Pretty Good Privacy

From Citizendium
Revision as of 22:05, 29 November 2008 by imported>Sandy Harris (→‎History)
Jump to navigation Jump to search
This article is developing and not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Pretty Good Privacy or PGP is a hybrid cryptosystem for email security, originally developed by Phil Zimmerman.

All versions use a public key cryptosystem to provide digital signatures and to manage keys for a block cipher which does the actual message encryption.

There is an Internet standard for "Open PGP", RFC 4880 [1].

An open source implementation of that standard, GNU Privacy Guard (GPG), is available [1]. PGP Corporation has usually offered a free version of the commercial product for personal use. An index of free versions is at PGP International.

Export restrictions

Upon original release, PGP was famously subject to the United States export control of encryption technologies which prevented it's distribution outside of the US. Visitors to the PGP website who attempted to download the software from a non-US IP address were denied. Despite this, PGP quickly found its way to various non-US sites. Zimmerman was investigated by the US Customs Service, for possible violations of the ITAR controls on export of arms. Under those regulations, strong cryptography such as PGP was considered a "dual use" item with military as well as civilian applications, so its export was controlled. Eventually, the investigation was dropped [2].

One of the responses to this was the publication of "PGP: Source Code and Internals" [2]. Since this is a printed work, it is protected in US law by the first amendment protections for a free press. However, it contains source code for PGP and the font was chosen to make computer interpretation of scanned images easy, so it effectively circumvents the ITAR regulations. The government chose not to argue this point, perhaps partly because the publisher was the prestigious MIT press, with deep pockets and good lawyers. The same technique has been used by later projects such as the EFF DES cracker[3].

Later, Zimmerman gave testimony to the US Senate, arguing for a change to the export control laws on the basis of the importance of privacy for civil liberties and human rights. PGP and subsequent encryption software has been used by human rights campaigners and dissidents to protect the privacy of communications and data used in the fight for civil rights in oppressive regimes[4].

History

Zimmerman released the original PGP version 1.0 in 1990; it used a block cipher called Bassomatic, devised by Zimmerman. This was quickly shown to be weak, and replaced with IDEA in version 2.0.

At one point, the US patent on RSA meant some versions were restricted in the US that were not elsewhere. This no longer applies; the patent has been released into the public domain. Use of IDEA has also created licensing problems, since that is also patented. In version 3.0. they switched to CAST-128 which, unlike IDEA, was free of patent restrictions. Current versions support several patent-free block ciphers, CAST-128, AES and Twofish.

Zimmerman founded a company, PGP Incorporated. In 1997, this was bought by Network Associates. Related products appeared, PGP disk for disk encryption, PGP VPN with IPsec, and PGP Firewall. However, it proved an unprofitable product for NA. In 2002, they sold off the assets to a newly-formed consortium, put together by old PGP Incorporated employees and some venture capitalists, called PGP Corporation [3]. The first version from that group was PGP 8.0.

A more complete history is on the PGP Corporation site.

PGP bug

A bug was introduced in version 5.5 and fixed in 6.5.4 [5]. Versions 5.5 to 6.5.3 should not be used. This should not be a problem today; those versions are from the year 2000 or earlier.

The problem has to do with support for "additional decryption keys". These have legitimate uses; for example one might want otherwise secure messages to be decryptable at need by one's lawyer or heirs, or a company might want employees using encryption to encrypt to a corporate key as well as to the recipient. However, insufficient checking during the processing of these keys would allow a malicious third party to add his key as well.

This bug had some political significance. Opponents of escrowed encryption often cite it as part of an argument that adding such features is dangerous and ill-advised.

References

  1. Open PGP Message Format RFC at the IETF
  2. Phil Zimmerman (1995). PGP: Source Code and Internals. ISBN 0-262-24039-4. 
  3. Electronic Frontier Foundation (1998). Cracking DES: Secrets of Encryption Research, Wiretap Politics, and Chip Design. Electronic Frontier Foundation. ISBN ISBN: 1-56592-520-3. 
  4. Phillip Zimmerman, Letters to Phil from human rights groups
  5. Computer Emergency Response Team (September 2000). CERT® Advisory CA-2000-18 PGP May Encrypt Data With Unauthorized ADKs.