PGP
Dan Tobias (Talk | contribs) (→Utilities) |
m (→Sample files) |
||
(6 intermediate revisions by 5 users not shown) | |||
Line 7: | Line 7: | ||
Created by Phil Zimmerman in 1991, it got into some legal trouble early on because encryption of this grade was classified as a munition under U.S. law and restricted from export. These laws, while not completely repealed even now, have been considerably liberalized since, and now export of PGP and related software is only restricted when it's being exported to countries such as Iran that are under special sanction. Zimmerman's PGP company was eventually acquired by Network Associates (now McAfee), which eventually rebranded the original command-line-based PGP as "McAfee E-Business Server" and sold off all other PGP assets to some PGP developers who formed a new PGP company, which was eventually acquired by Symantec. Meanwhile, the specifications of the file format had been released as the OpenPGP spec and published as an RFC document, making it available for use in other products. | Created by Phil Zimmerman in 1991, it got into some legal trouble early on because encryption of this grade was classified as a munition under U.S. law and restricted from export. These laws, while not completely repealed even now, have been considerably liberalized since, and now export of PGP and related software is only restricted when it's being exported to countries such as Iran that are under special sanction. Zimmerman's PGP company was eventually acquired by Network Associates (now McAfee), which eventually rebranded the original command-line-based PGP as "McAfee E-Business Server" and sold off all other PGP assets to some PGP developers who formed a new PGP company, which was eventually acquired by Symantec. Meanwhile, the specifications of the file format had been released as the OpenPGP spec and published as an RFC document, making it available for use in other products. | ||
+ | |||
+ | GNU Privacy Guard (GnuPG, GPG) is a commonly-used encryption tool using PGP format, running on Linux systems. | ||
PGP uses a combination of several encryption techniques applied serially, including symmetric-key and public-key cryptography. | PGP uses a combination of several encryption techniques applied serially, including symmetric-key and public-key cryptography. | ||
Line 22: | Line 24: | ||
* [http://search.cpan.org/~sromanov/Crypt-OpenPGP-1.07/lib/Crypt/OpenPGP.pm Crypt-OpenPGP library for Perl] | * [http://search.cpan.org/~sromanov/Crypt-OpenPGP-1.07/lib/Crypt/OpenPGP.pm Crypt-OpenPGP library for Perl] | ||
* [https://github.com/mapmeld/profanity65#profanity65 Profanity65: transform PGP messages into a stream of obscenities, still decryptable] | * [https://github.com/mapmeld/profanity65#profanity65 Profanity65: transform PGP messages into a stream of obscenities, still decryptable] | ||
+ | * [http://www.jabberwocky.com/software/paperkey/ Paperkey: extract just the 'secret bits' of secret keys, reducing the size ~80%] | ||
+ | * [[Stealth]] - strip headers to make it harder to identify files | ||
+ | |||
+ | ==See also== | ||
+ | * [[PGP public key]] | ||
+ | |||
+ | == Sample files == | ||
+ | * {{DexvertSamples|text/pgpSignedMessage}} | ||
== Other links == | == Other links == | ||
Line 30: | Line 40: | ||
* [https://github.com/tanx/SafeWith.me Store and share your files with OpenPGP encryption on any device via HTML5] | * [https://github.com/tanx/SafeWith.me Store and share your files with OpenPGP encryption on any device via HTML5] | ||
* [http://secushare.org/PGP 13 reasons not to start using PGP] | * [http://secushare.org/PGP 13 reasons not to start using PGP] | ||
+ | * [http://linux.die.net/man/1/gpg GPG Linux man page] | ||
+ | * [http://www.thoughtcrime.org/blog/gpg-and-me/ GPG And Me] |
Latest revision as of 15:03, 28 December 2023
PGP (Pretty Good Privacy) is an encryption program, and its encryption format which eventually became the OpenPGP standard.
Created by Phil Zimmerman in 1991, it got into some legal trouble early on because encryption of this grade was classified as a munition under U.S. law and restricted from export. These laws, while not completely repealed even now, have been considerably liberalized since, and now export of PGP and related software is only restricted when it's being exported to countries such as Iran that are under special sanction. Zimmerman's PGP company was eventually acquired by Network Associates (now McAfee), which eventually rebranded the original command-line-based PGP as "McAfee E-Business Server" and sold off all other PGP assets to some PGP developers who formed a new PGP company, which was eventually acquired by Symantec. Meanwhile, the specifications of the file format had been released as the OpenPGP spec and published as an RFC document, making it available for use in other products.
GNU Privacy Guard (GnuPG, GPG) is a commonly-used encryption tool using PGP format, running on Linux systems.
PGP uses a combination of several encryption techniques applied serially, including symmetric-key and public-key cryptography.
Contents |
[edit] File detection
PGP data may be stored as raw binary, but it is common for them to be encoded in the "ASCII Armor" format documented in the OpenPGP standard, which can be embedded anywhere ASCII text can be (e.g., in e-mail messages). This can be detected by the presence of a header line starting with ----- Begin PGP
(followed by different strings depending on what sort of data it is, such as a signature, message, key block, etc.).
[edit] Standards documents
- RFC 2440 (old version of OpenPGP spec)
- RFC 4880 (new version of OpenPGP spec)
- RFC 3156 (MIME security with OpenPGP)
[edit] Utilities
- Crypt-OpenPGP library for Perl
- Profanity65: transform PGP messages into a stream of obscenities, still decryptable
- Paperkey: extract just the 'secret bits' of secret keys, reducing the size ~80%
- Stealth - strip headers to make it harder to identify files