PGP is a way to encrypt and sign data, but the real magic is that it uses a hybrid approach, combining the speed of symmetric encryption with the key management of asymmetric encryption, to make strong security practical for everyday use.
Let’s see this in action. Imagine Alice wants to send a secret message to Bob.
First, Alice needs Bob’s public key. Bob generated a key pair: a private key he keeps secret, and a public key he shares widely. Alice imports Bob’s public key into her GPG keyring.
Now, Alice writes her message. To encrypt it for Bob, GPG first generates a random, one-time symmetric encryption key (a "session key"). It then uses this session key to encrypt the actual message using a fast symmetric cipher like AES. This is quick, even for large messages.
The clever part: Alice then encrypts that session key using Bob’s public key. Because Bob’s public key is mathematically linked to his private key, only Bob’s private key can decrypt the encrypted session key.
Finally, Alice sends both the encrypted message and the encrypted session key to Bob.
When Bob receives the message, his GPG software sees he has an encrypted message and an encrypted session key. It uses Bob’s private key to decrypt the session key. Once he has the session key, he uses it to decrypt the actual message. He can do this quickly because it’s symmetric encryption.
This hybrid approach is why PGP is both secure and efficient. Encrypting a large file with just asymmetric encryption would be astronomically slow. By encrypting the bulk data with a fast symmetric cipher and only encrypting the small session key with asymmetric encryption, PGP gets the best of both worlds.
But what about proving the message really came from Alice and hasn’t been tampered with? That’s where signing comes in.
Before encrypting, Alice can "sign" her message. This involves creating a hash (a unique fingerprint) of the message. She then encrypts this hash using her own private key. This encrypted hash is the digital signature.
Alice attaches this signature to her message. When Bob receives it, he can verify it. He uses Alice’s public key to decrypt the signature, revealing the original hash Alice calculated. Bob then independently calculates a hash of the message he received. If Bob’s calculated hash matches the hash he decrypted from Alice’s signature, he knows two things:
- Authenticity: The message was signed by the holder of Alice’s private key (presumably Alice).
- Integrity: The message has not been altered since Alice signed it.
The system of trust, known as the "Web of Trust," is built on the idea that you trust someone’s public key because you’ve been vouched for it by someone you already trust, or because you’ve verified it yourself. This is managed through GPG commands like gpg --edit-key <key_id> where you can sign keys.
The most surprising thing is how little attention is paid to the revocation of keys. If your private key is compromised, you must revoke it. This involves creating a revocation certificate and distributing it. If this isn’t done, people might continue to trust your old, compromised key, believing they are sending you secure messages or verifying your signatures. It’s like losing your house keys and never changing the locks – the old keys are still technically valid until you invalidate them.
The next step is understanding how to manage multiple keys and integrate PGP into your email client for seamless encryption and signing.