PGP is a method of encrypting communication.
Because the encrypted message can be send on any channel that supports text messages, such as emails and personal messages,
PGP can be considered channel-agnostic.
PGP is used in many business types
- finance and banking
Users who wish to encrypt messages they send must have a private key.
For any private key, there must be a
public key to send the message. So, when generating a private key, a public
key will also be generated. These are also known as a key pair.
How to get public key of the recepient of the message?
- using a direct channel, such as Floppy disks, CDs, or other direct connections
- using a PGP public key server
Conversation using PGP
- 2 users to share messages: user A and user B
- each user has his/hers own key pair (a public key and a private key)
- each user has the other user's public key
How to proceed?
To send a message back to user A, user B should proceed the same way user B did.
So, to start, user B should encrypt the message using private key B.
- user A encrypts the message using private key A
- user A encrypts the resulted message one more time using public key B
- the final message will be send through the network
- user A sends the message which was encrypted 2 times to user B
- user B receives the message from user A
- user B decodes the message using private key B
- user B decodes the resulted message once again using public key A
- the message he/she gets is the fully decrypted message to read
Just sending a PGP message
To simply send a message encrypted with PGP, only the receiver must have
a key pair. The sender should have the receiver's public key.
Some rules PGP is based on
- the private key must be kept secret
- a message can be encrypted using the private key or the public key
- when a message is sent anonymously (the sender does not have a key pair) to a receiver (who has the private key and the public key), the sender knows only the public key of the receiver, so the public key of the receiver is used for encrypting the message
- if a message was encrypted using the private key, the public key is required to decrypt a message and read its content
- if a message was encrypted using the public key, the private key is required to decrypt a message and read its content
- encrypting a message with other user's public key ensures that he/she is the only person who can read the message
- encrypting a message with own's private key ensures that the sender is who he/she sais he/she is