PGP combines some of the best features of both conventional
and public key cryptography. PGP is a hybrid cryptosystem. When a user encrypts
plaintext with PGP, PGP first compresses the plaintext. Data compression saves
modem transmission time and disk space and, more importantly, strengthens
cryptographic security.
Most cryptanalysis techniques exploit patterns found in
the plaintext to crack the cipher. Compression reduces these patterns in the
plaintext, thereby greatly enhancing resistance to cryptanalysis. (Files that
are too short to compress or which don’t compress well aren’t compressed.)
PGP
then creates a session key, which is a one-time-only secret key. This key is a
random number generated from the random movements of your mouse and the
keystrokes you type. This session key works with a very secure, fast
conventional encryption algorithm to encrypt the plaintext the result is
ciphertext. Once the data is encrypted, the session key is then encrypted to
the recipient’s public key. This public key-encrypted session key is
transmitted along with the ciphertext to the recipient.
Decryption works in the reverse. The recipient’s copy of PGP
uses his or her private key to recover the temporary session key, which PGP
then uses to decrypt the conventionally-encrypted ciphertext.
Below image shows how PGP encryption works
Below image shows how PGP decryption works
No comments:
Post a Comment