Microsoft Visual Basic .NET and Microsoft SQL Programming Consulting - SethMartel.com About News Education Certification Links Contact
Microsoft Visual Basic .NET, Microsoft SQL and Oracle Development Consulting - SethMartel.com


Consulting Services


Visual Basic 6 and .NET Development
Microsoft SQL Development
Data Transformation
Information Security
Software Testing and Documentation


PGP Summary

This is a basic summary and overview of PGP.

PGP is software that allows for encryption and digital signing of documents. PGP is an acronym that stands for Pretty Good Privacy. It was created by Phil Zimmermann in 1991. Later PGP versions have been developed and distributed by MIT, ViaCrypt, Network Associates Inc and PGP Inc.

PGP uses a pair of keys that are closely associated with each other. One is a private key, the other is a public key. As the names imply, the private key is to be kept secret, while the public key should be freely distributed. The key pair works together by allowing any document signed or encrypted with the private key to be verified or decrypted with the public key. And the inverse is also true, any document signed or encrypted with the public key can be verified or decrypted with the private key. PGP allows for encryption and/or digital signatures.

A digital signature is a mathematical calculation on the content of a message, referred to as a message digest or one way hash. A message signed with a PGP private key can be verified with the public key. Verification allows an individual to be confident that the message was not altered in transit and that it is from the person or keyholder identified. Verification of a digital signature is optional and the content of the message can be viewed regardless of PGP use.

Digital signatures do not hide or change the content of messages. Encryption is used to hide and encode a message. A message encrypted with a PGP private key requires that the public key be used to decrypt it or it will be unreadable. Messages encrypted with the public key require the private key to decrypt it or it will be unreadable.

PGP provides substantial benefits with regard to authenticity, integrity and confidentiality. Digital signatures can be used to verify authenticity and integrity. That is, digital signatures allow an individual to be confident a message is, in fact, from who signed it and that the message is exactly the same as when it was signed, i.e., that was not altered in transit. Review the sample messages below for additional details. Also, review this HOWTO for instructions on how to install and verify a message with the freeware or demo version of PGP.

Example of signed message:

From: "Seth Martel" <seth@sethmartel.com>
To: <testuser1@sethmartel.com>
Subject: /// Marvelous PGP Test Message \\\
Date: Sun, 10 Aug 2003 14:03:02 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Howdy,

This is my PGP test message.

Mmmmmm, test message goodness....

Best Regards,
Seth Martel.


-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQIVAwUBPzaI1d0R/NgVDXa4AQKhYw//dATUpAj+TCs6OIhZJ+6UuVh1hVzQunGq
liILKn6tUS7hjA+c+twoxa9FLzIqw0WxUkDEJFtN0JvqCet31PfJAWTecnKyHSNh
XrX0O7/8WVQ/XYMWyCsDFtLIBImBUSrckSSucLGR5Ecag9RUkiCS7ByoUk/Pyafl
LJKJqdrX4KHwtG99Ug79c2TgRTzcp2As2TgbyTySjnAWiH9GVfEBIhV4eQ1DJFjl
x42R3Dwk0xdeRhWl5+89BDFZM4zpor++RD/oWgCwQycvZM8HP+mF0KNJF0WezQ0Y
u5ma11O4FIax2fTvZpIxnGMOjagMxh9mgFWVigq6EwHHJEyn6bi+1VLSru0av6FH
Mt/JZEqIVjq5Tg8GSfm+bq0x3w27FgICE4MgABB8UKoguNS7eNEmHnvbxkheQ+W1
7+hUVQNgVpsLFS5b94ea0huOW6BrYXCrAvSn/MfEHQ3PymZd+w3oM99OmRbDQ/HS
c5fHMWy1WJkJVzwyJL5BRxIxPufQ8t89qR6eIhodqy9Kcb1OP0498iQrkZRkIaei
+DGpkr9MT+z4jLreT/EBV71wHS5Aj8xcJXu57qeso+0lSGWa8c/JiBE+3IrQ1X2Y
/dsSYfPx4d/VOXo/Nhd4qEuWkJes6Hv3rmuGTPoGO1Jj9hmTVnB3DfrX7RAmPR4Q
cf8VVjZIfSE=
=AwgD
-----END PGP SIGNATURE-----


