The public key is unique to each person and meant to be shared. Next, the session key is encrypted using the recipient’s public key. This session key is also never used again for other messages. Only someone who knows the session key can read the message, and it is much too large to guess. This key is an enormous number that is used to encrypt and decrypt the contents of the message. The first thing PGP does is generate a random session key. If you’re interested in the mathematics behind encryption, you can find (somewhat simplified) explainers that digest those topics. The below diagram shows how PGP encryption works.įor this article, we’ll stick with the high-level concepts. PGP uses a combination of symmetric key encryption (i.e., a single-use session key which encrypts and decrypts the message) and public key encryption (i.e., the keys unique to the recipient encrypt and decrypt the session key). ProtonMail makes PGP encryption easy, convenient, and accessible to everyone. You don’t have to do anything or need any specialized technical knowledge to encrypt your email with PGP. When you compose an email to another ProtonMail user and click send, the message encryption and signature are applied automatically. With ProtonMail, PGP is built in and runs automatically and invisibly. You also would have to manually generate encryption keys and exchange them with your contacts.
BEST PGP APPLICATION SOFTWARE
Historically, PGP was difficult to use, requiring additional software applications on top of your email provider or client. OpenPGP.js, in particular, is one of the world’s most widely used OpenPGP libraries and has been thoroughly audited by security experts. ProtonMail is the maintainer of two of these libraries: OpenPGP.js, for the Javascript programming language (used in our web app), and GopenPGP, for Go language (used in our mobile and desktop apps). Several OpenPGP-compliant developer libraries have been created to help programmers implement PGP encryption in their applications. Today, PGP has been standardized into OpenPGP, enabling anyone to write PGP software that is compatible and interoperable with other platforms that use PGP.
PGP was developed in the 1990s to allow email and other types of messages to be exchanged privately. PGP also authenticates the identity of the sender and verifies that the message was not tampered with in transit.īefore PGP, your internet provider, your email provider, hackers, or the government could all theoretically read your messages. Only the recipient has the key to convert the text back into the readable message on their device. When you send a message using PGP, the message is converted into unreadable ciphertext on your device before it passes over the internet. PGP is a cryptographic method that lets people communicate privately online. How you can use PGP to protect your communications.
We have already covered end-to-end encryption and zero-access encryption.
BEST PGP APPLICATION SERIES
This article is part of a series explaining some of the tech behind ProtonMail. For these reasons, we use PGP as the backbone of our security architecture. PGP has been thoroughly field tested over its decades of use, its few vulnerabilities are well understood, and it has broad compatibility with other encryption clients. When you send messages using PGP encryption, no one can intercept and read your message in transit. In fact, PGP is the most widely used email encryption system in the world. PGP stands for Pretty Good Privacy, but the name is an ironic understatement. What is PGP? This article explains the tech behind our security promise. When you send an encrypted email with ProtonMail, your message is automatically protected with PGP encryption.
0 kommentar(er)
