Created by Phil Zimmerman in 1991, Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. In other words, PGP is used for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk partitions to increase the security of e-mail communications.
PGP combines symmetric-key encryption and public-key encryption. The message is encrypted using a symmetric encryption algorithm, which requires a symmetric or session key. Each symmetric key is used only once.
- The message and its session key are sent to the receiver.
- The session key must be sent to the receiver so they know how to decrypt the message.
- To protect the session key during transmission, it is encrypted with the receiver’s public key.
- Only the private key belonging to the receiver can decrypt the sender’s session key.
PGP is useful for two things:
- Privacy and Security
For example, you can encrypt an email to someone, or encrypt a file with a list of passwords. You can also be certain that the message you receive was sent/written by the legitimate sender and that it has not been modified by a third party.