Example of the verification of a signed message:


From: "Seth Martel" <seth@sethmartel.com>
To: <testuser1@sethmartel.com>
Subject: /// Marvelous PGP Test Message \\\
Date: Sun, 10 Aug 2003 14:03:02 -0400

*** PGP SIGNATURE VERIFICATION ***
*** Status: Good Signature
*** Signer: Seth Martel <seth@sethmartel.com> (0x150D76B8)
*** Signed: 8/10/2003 2:03:01 PM
*** Verified: 8/10/2003 2:07:26 PM
*** BEGIN PGP VERIFIED MESSAGE ***

Howdy,

This is my PGP test message.

Mmmmmm, test message goodness....

Best Regards,
Seth Martel.



*** END PGP VERIFIED MESSAGE ***


Example of encrypted message:


From: "Seth Martel" <seth@sethmartel.com>
To: <testuser1@sethmartel.com>
Subject: /// Marvelous PGP Test Message \\\
Date: Sun, 10 Aug 2003 14:09:39 -0400


-----BEGIN PGP MESSAGE-----
Version: PGP 8.0

qANQR1DBw04DGS8xEij1l4YQEACP08bLlcFDpfqL6DfVPbEIThZMlCKRXkml4oPf
GKWw1NK9EMp/8OYl3RBwlCoqqES+wvvhAojQOVcE4IsZt/S1FQXATjNWSyaeK82c
IRjbg70z14wNj6sGKSweyTol63nLYBNOf+2Djw/JL+QRpmSLezUilXQpBV1UyTFa
4vCaC2wdIfxGAVMVZc79usaLGiH1e285LqfAGb0r5Nziyz5Hq7a7A5fPEkccX13i
1i3KuZVklalp4HU3OfFX4+ZGxuqnvReB9SvdFC6QpsA67PzUh5U3mjwjvd+wVBQk
mYS+UAYdIUeJIq/S8O9KrW+FE69OrrlvfsFNbxgELtba35h5lbcSs6aRqlXpuLwh
JEm8vBfbxaP/uhJV235ZPIZYy7lhJeB8qOaAhP4pzQVIVH/sj3YW3gjz1r8kiCpY
4RdD941Nu+HQWV9OXC9kXvICtIZPWa99fmhiGNZLw95PG1AvwAoMcGKCECdYz9MC
z67XwiTJv4TuqK3XnhzsvIQeqlh+Z3rgnqSgfAJ1utTd6bJwcnyua+lujES0mmGx
2QMm5JR4rg8W7qAwqsE82Bz5qxShNE+cKCVqw2tjxHGBKST2ERET9J0Q4Lp/1OeO
hVs1bOARzNN8GBiQO4n4p2icwBQqkZ4QamGAR0zfVeNogh0oxDPzAWiYrl3CCq38
w1x9Ig//cqFbUkFDAMHbv6GrTvxemEASvJk8pvEJ9mHYM1wsPf+oH8uftWjKwBNL
lyWw7z9FRc9AwIEmciJg4Fy3WIrXCY+nwvi5LloxzVVAuK2zgZtKxLuqLqa49Fdl
lGbB71IqpI5fJXfNIuErrg66EoBeFdIb0rlVW3BmS8B4GbQbxr5xw+OBofaohaVD
8vjF3Zbpm2sndEOE2/d0+ObqYc1f41ghB4bqqrAaWN+Rz51KJvIljnO7MfI8beBA
nC+Nu+0rkrPoOY5XjkDNkFQg83JS+4bdC/0pLNXS+nXiGjbXX0Q6pulmekeEYoYa
cpRplzZwK1SySvO8M4DjD71yu71diY/Zgtd0RV3ShKhy6dvdzZRbH1cH/ZH4UTuE
