Cryptography for the Rest of Us

By Tim O'Connor

At its heart, cryptography is the science of scrambling information so it is meaningless to a random observer but useful to the legitimate recipient, who must possess a secret key that allows the information to be unscrambled.

Once the specialty of spymasters, strong cryptographic tools are now available for personal use, so even modest desktop computers can be used to protect information from snoopers. Perhaps the most prominent encryption software today is PGP (Pretty Good Privacy), which is available for DOS, Mac, OS/2, Amiga, VMS, and Unix platforms. PGP was written by Phil Zimmermann, a programmer who is fascinated by cryptography and its practical applications, and who has a keen interest in maintaining personal privacy.

The Key to Cryptography

A traditional weak point of cryptography has been in getting the secret key that unlocks an encoded message into the hands of the intended recipient. For example, if your communications were monitored by an enemy, and you transmitted the secret key that could unlock your documents, the key itself might be intercepted. This would allow the enemy to decode your later messages, or in some cases to impersonate you by encoding messages with the key.

In 1976, Whitfield Diffie and Martin Hellman invented a new technique known as public-key encryption (reported in IEEE Transactions on Information Theory, Nov. 1976). The Diffie-Hellman algorithm involves the concept of a pair of secret keys. Information generated by the secret keys can be exchanged between two parties to create a "session key," which is then used to encrypt subsequent messages.

In 1978, mathematicians Ron Rivest, Adi Shamir, and Leonard Adleman invented a public-key algorithm known as RSA, which can be used to encrypt a message and to create a digital signature of it. So, a message can be scrambled, requiring the private key to unlock it. In addition, the message might be transmitted without scrambling, but with a digital signature (a kind of electronic certificate) attached, or it can be both encrypted and signed. The signature allows the recipient to verify that the message has not been changed in any way in transit, and that it was truly created by the person who signed it, thereby preventing the distribution of forged messages.

PGP is built around several algorithms, including RSA.

For most people, it is not necessary to contend with the mathematical principles behind PGP. However, having a basic knowledge of how the software works will help you make the most efficient use of encryption and digital signatures. Consider investing in one of the standard PGP books, Protect Your Privacy: A Guide for PGP Users, by William Stallings (Prentice-Hall, 1995) or PGP: Pretty Good Privacy, by Simson Garfinkel (O'Reilly and Associates, 1995). Each provides background details and plenty of helpful hints.

The Key to PGP

At the most basic level, you will need to perform the following steps after you install PGP on your system, following the instructions that come with the software:

  • Generate your own pair of private and public keys. You will keep the private key for your own use only, protected by a secret passphrase you select. You will eventually release the public key to the world. You will need to supply the secret passphrase to your computer each time you use one of your keys to encrypt, decrypt, or create a signature for mail or files. (This is similar to selecting a secret PIN when you get a new bank ATM card.)
  • Sign your own public key, certifying to the world that you yourself are the owner of the key. (This is like calling your credit card company to activate a new credit card that has arrived in the mail.)
  • Get a handful of friends who use PGP, and have them sign your public key, which indicates that each of them certifies that you are who you claim to be. Each of you should sign each other's public keys. (This establishes your identity, albeit informally.)
  • If you can get several widely known PGP users to vouch for your identity, add their signatures to your key as well. This activity is known in the PGP world as establishing a "web of trust." For example, you may receive my key and may not know who I am, but if my key has been signed by people you know and trust, you may be willing to add me to your keyring with reasonable confidence that I am who I say I am. (As with social introductions, you rely on the trustworthiness of the person introducing you.)
  • After you have accumulated several signatures on your public key, extract the key to a text file. You can then make the key available, as a block of text, available to anyone on the Internet. Some people distribute their keys through the World-Wide Web. (You can examine or download a copy of my public key at any time.) Others put them in their accounts, so that when the account is fingered, the key will be displayed. There are also "key servers" on which you can post your key. (People can only communicate with you securely when they have a copy of your key.)

You will also want to extract your key's "fingerprint," so that people who retrieve your key from the Internet can verify that the key's fingerprint matches the fingerprint you have made separately available. (As an example, my PGP fingerprint is available online; it is also in a distinctive section of one of my home pages and on my printed stationery.) Anyone who acquires a copy of your key would want to refer back to some well-known or public source to verify that the freshly added key's fingerprint matches the well-known fingerprint.

Other individuals can add your key to their keyrings. You can add their keys to your ring. Once you have a key on your public ring, you can send encrypted messages to the owner of the key. Only the recipient's secret key will be able to unscramble the message. You can also verify that a digital signature attached to a file or a message matches the key on your public ring. If not, there is the chance that the message in question is a forgery, or has been altered in transmission.

It is considered good practice to create what is known as a key revocation certificate immediately, so that if your secret key is compromised, or you forget your secret passphrase, you can send out a PGP-authenticated message telling the world to invalidate the old key. These techniques, and many others, are detailed in the standard PGP literature.

The most secure use of PGP is to run the program on your own private computer, even though PGP is available for multi-user systems. In theory, if either the multi-user system or the network it is connected to is compromised, or if the system is operated by untrustworthy personnel, your secret key might be captured. Similarly, if you use PGP on a shared personal computer, you may be vulnerable to compromise.

PGP in Action

These are the steps involved in encrypting a message using PGP. Tim O'Connor composes a message to be sent to the writer L. Manning Vines, which says: "I just received your new book."

He sends it to Vines, encrypting it with the Vines public key and signing it with the O'Connor secret key, producing an encrypted, signed message that looks like a block of random characters.

Vines unscrambles the message using his private key, entering his secret passphrase, revealing that the scrambled block of information really says: "I just received your new book."

In decrypting the message, PGP will also attempt to check the O'Connor signature against the public O'Connor key stored on the Vines keyring. If the signature is present on the ring and it matches the signature contained in the scrambled message, Vines knows that O'Connor must be the author of the message.

(If Vines does not have a copy of the O'Connor public key, PGP will still be able to unscramble the message, but will be unable to validate the O'Connor signature. So, Vines would be able to read the message, but he could not be certain that O'Connor is the genuine author.)

O'Connor, meanwhile, knows that only Vines, using his secret "L. Manning Vines" key, can decode the message.

PGP is considered to be a very secure means of scrambling a file. Experts in the field of cryptography, however, admit that they can never predict what new technique may be developed to break an encryption scheme, or what loopholes may eventually be discovered in cryptographic software. This is why Phil Zimmermann modestly dubbed his creation "Pretty Good," acknowledging that only a fool would contend that any new cryptographic technique is completely bulletproof.

For the majority of PGP users today, "pretty good" is considered strong enough to provide a healthy level of security for sensitive mail and files.

Meanwhile, privacy activists eagerly await future PGP releases that may make the notoriously complicated program easier to operate. They also hope that developers of electronic mail programs will build in some ability to encrypt and sign mail simply and transparently, so that e-mail users can focus on getting their messages out, rather than on the mechanics of running PGP.

Tim O'Connor home page

This page was last modified 29 August 2003.

Questions or comments? Send email to tim AT roughdraft DOT org