PGP for secure e-mail

by Nat Queen

[Note. This article is adapted from an earlier version that originally appeared in the February 2000 issue of Archive magazine.]

Have you ever thought about the privacy of your e-mail? A message sent over the Internet usually passes through several relaying hosts before reaching its destination. Anyone with privileged access to any of those computers can easily read it, just as a post office worker handling a postcard in transit can read its contents. There is also a risk of hackers.

In August 1999, hackers discovered a way to breach the security of Hotmail e-mail accounts, and the details were made public on the Internet, thus putting the privacy of 50 million subscribers at risk. The entire Hotmail system was closed down for a short time, while steps were taken to fix the problem. Can you be confident that your e-mail is secure?

Encryption is often used to ensure privacy. In the more traditional type of cryptography, the same secret key is used to encrypt and decrypt a message. Such a key must be exchanged before the message is sent. However, this is of little use if you want to send a one-off confidential message to someone in a different part of the world. If you have a secure means of transmitting a secret key, you might as well send the message itself!

Even if you can somehow exchange secret keys with all your correspondents (say, by slow postal mail), you would still need to exchange different keys with all of them individually. This would be very cumbersome.

Public-key cryptography

Public-key cryptography overcomes these problems. As explained below, it enables you to communicate securely with people you have never met, over insecure channels, without first exchanging secret keys.

Perhaps you think you have nothing to hide and don't need secure e-mail. Would you ever find it embarrassing if your e-mail is read by your sysadmin, your employer, your ISP, an unknown hacker, or government intelligence agencies? Do you ever use e-mail to transmit confidential information like business plans, character references, credit card numbers, political strategies or love letters? Would you like to use digital signatures to ensure that your e-mail is tamper-proof?

If you can answer "yes" to any of these questions, you will find public-key cryptography useful.

Key pairs

Each user of a public-key cryptosystem has a pair of keys: a public key and a secret key. The public key can be made available to anyone who wants it. It is even advantageous to publish it in an open directory, like telephone numbers in a telephone directory.

The secret key, as its name suggests, is kept secret (in practice, it's strongly encrypted in the user's computer with a passphrase).

The two keys are mathematically related in such a way that any message encrypted with the public key can be decrypted only with the corresponding secret key, and vice versa. Anyone can send you a secure message by encrypting it with your public key. Since you are the only person who has access to your own secret key, no one else will be able to decrypt the message.

For such a system to be secure, it must be designed so that it is computationally infeasible to discover a secret key from a knowledge of the corresponding public key.

Digital signatures

A byproduct of such a cryptosystem is the possibility of creating digital signatures. To see how this is possible, suppose that you encrypt a message with your own secret key. Since the public key reverses the action of the secret key, anyone with access to your public key can decrypt the message. If the message decrypts correctly, this proves that it was created by you, since nobody else has access to your secret key.

Thus, digital signatures can be used to authenticate messages and prevent forgeries or tampering. If a single byte of a message is changed in transmission, the digital signature would not be valid. Digital signatures based on modern cryptosystems are virtually impossible to forge in practice - much more so than ordinary handwritten signatures.

How it works

Public-key cryptosystems are based on what mathematicians call "one-way functions". A one-way function is a relation between two objects A and B such that B can be readily calculated from A, while there is no computationally feasible way of determining A from a knowledge of B.

As an example, consider the relation N = pq, where p and q are prime numbers. (A prime number p is a whole number which has no divisors except 1 and p itself.) Even if p and q have several hundred digits each, a simple program can be written for any modern computer to calculate their product N in a negligible amount of time. However, if only N is given, the problem of finding its prime factors p and q would require many millions of years of computation, using any known technology.

The one-way function described above is essentially the basis of one of the most popular public-key cryptosystems, the so-called RSA system, named after Rivest, Shamir and Adleman, who proposed it in 1978. The extreme difficulty of finding the prime factors of huge numbers explains why it is not feasible to determine a secret key if the corresponding public key is known.

PGP

The RSA system has been implemented in PGP, the standard program for secure e-mail. PGP, which stands for Pretty Good Privacy, was originally created by Philip Zimmermann, the first person to make military-grade cryptography available to the masses. Since then, PGP has undergone numerous revisions. Freeware versions of PGP exist for all major operating systems. With certain limitations, the different versions are interoperable.

PGP provides facilities for generating new key pairs, encrypting or decrypting messages, checking digital signatures, etc. The user need not be concerned with the mechanics of these processes. PGP automatically takes care of all the "bookkeeping".

Readers can download the program itself for many different computer systems, and also further information about PGP for beginners, from my page Introduction to PGP.

Back Back to main PGP page for general information about PGP.

Back Back to page for RISC OS security software.