gn86oVo7KW75Bq1FH/3VrH2IlEd7qrQNH0+nFmUkjOxZTwWHffI/gqZ+Ij0QVi6q
qYEHNBEWdVeah3U5BOLWRT57d7SF2PI9lTOeq89qKpnzilH9HTiiWdbGHDIvYTbs
LQCTHsaIovtwmB8QJGmYvlSMDXnq4R2IGOmwW5u76cEDzieT5hzTUJ0SxgJtz/rB
Bx9VTGxBv32Zfr0Zz+MkNU7tmBeD/nuItGwvEHjCn9R/iD5m/plEEKL1g4j9CG0k
yCSx3RAxGgVlJua+iJtxDI8TSQOtyivlSuX8SPia5Cs0+lIX/y3Jwe20F83sZgAZ
L1CoXXIola5CzwIlTK/gcyawglC/r7IaeFS5NyqUDQr6skumltyePIlPsFetAbpV
XHNdHUq8Yfu/Yq2ixbG62js6de44KhHm5Df796AAPh0L4AbRFSuRu4aQsGDXzVV3
B4F/DZg/G0mdM2QS6Rq+vgu5mRtDPkJ2g5r9brO+VrxeXSfOjL7kFqeEtgtNADk5
P7bF+/Xsts/ff1lrBTisE/DGTF4LFdQH4GjSW3sdN8Q5k/S+x0cuox+7Lsc34BiC
I1BBH0mafF5eRqxqrD2HtxQ2q0aVvC9pIR45IAuUXlrGPrNaR3AVS4BfYjp2ZWQW
KFz86U8ZAn/DoYz60s6EKuLSUU7odIdj31rYW9oSd6FvL0zU7aHkWPYjY8n6uzyG
E8eGos9KJRHOmaXFRoylOmtozmPUvtEd9Triot5ka/ywRSoBpGvMswgO7XykoqvR
0RKOp25FZOsaVwnPmiIqzFYY/ZEYQZus2YzMlqcN3GLgLEvPRokVeheyYrqOzg97
aDGCqP8YZho15l82uBpFf2HAKdOXG8PgegYDXC7bQFEpdieRYZ1Ka7V9vc7lX1TF
oGNTUwYGHt0kpRq1XOloDjy190sm+cTRCTF9H2Pxgcoo+KKm+eFL1IBb4s1aAmsv
Y7ke6EztIXH7IszKBkKsFlxh2NsA9c9fBBbH+yoosez/XbjYbAuV9oytE/voMSYJ
2/0EF+foWbWDsTwHk5968GE3A/Bj08gHcWbx6WAgsQnMF+IHyumpXuSCZ6uf7YM9
QKxaMxNHQpJSCiTBhYnTijliBCskzbwvUXkHducbDrShZIsF0P+y1eQF5PqJjN4I
Ap+/eqjVsAsTL7GxkUCyBlzZty3F2n0qgsE6UyXXulIirP8vVGdh07gDahYw+ukp
kxqWstaT
=KSje
-----END PGP MESSAGE-----


Example of the decrypted results of the previously encrypted message:


From: "Seth Martel" <seth@sethmartel.com>
To: <testuser1@sethmartel.com>
Subject: /// Marvelous PGP Test Message \\\
Date: Sun, 10 Aug 2003 14:09:39 -0400


*** PGP SIGNATURE VERIFICATION ***
*** Status: Good Signature
*** Signer: Seth Martel <seth@sethmartel.com> (0x150D76B8)
*** Signed: 8/10/2003 2:09:39 PM
*** Verified: 8/10/2003 2:10:26 PM
*** BEGIN PGP DECRYPTED/VERIFIED MESSAGE ***

Howdy,

This is my PGP test message.

Mmmmmm, test message goodness....

Best Regards,
Seth Martel.

*** END PGP DECRYPTED/VERIFIED MESSAGE ***

©2002 Seth Martel, Manchester Connecticut USA - Legal - Privacy Policy - Site Map