Pretty Good Privacy: Difference between revisions
imported>Sandy Harris (change a link) |
mNo edit summary |
||
(29 intermediate revisions by 4 users not shown) | |||
Line 1: | Line 1: | ||
{{subpages}} | {{subpages}} | ||
{{TOC|right}} | |||
'''Pretty Good Privacy''' or '''PGP''' is a [[hybrid cryptosystem]] for [[email]] security, originally developed by [[Phil | '''Pretty Good Privacy''' or '''PGP''' is a [[hybrid cryptosystem]] for [[email]] security, originally developed by [[Phil Zimmermann]]. | ||
All versions use a [[public key]] cryptosystem to provide [[digital signature]]s and to manage keys for a [[block cipher]] which does the actual message encryption. | All versions use a [[public key]] cryptosystem to provide [[digital signature]]s and to manage keys for a [[block cipher]] which does the actual message encryption. | ||
There is an Internet standard for "[[Open PGP]]", RFC 4880 <ref name="opgp">[http://tools.ietf.org/html/4880 Open PGP Message Format] RFC at the [[IETF]]</ref>. An [[open source]] implementation of that standard, [[GNU Privacy Guard]] (GPG), is available [http://www.gnupg.org/], and is included in most [[Linux]] or BSD distributions. | |||
Upon original release, | [[PGP Corporation]] were heavily involved in creating the RFC that is the basis for the free versions, while themselves offering commercial products with support. At some times, they have also offered a free version of the commercial product for personal use. An index of free versions is at [http://www.pgpi.org/ PGP International]. | ||
== History == | |||
Zimmerman released the original PGP version 1.0 in 1990; it used a block cipher called [[BassOmatic (cipher)|BassOmatic]], devised by Zimmerman. This was quickly shown to be weak, and replaced with [[International Data Encryption Algorithm|IDEA]] in version 2.0. This was the version that became widespread and established PGP in the market. | |||
At one point, the US patent on the [[RSA algorithm]] meant some versions were restricted in the US that were not elsewhere. This no longer applies; the patent has been released into the public domain. Later versions of PGP also support the [[NSA]]-developed [[Digital Signature Algorithm]]; at one point, there was an advantage to this in that it was unpatented. However, some users refused to trust anything from the NSA. | |||
Use of [[International Data Encryption Algorithm|IDEA]] has also created licensing problems, since that is also patented. In version 3.0. they switched to [[CAST-128]] which, unlike IDEA, was free of patent restrictions. Current versions support several patent-free block ciphers, CAST-128, [[AES]] and [[Twofish]]. Some also support IDEA for backward compatibility. | |||
Zimmerman founded a company, PGP Incorporated. In 1997, this was bought by [[Network Associates]]. Related products appeared, PGP disk for disk encryption, PGP [[VPN]] with [[IPsec]], and PGP Firewall. However, it proved an unprofitable product for NA. In 2002, they sold off the assets to a newly-formed consortium, put together by old PGP Incorporated employees and some venture capitalists, called [[PGP Corporation]] [http://www.pgp.com]. This company did well with the product, winning awards [http://www.pgp.com/insight/newsroom/press_releases/2007/wsj_tech-award.html] and reporting good growth [http://www.pgp.com/insight/newsroom/press_releases/pgp_records_25th_consecutive_quarter.html]. In mid-2010, it was bought by [[Symantec]] [http://www.h-online.com/security/news/item/Symantec-buy-PGP-Corporation-and-GuardianEdge-990155.html]. | |||
A more complete history is on the [http://www.pgp.com/about_pgp_corporation/history.html PGP Corporation] site. | |||
== Export restrictions == | |||
Upon original release, PGP was famously subject to the [[United States of America]] export control of encryption technologies which prevented it's distribution outside of the US. Visitors to the PGP [http://web.mit.edu/network/pgp.html website] who attempted to download the software from a non-US IP address were denied. Despite this, PGP quickly found its way to various non-US sites. Zimmerman was investigated by the US Customs Service, for possible violations of the [[ITAR]] controls on export of arms. Under those regulations, strong [[cryptography]] such as PGP was considered a "dual use" item with military as well as civilian applications, so its export was controlled. Eventually, the investigation was dropped [http://www.gimonca.com/personal/archive/philzim2.html]. | |||
One of the responses to this was the publication of "PGP: Source Code and Internals" <ref>{{cite book | One of the responses to this was the publication of "PGP: Source Code and Internals" <ref>{{cite book | ||
Line 16: | Line 32: | ||
| url = http://mitpress.mit.edu/catalog/item/default.asp?ttype=2&tid=7024 | | url = http://mitpress.mit.edu/catalog/item/default.asp?ttype=2&tid=7024 | ||
| date = 1995 | | date = 1995 | ||
