Pretty Good Privacy
How does it work?
PGP uses public-key cryptography, which
means that everyone has two keys -- a ``Public Key'' and a ``Secret Key'' (a key is
nothing but a string of characters which are fed into the encryption algorithm to
obtain an encrypted result. The same document encrypted by the same
method but with different keys will yield different results).
The keys complement each other, which means that anything encrypted with your public key
can only be decrypted with your secret key, and anything encrypted with your secret key
can only be decrypted with
your public key. This is the heart of PGP and all Public-Key Cryptography, so don't forget
You make your public key as easily available to others as possible -- put it in your .plan
for finger, put it on your web page, send it to a PGP keyserver, publish it in the
newspaper, etc. You never ever reveal your secret key to anyone.
The rest is trivial. If you want to send me a private (For Your Eyes Only) e-mail, create
your message, encrypt it with my public key and send me the message. Since the message is
encrypted, no one who intercepts (e.g. the root user on VSNL's mail server :-) will be
able to read it; since it is encrypted with my Public key, I will be able to decrypt and
read it using my Secret key (remember?)
Similarly, if you have to sign a message to me, encrypt it with your Secret key. When I
receive the message, I'll try to decrypt it with your Public key. If it decrypts then the
message must be from you, since only you (who know your Secret key) could have encrypted
it. If there's a problem in decrypting then either the message is a forgery or someone
tampered with the contents of the message on the way.
Where do I get
How do I run PGP?