Use of the Internet is expanding beyond anyone's expectations. As corporations, government offices, and ordinary citizens begin to rely on the information highway to conduct business, they are realizing how important it is to protect their communications — both to keep them a secret from prying eyes and to ensure that they are not altered during transmission. Encryption, which until recently was an esoteric field of interest only to spies, the military, and a few academics, provides a mechanism for doing this.

PGP, which stands for Pretty Good Privacy, is a free and widely available encryption program that lets you protect files and electronic mail. Written by Phil Zimmermann and released in 1991, PGP works on virtually every platform and has become very popular both in the U.S. and abroad. Because it uses state-of-the-art public key cryptography, PGP can be used to authenticate messages, as well as keep them secret. With PGP, you can digitally "sign" a message when you send it. By checking the digital signature at the other end, the recipient can be sure that the message was not changed during transmission and that the message actually came from you.

PGP offers a popular alternative to U.S. government initiatives like the Clipper Chip because, unlike Clipper, it does not allow the government or any other outside agency access to your secret keys.

PGP: Pretty Good Privacy by Simson Garfinkel is both a readable technical user's guide and a fascinating behind-the-scenes look at cryptography and privacy. Part I, "PGP Overview," introduces PGP and the cryptography that underlies it. Part II, "Cryptography History and Policy," describes the history of PGP — its personalities, legal battles, and other intrigues; it also provides background on the battles over public key cryptography patents and the U.S. government export restrictions, and other aspects of the ongoing public debates about privacy and free speech. Part III, "Using PGP," describes how to use PGP: protecting files and email, creating and using keys, signing messages, certifying and distributing keys, and using key servers. Part IV, "Appendices," describes how to obtain PGP from Internet sites, how to install it on PCs, UNIX systems, and the Macintosh, and other background information. The book also contains a glossary, a bibliography, and a handy reference card that summarizes all of the PGP commands, environment variables, and configuration variables.

 Table of Contents

Foreword 

Preface 

Part I: PGP Overview  

Chapter 1: Introduction to PGP  
Why PGP? The Case for Encryption  
Your Mail Can Go Astray  
Protecting Your Privacy  
Where Did PGP Come from?  
Basic PGP Terminology  
Keys: Public, Secret, and Session  
Key Certificates  
Key Rings  
Pass Phrases  
Digital Signatures  
Signatures on Key Certificates  
How to Run PGP  
The Command Line Interface  
Getting Help (-h Option)  
Specifying Command Line Arguments  
Using ASCII Armor (-a Option)  
Encrypting and Signing Email (-e and -s Options)  
PGP File Extensions  
PGP Environment Variables  
PGP Configuration Variables  
The PGP Language File  
PGP and Its Competitors  
Key Certification with PGP  

Chapter 2: Cryptography Basics  
How Does Simple Cryptography Work?  
Codes  
Ciphers  
Substitution ciphers  
One-Time Pads  
Keys and Key Length  
Breaking the Code  
Brute force (key search) attack  
Cryptanalysis  
Private Key Cryptography  
Private Key Algorithms  
A Private Key Example  
Problems with Private Key Cryptography  
The Key Distribution Center  
The Outlook for Private Key  
Public Key Cryptography  
Public Key Systems  
Advantages of Public Key Systems  
Digital Signatures  
Using Private and Public Key Cryptography Together  
How Good is Cryptography?  
The Strong and the Weak  
The Case for Weakness  
What Encryption Can't Do  
U.S. Restrictions on Cryptography  
Cryptography and the U.S. Patent System  
Cryptography and Export Controls  

Part II: Cryptography History and Policy  

Chapter 3: Cryptography Before PGP  
Cryptography Through the Ages  
National Security and the NSA  
Lucifer and the DES  
The National Bureau of Standards  
The Security of the DES  
DES Cracking  
Alternatives to the DES  
Public Key Cryptography  
Ralph Merkle's Puzzles  
Diffie-Hellman Multi-User Techniques  
Diffie-Hellman Exponential Key Exchange  
The Birth of RSA  
How does RSA work?  
Technical Memorandum #82  
The Rise and Fall of Knapsacks  
Taking Public Key to Market  

Chapter 4: A Pretty Good History of PGP  
Phil Zimmermann: On the Road to PGP  
Metamorphic Systems  
Charlie Merritt  
Phil Zimmermann Meets Public Key  
Face to Face with Jim Bidzos  
The Rise of RSA Data Security  
Working with Big Jim  
A Pretty Good Program  
The Anti-Crime Bill S.266  
The Birth of PGP-Version 1.0  
PGP Grows Up  
Bass-O-Matic  
The Real Thing-PGP Version 2.0  
The Cypherpunks  
PEM, RSAREF, and RIPEM  
ViaCrypt  
MIT Steps in  
Throwing PGP into the Wind  
The Federal Investigation of Zimmermann  
Whither PGP?  
RSA-129 Solved!  

