Securing Email Messages and Files Using PGP

By Dan DiNicolo, December 21st, 2004 Posted in Security. Subscribe to our RSS Feed

The purpose of your public key is to allow other users to send encrypted messages to you. You did read that correctly. For example, for Bob to send you an encrypted message, he must have your public key. When he sends a message encrypted with your public key, the only way it can be decrypted is if the associated private key is used, and you’re the only one that has it.

This is why your public key can be freely distributed - if any messages are encrypted with it, only your private key can decrypt them. Along the same lines, if you wanted to send an encrypted message to Bob, you would need his public key to do it.

In reality, public key encryption is computationally taxing, so the manner in which PGP works is a variation on this theme. When Bob wants to send you a message, he creates a one-time-use session key. This session key is used to encrypt the message. Then he encrypts the session key using your public key, and sends both the encrypted message and encrypted key to you. Upon receiving the message, your private key first decrypts the session key, and then uses the session key to decrypt the message.

Although it sounds complex, this method is much less computationally taxing than straight public-key encryption, which uses much larger keys (2,048 bits). In this case, only the small session key (128 bit) has to be encrypted with the recipient’s public key, rather than an entire message.

Written by Dan DiNicolo - Visit Website

Go To Page: 1 2 3 4 5 6 7

All Tutorials by Category:

Entire site Copyright © 1999-2007 2000Trainers.com, all rights reserved.
Content on this site may not be copied or reproduced in any way without permission.

IT Showcase