Introduction#
Recently, while browsing a blog, I came across the author's PGP Key page. Although I knew it was used for encrypting email communication, I wasn't clear on the specifics and usage. So, I took some time to research and compile some information about PGP encryption.
Definition of PGP#
Pretty Good Privacy (PGP) is an encryption program that provides encryption privacy and authentication for data communication. PGP is used to sign, encrypt, and decrypt text, emails, files, directories, and entire disk partitions, enhancing the security of email communication. PGP encryption uses hashing, data compression, symmetric-key encryption, and finally, a combination of public-key encryption. The most crucial aspect is the combination of two forms of encryption: symmetric cryptography and asymmetric cryptography.
Working Principle of PGP#
In the process of implementing PGP encryption, the original data is first encrypted using a symmetric-key encryption algorithm. Symmetric-key encryption algorithms include DES, AES, Blowfish, etc., which can quickly encrypt and decrypt data but require a shared key between the sender and receiver.
To avoid transmitting the key over the network, PGP uses public-key encryption algorithms. Public-key encryption algorithms are algorithms that use different keys for encryption and decryption, with the public key used for encryption and the private key used for decryption. Public-key encryption algorithms include RSA, DSA, etc., which have high security but are much slower in encryption and decryption compared to symmetric-key encryption algorithms.
PGP encrypts the symmetric key and uses the receiver's public key for encryption. This ensures the security of the key and ensures that only the receiver can decrypt the symmetric key, thereby protecting the confidentiality of the data. The receiver uses their private key to decrypt the encrypted symmetric key and then uses the symmetric key to decrypt the data. This method ensures both the security of the data and improves the speed of encryption and decryption.
PGP uses two types of encryption algorithms to protect data: symmetric-key encryption and public-key encryption. Symmetric-key encryption is an algorithm that uses the same key for encryption and decryption, requiring the key to be shared between the sender and receiver. Public-key encryption, on the other hand, is an algorithm that uses different keys for encryption and decryption, with the public key used for encryption and the private key used for decryption. Below, I will briefly explain the working principles of these two algorithms.
Symmetric-Key Encryption#
Symmetric-key encryption is an algorithm that uses the same key for encryption and decryption, requiring the key to be shared between the sender and receiver. The process of symmetric-key encryption is as follows:
- The sender selects an encryption key and uses it to encrypt the original data.
- The encrypted data is sent to the receiver.
- The receiver decrypts the encrypted data using the same key.
Although symmetric-key encryption is very efficient, it has an obvious drawback: the need to share the key between the sender and receiver. If this key is obtained by a hacker or someone else, the data will not be protected. To address this issue, PGP uses another encryption algorithm: public-key encryption.
Public-Key Encryption#
Public-key encryption is an algorithm that uses different keys for encryption and decryption, with the public key used for encryption and the private key used for decryption. The process of public-key encryption is as follows:
- The sender obtains the receiver's public key and uses it to encrypt the symmetric key.
- The encrypted symmetric key and encrypted data are sent to the receiver.
- The receiver decrypts the encrypted symmetric key using their private key.
- The receiver decrypts the encrypted data using the decrypted symmetric key.
Public-key encryption allows the sender to encrypt data using the receiver's public key without the need to share a symmetric key. This way, even if a hacker obtains the encrypted data, they cannot use it because they do not have the receiver's private key to decrypt the symmetric key.
PGP Example#
Let me give you an example using commonly used encrypted emails. The specific workflow is as follows:
User A wants to send an email to User B.
- User B generates a pair of keys (public key and private key) and sends the public key to User A.
- PGP software generates a random session key using an algorithm. This key is a large number and is only used once.
- User A encrypts the email using the generated key and encrypts the key using User B's public key.
- Finally, User A sends the encrypted email and key to User B, who decrypts it using their private key to obtain the session key and decrypt the complete email.
Uses of PGP Encryption#
PGP has three main uses:
- Sending and receiving encrypted emails.
- Verifying the identity of the person who sent you the message, i.e., digital signature verification.
- Encrypting data.
Among these, sending secure emails is the primary application of PGP to date. Digital signatures are a technology based on public-key encryption used to prove the sender's identity and message integrity and prevent message tampering. The sender encrypts the message's digest using their private key to generate a digital signature. The receiver decrypts the digital signature using the sender's public key and generates the message's digest, comparing the two digests to verify the message's integrity and identity. If the digital signature verification fails, it indicates that the message may have been tampered with or comes from a forged sender.
Summary#
PGP uses symmetric-key encryption algorithms to protect data confidentiality, public-key encryption algorithms to protect the security of symmetric keys, and digital signature technology to verify message integrity and identity. This combination of symmetric-key and public-key encryption allows for a balance between security and efficiency. PGP has become a widely used standard for data encryption and digital signatures, protecting user privacy and security.
References#
Pretty Good Privacy - Wikipedia
What is PGP Encryption and How Does It Work? | Varonis
Public Key Cryptography Simply Explained | Hacker Noon
Welcome to visit my personal blog: 方寸之间