What is PGP?

Pretty Good Privacy for applying cryptographic privacy and authentication to online communications

Image for post
Image for post

PGP stands for Pretty Good Privacy. It’s an encryption program that applies cryptographic privacy and authentication to online communications. PGP is most commonly used for keeping contents of emails encrypted and private. OpenPGP is an open source version of PGP that has become widely used.

How Does PGP Work?

PGP encrypts the contents of an email, so that unwanted third parties aren’t able to view your email messages. Typically, a user will install a program on their computer that will work with an email client, like Gmail or Outlook, and apply the PGP encryption to the emails they send.

Google lets Chrome users implement PGP with a browser extension for Chrome. Yahoo also offers an encrypted version of its email service, that uses Pretty Good Privacy.

PGP uses a public key and a private key. The public key allows anyone to encrypt the contents of their messages before they send it. The private key is what lets the recipient of a message decrypt the contents of that message.

There are currently multiple versions of PGP in production. The Diffie-Hellman and RSA versions are both PGP, but they don’t work with each other, since the encryption algorithms are unique.

Image for post
Image for post

PGP keeps the contents of your email messages encrypted, but it does not encrypt the subject line of your emails. It’s vital that you don’t include sensitive information in the subject line of your email.

PGP encryption uses a combination of hashing, data compression, symmetric-key cryptography, and finally public key cryptography. Each step in the process uses one supported algorithm

Example of PGP Encrypted Message

Version: PGPfreeware 6.5.8 for non-commercial use
hQEMA+C7envFYmALAQf/YMlqlvE7jYFqNyTMQXAv6p2PrGc94Nyrbviva+OJJxUBdzfCqCgvBN6k07O/lDdSXXfS4hibsviNizr3iAe4AfmjERbQTyT4OzfILLOB9Wrk6Fvq3W035p+rHF9gTcflA1F0oxymwGF22J9QXHsoFUdkU43rfCFkp/nuBWAMY5dU3Snlq403WionmLqbzMK6uZ6ItbKncPWYE62P2x44WUFdBi82TI8E126YLztwtotOK0Tam+Ew5t9g0CS9+cU9gJV+GdTWFiCVs+Gt3EvbrE2suIL6jCOPGL3OrB/pQbV7mtlZ8360i7OoxpT7ShCB4yGCVMpjG7EW+j080Mx5+KUBiOpXa7WFvbg5HWC5iIWmiauq+UG2WUz+53NauJqcCp/LAHyw4inVuAbYojKjKjCJodv5O6KPtg86e3rCoe7AKMorDefZd+Uuu3bLzCQgZQYabEalJN+QLa8N4axdvlcF4ZLF9CciOZXWcBL33wI+wLMIwR06/bUllUw+rPJzFYU0qXpaUkbEpAFgz2ocGsgQ1ORwtZX/qqGMfzleyW+6oWdLZSM2VhYw1gVuPCcg1sf1RXEAQ/AwI9JWITRgwDUXY+7QE/nAkd0AGGoJkF//ZlsQVyDMRyK6zkzNWM8b00AxtXshAEgEvulhdm13g/aiMzgCzTWBSjm2F5/7N5Xb AGUPQW76IEOM4XUaBbAzC8i4nLEfvccO50urUIzt8OC/JkR4haCdtMFswQUuzZ36UesUCXpoQTGE89hPW3CSd41ddCOc5IllQZVqwVuIG8XkwzBsXIpG1lIe+5AA+dK2FyvGBbSkdwh72gPzXRYc9AFT4Rqr8tK1rsod0+tho2DzZZW2gVS0wHrB =FfuE
— — -END PGP MESSAGE — — -

Limits to PGP

As other applications of cryptography have advanced, certain aspects of PGP have faced criticism. The long, complex PGP public keys make using PGP slightly more complicated. Mixing up just a single character in these long series of characters makes the key useless.

Pretty Good Privacy itself is quite simple, but users with introductory knowledge to computers and technology will have a hard time using the technology.

Although PGP is a well-respected cryptographic protocol for protecting emails, it’s yet to be adopted on a broader scale. Finally, PGP lacks perfect forward secrecy, because if someone comes across a user’s private key at any point, they can decrypt that user’s communications.

How to Use PGP

Better Programming

Advice for programmers.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store