrypt a message. Such a key must be exchanged before the message is sent. However, this is of little use if you want to send a one-off confidential message to someone in a different part of the world. If you have a secure means of transmitting a secret key, you might as well send the message itself!

Even if you can somehow exchange secret keys with all your correspondents (say, by slow postal mail), you would still need to exchange different keys with all of them individually. This would be very cumbersome.

Perhaps you think you have nothing to hide and don't need secure e-mail. Would you ever find it embarrassing if your e-mail is read by your sysadmin, your employer, your ISP, an unknown hacker, or government intelligence agencies? Do you ever use e-mail to transmit confidential information like business plans, character references, credit card numbers, political strategies or love letters? Would you like to use digital signatures to ensure that your e-mail is tamper-proof?

If you can answer "yes" to any of these questions, you will find public-key cryptography useful.

The secret key, as its name suggests, is kept secret (in practice, it's strongly encrypted in the user's computer with a passphrase).

The two keys are mathematically related in such a way that any message encrypted with the public key can be decrypted only with the corresponding secret key, and vice versa. Anyone can send you a secure message by encrypting it with your public key. Since you are the only person who has access to your own secret key, no one else will be able to decrypt the message.

For such a system to be secure, it must be designed so that it is computationally infeasible to discover a secret key from a knowledge of the corresponding public key.

Thus, digital signatures can be used to authenticate messages and prevent forgeries or tampering. If a single byte of a message is changed in transmission, the digital signature would not be valid. Digital signatures based on modern cryptosystems are virtually impossible to forge in practice - much more so than ordinary handwritten signatures.

As an example, consider the relation *N* = *pq*, where *p*
and *q* are prime numbers. (A prime number *p* is a whole number
which has no divisors except 1 and *p* itself.) Even if *p* and
*q* have several hundred digits each, a simple program can be written
for any modern computer to calculate their product *N* in a negligible
amount of time. However, if only *N* is given, the problem of finding
its prime factors *p* and *q* would require many millions of years
of computation, using any known technology.

The one-way function described above is essentially the basis of one of the most popular public-key cryptosystems, the so-called RSA system, named after Rivest, Shamir and Adleman, who proposed it in 1978. The extreme difficulty of finding the prime factors of huge numbers explains why it is not feasible to determine a secret key if the corresponding public key is known.

PGP provides facilities for generating new key pairs, encrypting or decrypting messages, checking digital signatures, etc. The user need not be concerned with the mechanics of these processes. PGP automatically takes care of all the "bookkeeping".

Readers can download the program itself for many different computer systems, and also further information about PGP for beginners, from my page Introduction to PGP.

Back to main PGP page for general information about PGP.