Your Internet Consultant - The FAQs of Life Online

12.6. What about Pretty Good Privacy as a way to protect my e-mail?

Pretty good privacy, commonly known as PGP, is an encryption program that gives your electronic mail something it otherwise would not have: privacy. It can ensure that any text messages--e-mail files, letters to Grandma, whatever, can be read only by their intended recipients.

PGP uses a technique called public key encryption in which a message's sender and recipient hold two keys: a public key and a private key. When you want to send an encrypted message to someone, you encrypt it using their public key. Then only their private key can unlock the message.

Example: When encrypted, a message looks like a meaningless jumble of random characters. Here's an unencrypted message:

Your Internet Consultant - the FAQs of Life Online
by Kevin M. Savetz ... ISBN 0-672-30520-8
Buy as many as you can afford! Makes a great stocking stuffer!
Here's an encrypted version. Only the person for whom it is intended will be able to decode it. It works wonderfully, but it won't sell a lot of books.
-----BEGIN PGP MESSAGE-----
Version: 2.3

pgAAAKku9D8whJCJZN8jx9Am4xKDrg8UrjHPhA5FF1EtxOWFXw+nltb+Ar52FMEr
eLs2kYg8PJdxfAN1F2dIJbGSEO1a7NT4gOBINfBFG+iG4DEd/Vbgs7A/S9wB8K1Y
GUSY4gNZXQIKMKGMK4vRxbkMCS9OdSpUdb2JhLlPHwlQuK9TEBZLygDkRi2diDgi
+c3Bt4kTfNbg11auJtK+SfY5ENunsEhsdMrqT2oi
=1xYk
-----END PGP MESSAGE-----
PGP is very controversial, both legally (because of patent rights and export laws) and politically (because it gives individuals the power to ensure their own right of privacy). PGP is contraband: if you live in the USA, and you are not a Federal agency, you shouldn't actually run PGP on your computer. Still, it is freely available and is the most powerful encryption tool available to the masses.

I highly recommend that you grab and read the alt.security.pgp FAQ list. It does a great job of answering many questions about PGP and certainly covers PGP in more depth than I can here. It is available via anonymous FTP from

rtfm.mit.edu:/pub/usenet/alt.security.pgp/alt.security.pgp_FAQ*
What is PGP? Why should I encrypt my mail? I'm not doing anything illegal! What are public keys and private keys? How much does PGP cost? Is encryption legal? Is PGP legal? Is there an archive site for alt.security.pgp? Is there a commercial version of PGP available? What platforms has PGP been ported to? Where can I obtain PGP? Why does it take so long to encrypt/decrypt messages? How does PGP handle multiple addresses? How can I use PGP to create a return receipt for a message? Where can I obtain scripts to integrate pgp with my email or news reading system? Can I be forced to reveal my pass phrase in any legal proceedings? What are the Public Key Servers? What public key servers are available? What is the syntax of the key server commands? Glossary of Cryptographic Terms United States Congress Phone and FAX List Macintosh users should get the "How to MacPGP" guide, which is available via e-mail.
To: qwerty@netcom.com
Subject: Bomb me!
Body: <message body is ignored>
Note: For more general information about cryptography, read the "Cryptography" FAQ. This huge FAQ list is posted to the newsgroups sci.crypt, talk.politics.crypto, sci.answers, and news.answers every three weeks. It is also available via anonymous FTP. rtfm.mit.edu:/pub/usenet/news.answers/cryptography-faq/*

Table of Contents | Previous Section | Next Section