PGP (pretty good privacy) is a program that lets users encrypt data for secure and private communications. A user can encrypt a message with PGP and transmit it knowing that only a user with the matching decryption key will be able to decrypt and read the message.
PGP was created in 1991 by Phil Zimmermann. He originally developed it to secure email messages. It is still good for keeping email communication secure, but it has since been used in many other data security applications, such as encrypting files, folders, and even full disk partitions.
PGP is a widely used encryption standard. One of the reasons for its popularity and longevity is that it works. PGP can make it impossible for hackers to read intercepted emails by encrypting the content and turning it into gibberish for anyone that doesn’t have the decyrption key. Unencrypted email and other data is not safe from hackers who want to spy on private email communications.
How does PGP work?
PGP works through a combination public-key cryptography, data compression, hashing, and symmetric-key cryptography. PGP keys are generated by the software after imputing an email address and password. This makes each PGP public key bound to a single email address. This process will generate two keys, a public key and a private one. The public key can be freely shared, sent in messages or posted to a website. The private key is just how it sounds–private. Keeping PGP encryption secure means keeping the private key private. Don’t share it. Don’t transmit it.
A PGP public key looks something like this:
—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: BCPG C# v188.8.131.52 mQENBFQvT+cBCACbX5v1W0t/C90d26HLIMO7JkPKiOatXzwuxxr0dQ1FrdLRD1nhWcM3W/IQj/
—–END PGP PUBLIC KEY BLOCK—– “
To send an encrypted message with PGP, the sender will use the recipient’s public key to encrypt the message. The message actually transmitted will come in an unreadable block of text like this:
—–BEGIN PGP MESSAGE—–
Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com
—–END PGP MESSAGE—–
The recipient will have to use their private key–the one that they never share–to decrypt the message. Like any piece of digital data, a private key can be stolen, but it cannot be intercepted if it is never transmitted. The only person that should know how to access the private key is the intended recipient. Only the private key can decrypt the message and make it readable again. A PGP private key looks like this:
—–BEGIN PGP PRIVATE KEY BLOCK—–
Version: BCPG C# v184.108.40.206
—–END PGP PRIVATE KEY BLOCK—–
**Quick note: The public and private keys as well as the encrypted message were shortened to make this post more readable. Actual public and private key are much longer.
The Wikipedia article on PGP has a helpful diagram that outlines the main steps a message goes through between being encrypted and decrypted.
PGP also lets the user digitally sign messages and files they write. Even if the message or file itself is not encrypted, PGP can validate the signature using the same public/private key method. This digital signature can be used both to identify the sender as well as to verify that the content of the message has not been altered in any way during transmission.
A recent version of ASPG’s MegaCryption software includes improved speed for working with OpenPGP encryption.
MegaCryption 6.4.1 developments include increased key storage and creation options, accelerated speed for OpenPGP decryption, enhancements to ISPF, as well as additional JCL procedures. With these enhancements, data centers are presented with an array of dynamic features to increase encryption/decryption speed, key management options, and accessibility of cryptographic approaches.
MegaCryption supports OpenPGP, as well as AES 128 and 256, RSA, CAST-5, DH-ELGAMAL, DES, and many other encryption algorithms. All these encryption standards have the same end goal–keeping sensitive data secure. If your organization has sensitive data it needs to secure, sign up for a free trial of MegaCryption.