|home||[ writing ]||bicycle repair||travel||software|
This page was last updated 13 December 2013.
PGP stands for Pretty Good Privacy, originally invented by Phil Zimmerman. It's a package of tools that allows you to send me mail (or files) encrypted so that only I can read them. Without encryption, anyone who has access to one of the many computers that the mail passes through on its way to me can read the content. Some governments with little respect for their citizens' privacy, such as the US and Chinese governments, routinely record personal communications. Unencrypted mail is like an open postcard, except that there are lots of mailmen on the way...
Many mailers now support PGP natively, or simple plugins or add-ons, that make encryption as easy as pressing a button. Also, PGP is not the only encryption package, GPG (Gnu Privacy Guard) has very similar features and is fully compatible. For Apple MacOS, check out GPG Tools , which adds GPG support to the Apple Mail program.
But your mailer must know the recipient to know how to encrypt the mail. It knows that by importing my personal public PGP key. Usually you just click on that link, save it on disk, and then tell your mailer about the file. The mailer will put the key into its ``keyring'', and you can then send me secure mail.
If you are curious, this is what a PGP key looks like:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.10 (GNU/Linux) mQINBFIuzrcBEADeZyaBI7Fh8O0i2kPH/JBF8ZoilXF+LKKjcpQ5XSvA4XC/1oYn DZzMseFiroHiNUEtQ9nN2KW7C18ESS2g4Yg0EB+/BduTPHBUduOUax4DTFr7xVHu 4j6BipqQLTq+Vqjq4n2pj77T9sRYVM2iD7DVv1p1zhKFhSIXsSjbD6k29nOun1sm mGuZhDCPJahgKa2t6FndeZE7Fq8iDhj5yGLM2UcKDykRgySvtWWQ/zj6VcNWNhJ8 gEpmFzrwEtulZtD5YXsRmYdkcG91orfUwGsFYNdwKoZZ18CBzxptSt5ctYY0GJRi MIxbYRWNXaht2kaU8Xf8fYd3kBTGht01G6vS2cPW51V3CCepq/5G90eUHr6ZBVaN w83y1fgEY2TWpVd4/48rOgSx8//2n54vd0qIRch921BP2pJY0Xq1ClshTDqGe4Oh 2JCZ6zUHFUGwvFM1Vjvp5ZRBqxC6r4WV1Ka/vPP85ndkNZATldatL13ieFyVfgZI uuI8NHW7sZGnU8f6ju7Q1EnhoUfUQenTYpSX35jhg3a6vPV3SE7yu0qPoMxZoO8z R+etR/jL2nNW5wn82vwaZypCAdraJUEB47HwR0ccT98Gex7SBVUIIDreKAAeMeCf l0gtzQLU+fDzrD5yGbb+rKEyCduH16dNITmmil4mzFxJ/cPJ+kNoDK4SUwARAQAB tC1UaG9tYXMgRHJpZW1leWVyIChwdWJtYWlsKSA8dGhvbWFzQGJpdHJvdC5kZT6J AjkEEwECACMFAlIuzrcCGwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRAg 5WpgXQaXL4kvEACXvbc2vPMM0dVk4hHLqBUYvGZd89oG5CkMwLe4lSmdWI1IIXlw xJ7j3Tl3z5shm7hO7rXtkUIzwAfOxVmFpcCblnl6e7K/Paf/0jjg5BERYxqpHzSS 3/rAbInS7xf3WV9sVnNBnoAVt2wpxFgr44ot8gUcqr/UmahIs0NxWRstRCICk6Qu t6EwI1BJNa5szjzuvsKQ1k30N51YJko1G3baRWlEsKORf8n50jsrp7nYkMRJBmnq bHkKAxyG3wScvYnOnFUFm9xyesKUIrj0RIr+tBPRpeEOXZDB2DmbR9sKbz2tdU/2 lROFdoRqIcEuV7Z6J2U0/yfTI+R4bGptA3y1WzWY4hz37CXeZBqAm/ZIIag8dR2y 1pc8rdc12HKXwVAa2hpKRHnMTxLTsol6Zv9lOgAOLO6RJQ/s8qKiyOFdz5fPpYbk XMovnsmInsJOPU8R/8jyRNB1F2ZW48bobVpElfvZ2HDwWnFuRRdAEujbPSERpgeT w50NMymwB9S5c9JLsEP9ei3dAeFXC7DpViKQIHbnorWHZ9RSpSmM5YXufNGIohHr bGssWiumoR53FEOF+9tDC23kWbh6hGzjbxK/z+b7BTxNW1IEZabhofsIKtBTNTGr YTx50hzR5yU7RnqW7ZIzpIh1JxERI+xqbQWTK4WT6SoceuV1bKil/uy+F4hGBBMR AgAGBQJSaSRVAAoJECuuPPba/7AAt1QAoIe3gGwKSBMhjkXyhExP6jZC6j+GAKCS 