Chapter 5: Privacy and Public Policy  
Wiretapping and the U.S. Government  
The FBI's Digital Telephony Plan  
The Untold Cost of Digital Telephony  
Return of Digital Telephony  
Where's the Beef?  
An Information Superhighway that's "Wired for Sound"  
The NSA's Clipper Chip  
Inside Clipper  
Who Gets the Keys?  
The Battle over Clipper and the EES  
Problems with Clipper  

Chapter 6: Cryptography Patents and Export  
Patents and Policy  
Export: 40 Bits is not Enough!  
The Digital Signature Standard  
The Battle over the DSS  
The DSS and Patents  
The Fall of PKP?  
The Cylink Lawsuit  
The Schlafly Lawsuit  

Part III: Using PGP  

Chapter 7: Protecting Your Files  
Encrypting and Decrypting Files  
Encrypting a File  
Making a Mistake  
Erasing the Original File (-w Option)  
Retrieving Your Encrypted File (Default Option)  
The Pass Phrase  
Should You Use a Different Pass Phrase for Every File?  
How to Pick a Pass Phrase  
Good Pass Phrases  
Why Use a Long Pass Phrase?  


Chapter 8: Creating PGP Keys  
Making Public Key Cryptography Work  
The Theory Behind the Keys  
Using PGP to Create Keys (-kgOption)  
Choosing the Length of Your Public Key  
Entering Your User ID  
Picking Your Pass Phrase  
Creating Randomness  
What If PGP Won't Generate Keys?  
PGP Key Rings: A Place for Your Keys  


Chapter 9: Managing PGP Keys  
Secret and Public Key Rings  
Viewing Keys (-kvOption)  
Viewing Keys on Your Public Key Ring  
Viewing Keys on Your Secret Key Ring  
Viewing Keys on Other Key Rings  
Getting More Information about Keys (-kvc Option)  
Changing Your Key Certificate (-keOption)  
Changing Your Pass Phrase  
Changing Your User ID (-ke Option)  
Editing with Options  
Changing Your User ID (-ke and -kr Options)  
Giving Your Public Key to Someone  
Copying Your Public Key Ring  
Extracting Your Public Key (-kx Option)  
Extracting Printable Keys with ASCII Armor (-kxa Option)  
Using Filter Mode (-f Option)  
Extracting Multiple Keys into a Single ASCII-Armored File  
Adding Keys to Key Rings (-kaOption)  
Adding Someone's Key to Your Public Key Ring  
Adding a Key to a Specified Key Ring  
No Duplicates Allowed  
Removing Keys from Key Rings (-krOption)  
Removing Keys from Your Public Key Ring  
Removing Keys from a Specified Key Ring  
A Starter Set of Public Keys  


Chapter 10: Encrypting Email  
Sending Encrypted Email  
Step 1: Creating the Message  
Creating a message with your word processor  
Creating a message from the keyboard  
Running PGP in filter mode  
Step 2: Getting the Recipient's Public Key  
Step 3: Encrypting the Message (-e Option).  
Step 4: Sending the Message  
Doing It All at Once (-f Option)  
Encrypting and Sending a Message at the Same Time  
Typing, Encrypting, and Sending at the Same Time  
Receiving Encrypted Email  
Decrypting Email  
Changing the Output File (-o Option)  
Viewing the Decrypted File (-m Option)  
User Unknown  
Sending and Receiving Huge Documents  
Changing the Size of Armored Files  
Sending an Encrypted File to a Mailing List  
Encrypting and Sending to Multiple People  
Adding Yourself to the Mailing List  
Adding Yourself Automatically to the List  


Chapter 11: Using Digital Signatures  
How Do Digital Signatures Work?  
The MD5 Message Digest Function  
Message Digests and Public Key  
RSA Digital Signatures  
PGP's Digital Signatures  
Signing a Message (-s Option)  
Verifying a Digital Signature  
Selecting from Multiple Secret Keys (-u Option)  
Signing and Encrypting a Message (-se Option)  
Receiving Signed Mail  
Creating Detached Signatures (-sb Option)  


Chapter 12: Certifying and Distributing Keys  
Forged Keys  
The Web of Trust  
Adding a Key with Signatures (-kaOption)  
Adding a Key for Phil's Pretty Good Pizza  
The fingerprint  
The certification  
Adding a Key for Terrence Talbot, Esq.  
Levels of trust  
Adding a Key for Sam Spade  
Viewing Signatures  
Checking Your Keys and Signatures (-kc Option)  
Checking Your Keys and Signatures (-kvv Option)  
Checking all the Fingerprints for Your Keys (-kvc Option)  
Changing Your Trust in a Person (-ke Option)  
Why Change the Level of Trust?  
Specifying a Different Key Ring  
Signing a Key (-ksOption)  
Signing with a Different Secret Key (-uOption)  
Removing a Signature (-krsOption)  
Unknown Signers  
Certifying the Keys in keys.asc (Version 2.6.1)  