}}</ref>. Since this is a printed work, it is protected in US law by the [[first amendment]] protections for a free press. However, it contains source code for PGP and the font was chosen to make computer interpretation of scanned images easy, so it effectively circumvents the ITAR regulations. The government chose not to argue this point, perhaps partly because the publisher was the prestigious [[MIT press]], with deep pockets and good lawyers. The same technique has been used by later projects such as the [[EFF]] DES cracker<ref>{{cite book | }}</ref>. Since this is a printed work, it is protected in US law by the [[first amendment]] protections for a free press. However, it contains source code for PGP and the font was chosen to make computer interpretation of scanned images easy, so it effectively circumvents the ITAR regulations. Anyone outside the US could just buy the book, scan it, and have PGP source code. The government chose not to argue this point, perhaps partly because the publisher was the prestigious [[MIT press]], with deep pockets and good lawyers. The same technique has been used by later projects such as the [[EFF]] DES cracker<ref>{{cite book | ||
| author = Electronic Frontier Foundation | | author = Electronic Frontier Foundation | ||
| title = Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design | | title = Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design | ||
Line 26: | Line 42: | ||
Later, Zimmerman gave testimony to the US Senate, arguing for a change to the export control laws on the basis of the importance of privacy for civil liberties and human rights. PGP and subsequent encryption software has been used by human rights campaigners and dissidents to protect the privacy of communications and data used in the fight for civil rights in oppressive regimes<ref>Phillip Zimmerman, [http://www.philzimmermann.com/EN/letters/index.html Letters to Phil from human rights groups]</ref>. | Later, Zimmerman gave testimony to the US Senate, arguing for a change to the export control laws on the basis of the importance of privacy for civil liberties and human rights. PGP and subsequent encryption software has been used by human rights campaigners and dissidents to protect the privacy of communications and data used in the fight for civil rights in oppressive regimes<ref>Phillip Zimmerman, [http://www.philzimmermann.com/EN/letters/index.html Letters to Phil from human rights groups]</ref>. | ||
== Global trust register == | |||
Well-known security researcher [[Ross Anderson]] and others have published the Global Trust Register, a book of PGP keys. From their website: | |||
{{quotation|The primary aim of this book is to cut through the chaos by publishing the thousand or so important keys in paper form, as a kind of global phone book. The secondary aim is political: By printing these keys on paper, we can use established legal protections to limit government interference. | |||
<ref>{{cite book | |||
| title = The Global Internet Trust Register | |||
| author = Ross Anderson, Bruno Crispo, Jong-Hyeon Lee, Charalampos Manifavas, Vaclav Matyas and Fabien Petitcolas | |||
| publisher = MIT press | |||
| date = 1999 | |||
| isbn = 978-0-262-51105-6 | |||
| url = http://www.cl.cam.ac.uk/research/security/Trust-Register/}}</ref>}} | |||
== PGP bug == | == PGP bug == | ||
Line 40: | Line 61: | ||
| date = September 2000 }}</ref>. Versions 5.5 to 6.5.3 should not be used. This should not be a problem today; those versions are from the year 2000 or earlier. | | date = September 2000 }}</ref>. Versions 5.5 to 6.5.3 should not be used. This should not be a problem today; those versions are from the year 2000 or earlier. | ||
The problem has to do with support for "additional decryption keys". These have legitimate uses; for example one might want otherwise secure messages to be decryptable at need by one's lawyer or heirs, or a company might want employees using encryption to encrypt to a corporate key as well as to the recipient. | The problem has to do with support for "additional decryption keys". These have legitimate uses; for example one might want otherwise secure messages to be decryptable at need by one's lawyer or heirs, or a company might want employees using encryption to encrypt to a corporate key as well as to the recipient. The bug was that there was insufficient checking during the processing of these keys; this meant a malicious third party could add his key as well. | ||
This bug had some political significance. Opponents of [[escrowed encryption]] often cite it as part of an argument that adding such features is dangerous and ill-advised. | This bug had some political significance. Opponents of [[escrowed encryption]] often cite it as part of an argument that adding such features is dangerous and ill-advised. | ||
== References == | == References == | ||
{{reflist|2}} | {{reflist|2}}[[Category:Suggestion Bot Tag]] |
Latest revision as of 16:01, 6 October 2024
Pretty Good Privacy or PGP is a hybrid cryptosystem for email security, originally developed by Phil Zimmermann.
All versions use a public key cryptosystem to provide digital signatures and to manage keys for a block cipher which does the actual message encryption.
There is an Internet standard for "Open PGP", RFC 4880 [1]. An open source implementation of that standard, GNU Privacy Guard (GPG), is available [1], and is included in most Linux or BSD distributions.
