Pretty Good Privacy, known as the PGP, is a popular program for encryption and decryption of data, providing security services for electronic mail messages and data files.
Created by Philip Zimmermann in 1991, this program has been widely used throughout the global computer community to protect the confidentiality and integrity of the users’ data, giving them the privacy of delivering messages and files only to their intended individual or authorized person (Singh, 2012). Not only being useful for individuals as a privacy-ensuring program, it has also been used in many corporations to protect their company’s data from falling into the wrong hands (Rouse, 2005).
This program uses mainly on the concept of cryptology. Cryptology is the study about secret communication between two parties, where there is a presence of a third party known as adversaries, and that party knows nothing about the content of the communication (Rivest, 1990).
The security that PGP offers basically is on the encryption and decryption concept, touching on different kind of keys such as public keys and conventional keys, hash function, digital signatures and sometimes a combination of a few methods to make sending data to the right and authorized recipients even more secure. Moreover, following the Internet Standard Track, this program is currently being of the trusted program that is widely used (Stallings, 2011).
2. CRYPTOGRAPHY IN PRETTY GOOD PRIVACY PROGRAM
Generally, the Pretty Good Privacy (PGP) program is all about cryptography, whereby the basic of it is encryption and decryption. Encryption is a process of encoding message, to the extent that the meaning of the message is not obvious or cannot be read using normal language, known as the ciphertext (Pfleeger, C. P. & Pfleeger, S. L., 2006). For decryption, it is the reverse process of encryption, changing cipertext back to the original form of message (Pfleeger, C. P. & Pfleeger, S. L., 2006). Figure 2.1 below shows the process of encryption and decryption.
Figure 2.1: The process of encryption and decryption. (Modified from Network Associates, Inc.,1999).
2.2 Types of Keys Used In PGP
For encryption and decryption process, there are many types of method or known more as different kind of keys for the process to occur. For the PGP, it make used of a few popular kind keys for its program.
2.2.1 Symmetric Key
Symmetric-key encryption, also known as the secret-key, for conventional cryptography, is a one key used for both the encryption and decryption process. One simple and common example of conventional cryptography is the Caesar Cipher.
The following example uses Caser Cipher concept, using encryption key “+3”.
Normal A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Shift 3 D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
From the above, a normal message “THIS IS A SECRET MESSAGE”...