Chapter 13: Revoking, Disabling, and Escrowing Keys  
Revoking Your Public Key  
What is a Key Revocation Certificate?  
Making a Key Revocation Certificate (-kd Option)  
Questions about Revoking Keys  
Disabling a Public Key (-kd Option)  
A Manual System for Escrowing Keys  
Simple Key Escrow  
Split-Key Escrow  


Chapter 14: PGP Configuration File  
What is the PGP Configuration File?  
Where is the Configuration File?  
Editing the Configuration File  
Specifying a Configuration Variable 
on the Command Line  
Inside the PGP Configuration File  
Configuration Variable Summary  


Chapter 15: PGP Internet Key Servers  
Communicating with a Key Server  
Key Server Commands  
Getting Help  
Finding out Who is on the Server  
Adding Your Key to the Server  
Getting a Public Key from the Server  
Getting a Set of Public Keys  
Getting Updated Keys  
Where are the Key Servers?  

Part IV: Appendices  

A. Getting PGP  
Getting PGP from MIT  
What to Type  
Other Ways of Getting PGP  
University of Hamburg: Lots of Crypto Resources  
University of California at Berkeley: The Cypherpunks  
Netcom: The PGP FAQ and Other Information  
Electronic Frontier Foundation  
Other Sources  

B. Installing PGP on a PC  
Choosing a Directory  
Unpacking PGP  
Verifying Your Copy of PGP  
Setting up the PGP 
Environment on a PC  
PGPPATH Environment Variable  
TZ Environment Variable  
A Sample autoexec.bat File  
Creating Your Secret Key/Public Key Pair  

C. Installing PGP on a UNIX System  
Unpacking PGP on UNIX  
Getting a C Compiler  
Building the RSAREF Library  
Building PGP  
Verifying Your Copy of PGP  
Finishing the PGP Installation Under UNIX  
The Dangers of Using PGP in a Multi-User Environment  

D. Installing PGP on a Macintosh  
Getting MacPGP  
Installing MacPGP  
Copying the File  
Decoding the File  
Creating a Setup Folder  
Creating a PGP Folder  
Launching MacPGP  
Creating Your Keys  
Adding Keys to Your Key Ring  
MacBinarizing the Distribution  
Certifying the Keys  

E. Versions of PGP  

F. The Mathematics of Cryptography  
How Diffie-Hellman Works  
How RSA Works  
The Security of RSA  
How Large is Very Large?  
How Random is Random?  
Dr. Ron Rivest on the Difficulty of Factoring  
Abstract  
Factoring Algorithms  
Costs of Computation  
Results  
Conclusions  
How PGP Picks Primes  

Glossary  

Bibliography  
Books  
Papers and Other Publications  
Electronic Resources  

Index  

List of Figures 
1-1: Threats to your message  
1-2: Paper mail, with envelopes, provides privacy  
1-3: Email, like postcards, offers little privacy  
1-4: Information on a PGP public key certificate  
1-5: PGP key rings  
1-6: A digital signature  
2-1: A simple example of encryption  
2-2: Freemason cipher  
2-3: George Washington's codebook  
2-4: One-time pad  
2-5: Brute force attack  
2-6: Private key cryptography with three people  
2-7: Private key cryptography with five people  
2-8: Private key cryptography with a key distribution center ) 
2-9: A session key from the KDC allows secure communication 
2-10: Public key cryptography  
7-1: Encrypting and decrypting a file  
10-1: Encrypting email  
10-2: Decrypting email  
11-1: Signing a message  
11-2: Verifying a message  
11-3: Signing and encrypting a message  
11-4: Decrypting and verifying a signature  
12-1: The web of trust  
D-1: MacPGP self-extracting archive  
D-2: MacPGP distribution folder  
D-3: Files in the MacPGP folder  
D-4: PGP window used for messages  
D-5: Key menu (Generate key... option)  
D-6: Picking a key size  
D-7: Typing a pass phrase  
D-8: Key menu (Add keys... option)  
D-9: Adding keys from the keys.asc file  
D-10: Adding keys to the pubring.pgp file  
D-11: File menu (MacBinarize... option)  
D-12: MacBinarizing the MacPGP2.6-Installer file  
D-13: File menu (Open/Decrypt... option)  
D-14: Selecting a file for certification  
D-15: Specifying the filename for certification  
D-16: Specifyng the filename again for certification  
E-1:Versions of PGP  


List of Tables 
3-1: Time required to break a DES-encrypted message  
6-1: The public key cryptography patents  
F-1: Number of MIPS-years that can be bought for $1000
for low, average, and high levels of technological growth 
F-2: Number of MIPS-years that can be purchased by an attacker, 
combining money available and technological growth estimates 
F-3: Number of MIP-years required to factor a number 
in low, average and high scenarios   
F-4: Size of a number (in bits) that an attacker would be able to
factor at various points of time under various scenarios