Pretty Good Privacy (PGP)

Pretty Good Privacy (PGP), an "unofficial" (non-governmental) free email security program, was developed by Phil Zimmerman in 1991. After surviving threats and lawsuits from the NSA and the U.S. government in its early days, PGP established itself as one of the leading encryption utilities for non-governmental agencies and individuals seeking a secure method of electronic communication.

PGP, a "hybrid cryptosystem," relies on a special approach for its data encryption that combines the features of both private and public cryptosystem. Suppose that Alice wishes to send Bob a confidential email using the PGP protocol. PGP first compresses Alice's plaintext document, thereby reducing its size and strengthening its cryptographic security (the reason for the security benefit is that compression reduces the occurrence of patterns in the document that cryptanalysts may exploit to crack its encryption). After the document is compressed, the PGP software generates a session-specific key for it by combining Alice's random mouse movements and keyboard strokes with a probabilistic primality tester. PGP then uses this session key to encrypt the document (the specific type of symmetric key encryption used by PGP in this step is called the International Data Encryption Algorithm (IDEA) and was invented by Xuejia Lai and James Massey in 1991).

Because PGP uses a private-key protocol (IDEA) to encrypt Alice's document, some form of public-key encryption must now be used to securely deliver the session key to Bob. PGP uses the RSA cryptosystem to deliver the session key; it simply encrypts the randomly-generated session key with Bob's public key and then appends the RSA-encrypted session key to the beginning of Alice's session-key-encrypted document. The document and session key are then sent together to Bob. To decrypt Alice's document, Bob first uses his private key to decrypt the session key and then uses the session key to decrypt the document itself.

PGP's strategy of encrypting a document with a session key and encrypting the session key with a public key allows the protocol to avoid much of the computation time associated with encrypting and decrypting long documents with public-key cryptosystems including RSA. Private-key cryptosystems such as IDEA are much more time-efficient and effective in this regard. Furthermore, PGP's method of random key generation prevents the same key from being used by multiple users; it would be incredibly unlikely for two PGP-encrypted documents to use the same session key. PGP is also compatible with the one-way hash digital signing technique described in the "Digital Signatures" section. In order to sign the document that she wants to send to Bob, Alice simply appends her "signed" hash to the rest of the document. When he receives the document, Bob can use Alice's public key to verify her signature (see "Digital Signatures" for more information).