3VqMkohPCPec6Jfn95Z0BVxIzbkCDQRSLs63ARAA2Ru1EbYisWE0SU/u9L6JTr+T fTho4TQ5qNhMUnmlJS+8gJkaEBNiAhCDZiaVkUXidkEx37Jc+ObgHVjMQsUf0Y3f l+NcToG0mkoCVSn7hiUsRsdJJjjnBlTDrOMFcY+gs8pfOL/GtlTHiii/bnYL+h0Z 1jGSCQiCbKj0M4fON2MhahI08gyIX7Qka/jz/KL143Xt0Vz6+xzbMFuSuqLyKs3w JdUBOXjubwAOQaGyTRYBVxZqnPDpY/ak/GqRqpOZM9qFPA1sgUQ0iDn2O4WciTJE WATNx8g0mfGPNP8/T7dMyRE2Ue2mMMx523yokSFpI/AUnuF151lMEtnc8oXZ4axD c0UuhJXIQjI7ZMvyI3yBQeygIpHZ42Yt8Tq6XLic0DMTInhskJRf9g2KJ1/VAt0M SESJbBKWog8JzOjLD2e48KZmnqlugg5IhKtLsiIzzva9urLiWTW58of866lMvFIA R1aTkAlxTmM931R801Rpn92UXaYwPK6IJRoVN//HEONb1YPbLTJaD6sWSnUIwrPr TQ4iZbPjUOuIbAyqpY72e38l77StuTIwz7pIVhHEPR7Re/KiJsE6+vgNXglxWHcw gEnmEsZ9C7A7pxMUIj23Wa8BP8/5aD9S+SperHcFA6s8U/K06qnaJ84g0T2diJAs U6KZMOYrilf/349shZ8AEQEAAYkCHwQYAQIACQUCUi7OtwIbDAAKCRAg5WpgXQaX L4L9D/wI3zoa1hxwLZJxAZMuVp9H0wY0nQjjK6LnMVKUSFbsIw0/noAtLKqSy3yJ 4VAs6vAj6Z5LzCCQerB+hJJ1pgzowI9Ds4NHDg5c1QQmT+hMIR9d78Ovhr7sJW8m Wa4SaT3ZWBZ7SclpRhRqgOQGuwrosTqZmTnLtHnO3JcS2l+HwWj2ZgvXWgxlbFXj /LznjoBCA7n9z2TI7ZDOjaMortyVM1b5uWdlgod9dWHujux7PxX8+Dtabfol2zHn WLoYmGtYMH2PnAHF8fWYnhEt+lykb1XUQk8Z3XfcSpYsg1g36+cxwIZRJzO5hsZO K5Pv8tuEMCz7fnyVIsveuF7opLqJTrODHl/UjIJt+xFpcixEfyuRkuk4RuVp8zwH QNFu4MUJVaeSrCxOAwYO6RUP+hi2EoWhDJUy21dHM/Fu55PLRqHoGwYck+unPe8A OP5mDy0NpujQkwPyjzdrYTwR3enZC/iWVtheWSogxoQmyym/h9SvZ0khVSjiaS0O MUjvjnfrr3/b5WzOiIAkpVtiVc1yM9PyqItAdGMYSk4fXyjGhP0zc42vE2aXqYjK JqOAf/a7B3Gr6eJKBaYwqXJHTQPQ7URYdI840KJD5icXs6zysQnjLfO8l2W7RcpA xGs8sjXdohc1rW+Op2sQo6RnuMIkocb7XQhZzeRoeKNsHWxQcA== =RE0K -----END PGP PUBLIC KEY BLOCK-----
And if you are wondering why I can publish this key without allowing everyone to read my secure mail: the neat thing about PGP is that there is one key for encrypting (the one you see here) and another key for decrypting it again (I keep that one secret). That's called an asymmetric cipher.
Paranoid people now wonder if the page you are looking at has been tampered with, and you are seeing a forged key. That's called a man-in-the-middle attack. To get around this, you can ask your mailer to tell you the key's fingerprint, a short string that uniquely identifies the key so you don't have to call me and verify the huge text block you see above. My key's fingerprint is
4D1A 2192 63DB 1B74 9AA7 CCCE 20E5 6A60 5D06 972F
Now you may wonder how you can be sure that the fingerprint isn't forged too. Well, you can call me up and ask me to verify it, but usually it's considered sufficient to scatter the fingerprint widely. For a long time I have put it in every mail I sent. An attacker would have a very hard time intercepting and forging them all.
In this day and age many people feel it's a good idea to routinely encrypt all mail. Would you send all your personal letters on open postcards? You can consider encryption as the electronic equivalent of putting your letter into a sealed envelope, except it's much more difficult to ``open'' an encrypted mail than steaming open an envelope. So, go ahead, send me secure mail!
Here is a good article with technical details.
|home||[ writing ]||bicycle repair||travel||software|