Pretty Good Privacy (PGP)

Transcription

1 Pretty Good Privacy (PGP) Contents...1 Abstract...2

2 Introduction...3 The importance of the cryptography...4 The idea about how (PGP) works...5 Legal issues surrounding (PGP)...6 The implementation and the use of (PGP)...7 Conclusion...8 References...9 Abstract Pretty Good Privacy (PGP) is a system which is used for the purpose of secure s and messages communication over open network. The idea of (PGP), introduced in this paper, therefore it is an attempt to outline the importance of secure and efficiency of messages, the propose of this paper is to provide clear and certain idea about (PGP) as security tool which enables the users to secure their damaging information, and sensitive data by making their stored documents and s safe and secured. This paper illustrates (PGP) as powerful and modern system, with increasing in operation automation and integration as

3 result of the growth in computer networkers, the paper has been divided into four parts each part discuses specific part of Pretty Good Privacy (PGP). Introduction Encryption is an old science, and as the use of computer has become more powerful the number of users who use encryption has grown and grown. Organisations officials grew increasingly concerned about the wide spread available of encryption techniques. Although encryption has perfectly valid uses for every day citizens, it is also a powerful tool for tasks are done within profitable or governmental organisation. In 1991 Senate Bill 266 (a sweeping anti crime bill) had a minor point those reuired government accessible back doors in all encryption tools. While this idea was under study and discussion Phil Zimmermann combined some common of encryption methods to produce the software he named Pretty Good Privacy or PGP. The ideas behind (PGP) were known and understood by computer scientist and mathematicians for certain yeas, which means that the main concepts were not exactly innovation. The real innovation of Zimmermann was making these tools usable by anyone with a home computer. Even early version of (PGP) gave users with standard

4 operating system based home computers access to military grade encryption in the USA. While Senate Bill 266 was still making its way through legislative process an effort was made to make military grade encryption widely available. The software was distributed to a variety of systems as well as on the Internet. Zimmermann a long time believed that (PGP) would be of most use to dissidents, and others who faced serious risks as a consequence of their belief, in other meaning to many people outside as well as inside the USA. Ever since the Second World War, the USA government has considered heavy duty encryption a serious threat to the national security and would not allow it to be exported from the USA (www Wikipedia.org), this provides an introduction about how the (PGP) was written by Zimmermann. Pretty Good Privacy originally was written by Zimmermann in source code, just like that used in any book, and computer tools were used to convert the human readable text into machine readable code. This is standard practice in the computer industry. Zimmermann took the text and had it published in book form, when the book of source code got exported. Then people all over the world have been able to the instructions to build their own (PGP) software. They promptly built the software form those instructions and (PGP) rapidly became a worldwide standard for encryption. Many people (users) find encryption distributing even scary after all, encryption techniques have been military and commercial secrets for millennia. Movies and novel use encryption as their plot demand, with total disregard for how encryption works in reality. ( Lucas, michael, 2006). The importance of the cryptography The first part starts by giving brief definition to cryptography in relation of protecting the information and keep it safe and secret. The cryptography is the practice and study of hiding specific information; it is used to keep the information secret and safe. When a message is sent using cryptography, it is changed (or encrypted) before it is sent. The change makes the message hard to read. If someone wants to read it, they need to change it back (or decrypt it). How to change it back is a secret. Both the person that sends the message and the one that gets it should know the secret way to change it, but other people should not be able to. There are steps to do that when the message is decoded and sent by the sender choosing appropriate method and after that when it is received decoded by the recipient. Cryptography in digital world offers three core areas that protect data from attempt to be taken, taking or an unauthorised use of data and. Cryptography covers these essential areas authentication, integrity, and confidentiality. Authentication; Authentication is a process in Cryptography that offers certificates as a solution, which are called digital IDs, they can be used to verify the identity of unauthorised person who is after to access secret data.