PGP Corporation were heavily involved in creating the RFC that is the basis for the free versions, while themselves offering commercial products with support. At some times, they have also offered a free version of the commercial product for personal use. An index of free versions is at PGP International.
History
Zimmerman released the original PGP version 1.0 in 1990; it used a block cipher called BassOmatic, devised by Zimmerman. This was quickly shown to be weak, and replaced with IDEA in version 2.0. This was the version that became widespread and established PGP in the market.
At one point, the US patent on the RSA algorithm meant some versions were restricted in the US that were not elsewhere. This no longer applies; the patent has been released into the public domain. Later versions of PGP also support the NSA-developed Digital Signature Algorithm; at one point, there was an advantage to this in that it was unpatented. However, some users refused to trust anything from the NSA.
Use of IDEA has also created licensing problems, since that is also patented. In version 3.0. they switched to CAST-128 which, unlike IDEA, was free of patent restrictions. Current versions support several patent-free block ciphers, CAST-128, AES and Twofish. Some also support IDEA for backward compatibility.
Zimmerman founded a company, PGP Incorporated. In 1997, this was bought by Network Associates. Related products appeared, PGP disk for disk encryption, PGP VPN with IPsec, and PGP Firewall. However, it proved an unprofitable product for NA. In 2002, they sold off the assets to a newly-formed consortium, put together by old PGP Incorporated employees and some venture capitalists, called PGP Corporation [2]. This company did well with the product, winning awards [3] and reporting good growth [4]. In mid-2010, it was bought by Symantec [5].
A more complete history is on the PGP Corporation site.
Export restrictions
Upon original release, PGP was famously subject to the United States of America export control of encryption technologies which prevented it's distribution outside of the US. Visitors to the PGP website who attempted to download the software from a non-US IP address were denied. Despite this, PGP quickly found its way to various non-US sites. Zimmerman was investigated by the US Customs Service, for possible violations of the ITAR controls on export of arms. Under those regulations, strong cryptography such as PGP was considered a "dual use" item with military as well as civilian applications, so its export was controlled. Eventually, the investigation was dropped [6].
One of the responses to this was the publication of "PGP: Source Code and Internals" [2]. Since this is a printed work, it is protected in US law by the first amendment protections for a free press. However, it contains source code for PGP and the font was chosen to make computer interpretation of scanned images easy, so it effectively circumvents the ITAR regulations. Anyone outside the US could just buy the book, scan it, and have PGP source code. The government chose not to argue this point, perhaps partly because the publisher was the prestigious MIT press, with deep pockets and good lawyers. The same technique has been used by later projects such as the EFF DES cracker[3].
Later, Zimmerman gave testimony to the US Senate, arguing for a change to the export control laws on the basis of the importance of privacy for civil liberties and human rights. PGP and subsequent encryption software has been used by human rights campaigners and dissidents to protect the privacy of communications and data used in the fight for civil rights in oppressive regimes[4].
Global trust register
Well-known security researcher Ross Anderson and others have published the Global Trust Register, a book of PGP keys. From their website:
The primary aim of this book is to cut through the chaos by publishing the thousand or so important keys in paper form, as a kind of global phone book. The secondary aim is political: By printing these keys on paper, we can use established legal protections to limit government interference.
PGP bug
A bug was introduced in version 5.5 and fixed in 6.5.4 [6]. Versions 5.5 to 6.5.3 should not be used. This should not be a problem today; those versions are from the year 2000 or earlier.
The problem has to do with support for "additional decryption keys". These have legitimate uses; for example one might want otherwise secure messages to be decryptable at need by one's lawyer or heirs, or a company might want employees using encryption to encrypt to a corporate key as well as to the recipient. The bug was that there was insufficient checking during the processing of these keys; this meant a malicious third party could add his key as well.
This bug had some political significance. Opponents of escrowed encryption often cite it as part of an argument that adding such features is dangerous and ill-advised.
References
- ↑ Open PGP Message Format RFC at the IETF
- ↑ Phil Zimmerman (1995). PGP: Source Code and Internals. ISBN 0-262-24039-4.
- ↑ Electronic Frontier Foundation (1998). Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design. Electronic Frontier Foundation. ISBN ISBN: 1-56592-520-3.
- ↑ Phillip Zimmerman, Letters to Phil from human rights groups
- ↑ Ross Anderson, Bruno Crispo, Jong-Hyeon Lee, Charalampos Manifavas, Vaclav Matyas and Fabien Petitcolas (1999). The Global Internet Trust Register. MIT press. ISBN 978-0-262-51105-6.
- ↑ Computer Emergency Response Team (September 2000). CERT® Advisory CA-2000-18 PGP May Encrypt Data With Unauthorized ADKs.