5 Integrity; Integrity is about how to protect data, corresponding to that certificates it can be used in another technique that s digital signatures, can be easily forgotten but it s very hard to forge a digitally signed message and so it s hard to modify or manipulate a message that is digitally signed. Confidentiality; by using the intelligent system that knows how to encrypt and decrypt data information can be kept secret especially when there are sensitive data over a network such as financial transactions, or personal records, other secret information. Cryptograph also known as secret key it has been in use for thousands of years in forms ranging from simple substitution to more complex constructions. However, developments in mathematics and the growth of computing power have made it possible to create this system is effectively and unbreakable. To encrypt and decrypt the data cryptography uses a single private key. The party having this key can use it to encrypt and decrypt data. The algorithm used in cryptography is fast and suitable for processing large streams of data in modern times cryptography can be a part of mathematics and computer science, and it is related to information theory computer security, and studying of engineering. Cryptography can be used to protect different kinds of information such as keeping information in bank cards, computer password, and the internet. The idea about how (PGP) works The second part of this paper discuses how the (PGP) works in term to explain that, it would be useful and helpful by giving precise definition of (PGP). Pretty Good Privacy is a computer program that provides cryptographic privacy and authentication. (PGP) is software which is used often for signing, encrypting and decrypting s to increase the security of communication it was created by (Philip Zimmermann) as it is mentioned in the introduction. To more specific it is a program that gives electronic mail something that does not have. It provides this by encrypting the mail so it cannot be readable by any other user, when the message is encrypted it is made to look like meaningless, and that the idea of (PGP) works. It has been proven that (PGP) is a very capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text. (PGP) can be used to apply a digital signature to a message without encrypting. This is used in public posting where the message not needed to be hidden, but rather is needed to be allowed to the other users. Once a digital signature is created, it is impossible for any to modify either the message or signature without the modification being detected by (PGP).

6 Legal issues surrounding (PGP) The third part of these paper discuses the legal issues surrounding (PGP) as a lot of people claim that (PGP) is illegal. There are three spread reasons why they might claim that, it probable but not certain that (PGP) falls under the (ITAR) restrictions, which control the export the monitions and cryptographic technology form the (USA) and (Canada). The legal status of Pretty Good Privacy can be summarised to give clear image about it, for the users in the (USA) and (Canada) (PGP) should be used via (VIACRYPT PGP) or (MIT PGP 2.6), which should be bought, otherwise it will be infringing the patents held by(pkp) which should be paid for. If the users from outside the (USA) or (Canada) (PGP) can be used without having any legal issue and there no problems of using international (PGP) (version 2.6.2i), and talking to other versions. Because (2.6.2i) is endorsed by (Philip Zimmermann) for the use outside the (USA), and is faster and more compatible than any other version of (PGP). Fortunately for users outside the (USA) it has been possible to export the non encryption parts of the (PGP) source code, and the plug in the original encryption system from (PGP2.3) and that is illegal in the (USA) ( it is illegal to send encrypted message in some countries and network ) (Simmon Garfinkel, 1995). The implementation and the use of (PGP) Having a clear idea about (PGP) and how it can be used to keep data and information safe in this forth part of this paper outlines about the implementation of (PGP) and how to get the most benefit of this brilliant program, and it may be the best way to do that by bringing

7 considerable question to our attention which is why is (PGP) the case to encryption? An explanation can be provided as response to this question. As huge number of electronic messages are being passed every day between the world`s networks, users use electronic mail for the same purpose which they have historically used paper mail, the telephone and fax machines. Most of electronic mails are routines, many of them speed business transactions. Unfortunately, most of these electronic mails are vulnerable. The Internet is expanding doubling in size every year. Electronic mail one of the reasons for this fantastic growth, electronic mail is being sent almost free, and it is used to send document that can be edited and reviewed by other people, nowadays contacts, business plans, proposal, and even books routinely set by . With considering using (PGP), that means there is concern about the information that stored on the computers or transmitted by communication systems, but if there is intention to take time to use (PGP) program, it should be an overall strategy of computer security at the same time with that, so the extra effort in encrypting data is not undone by some problems. Computer security has got different meaning to different users. In general, though, the security of computer concerned with several fundamental goals and aims such as, privacy, integrity, and availability (Simmon Garfinkel, 1995). Privacy is one goal of computer security it is used to keep the private documents private and secured. While this goal is sometimes addressed with encryption, it is also handled with password and other access control systems. Integrity is another goal of computer security is to make sure that data and applications are not modified without consent. Availability actually the previously described goals are designed to ensure another goal that computer and the data it contains are available when they are needed. An effective computer plan includes many other important components. Such as physical security, all these goals work together to keep the system running smoothly and securely. Conclusion To conclude (PGP) has been increasingly becoming such a significant system in our life, as the use of the computer and the networks has became fundamental element, in the system communications around the world. This part comes at the end of this paper to discuss how (PGP) is used and use encryption well. Encryption can be used by any one. Unfortunately, it is also true that it can be used badly. In fact using encryption badly is worse than not using encryption at all. Because when encryption is not used the files and s messages that contain important information are created more carefully to be kept safe and secured. However when bad encryption is used by users it might lulled into false sense of security while confidential information remains available and it can be accessed and damaged.

8 References 1/ (Lucas, Michael, 2006) PGP and PGP for the Practical Paranoid ISBN: / (Simon Garfinkel, 1995) Encryption for Everyone PGP Pretty Good Privacy First edition ISBN / ( 4/ ( )