The comp.security.pgp FAQ

PGP is a program that gives your electronic mail something that it otherwise doesn't have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text.

PGP can also be used to apply a digital signature to a message without encrypting it. This is normally used in public postings where you don't want to hide what you are saying, but rather want to allow others to confirm that the message actually came from you. Once a digital signature is created, it is impossible for anyone to modify either the message or the signature without the modification being detected by PGP.

While PGP is easy to use, it does give you enough rope so that you can hang yourself. You should become thoroughly familiar with the various options in PGP before using it to send serious messages. For example, giving the command pgp -sat <filename> will only sign a message, it will not encrypt it. Even though the output looks like it is encrypted, it really isn't. Anybody in the world would be able to recover the original text.

You should encrypt your e-mail for the same reason that you don't write all of your correspondence on the back of a post card. E-mail is actually far less secure than the postal system. With the post office, you at least put your letter inside an envelope to hide it from casual snooping. Take a look at the header area of any e-mail message that you receive and you will see that it has passed through a number of nodes on its way to you. Every one of these nodes presents the opportunity for snooping. Encryption in no way should imply illegal activity. It is simply intended to keep personal thoughts personal.

Xenon <an48138@anon.penet.fi> puts it like this:

Crime? If you are not a politician, research scientist, investor, CEO, lawyer, celebrity, libertarian in a repressive society, investor, or person having too much fun, and you do not send e-mail about your private sex life, financial/political/legal/scientific plans, or gossip then maybe you don't need PGP, but at least realize that privacy has nothing to do with crime and is in fact what keeps the world from falling apart. Besides, PGP is FUN. You never had a secret decoder ring? Boo!
-Xenon (Copyright 1993, Xenon)

With conventional encryption schemes, keys must be exchanged with everyone you wish to talk to by some other secure method such as face to face meetings, or via a trusted courier. The problem is that you need a secure channel before you can establish a secure channel! With conventional encryption, either the same key is used for both encryption and decryption or it is easy to convert either key to the other. With public key encryption, the encryption and decryption keys are different and it is impossible for anyone to convert one to the other. Therefore, the encryption key can be made public knowledge, and posted in a database somewhere. Anyone wanting to send you a message would obtain your encryption key from this database or some other source and encrypt his message to you. This message can't be decrypted with the encryption key. Therefore nobody other than the intended receiver can decrypt the message. Even the person who encrypted it can not reverse the process. When you receive a message, you use your secret decryption key to decrypt the message. This secret key never leaves your computer. In fact, your secret key is itself encrypted to protect it from anyone snooping around your computer.

Nothing!

It should be noted, however, that in the United States, some freeware versions of PGP *may* be a violation of a patent held by Public Key Partners (PKP). The MIT and PGP, Inc. versions specifically are not in violation; if you use anything else, it's your risk. See below (question 1.6) for more information on the patent situation.

Also, the free versions of PGP are free only for noncommercial use. If you need to use PGP in a commercial setting (and you live in the United States or Canada), you should buy a copy of PGP from PGP, Inc. This version of PGP has other advantages as well, most notably a limited license to export it to foreign branch offices. See below, under question 1.9, for information on how to contact them.

If you need to use PGP for commercial use outside the United States or Canada, you should contact Ascom Systec AG, the patent holders for IDEA. They have sold individual licenses for using the IDEA encryption in PGP. Contact:

Erhard Widmer
Ascom Systec AG
Dep't. CMVV
Gewerbepark
CH-5506 Maegenwil
Switzerland
IDEA@ascom.ch

Tel ++41 64 56 59 83
Fax ++41 64 56 59 90

In much of the civilized world, encryption is either legal, or at least tolerated. However, there are a some countries where such activities could put you in front of a firing squad! Check with the laws in your own country before using PGP or any other encryption product. A couple of the countries where encryption is illegal are France, Iran, Russia and Iraq.

The legal status of encryption in many countries has been placed on the World Wide Web.

In addition to the comments about encryption listed above, there are a couple of additional issues of importance to those individuals residing in the United States or Canada.

First, there is a question as to whether or not PGP falls under ITAR regulations which govern the exporting of cryptographic technology from the United States. This despite the fact that technical articles on the subject of public key encryption have been available legally worldwide for a number of years. Any competent programmer would have been able to translate those articles into a workable encryption program. A lawsuit has been filed by the EFF challenging the ITAR regulations; thus, they may be relaxed to allow encryption technology to be exported.

The situation in Canada is somewhat special; although ITAR does not apply here, Canada honors the US export restrictions, which makes it illegal to export PGP from Canada if it were imported there from the USA.

Second, older versions of PGP (up to 2.3a) were thought to be violating the patent on the RSA encryption algorithm held by Public Key Partners (PKP), a patent that is only valid in the United States. This was never tested in court, however, and recent versions of PGP have been made with various agreements and licenses in force which effectively settle the patent issue. So-called "international" versions and older versions (previous to ViaCrypt PGP 2.4), however, are still considered in violation by PKP; if you're in the USA, use them at your own risk!

At the moment, there are five different "current" versions of PGP. All of these are derived, more or less, from a common source base: PGP 2.3a, the last "guerillaware" version of PGP. Negotiations to make PGP legal and "legitimate" have resulted in the differing versions available; all of them, for the most part, are approximately equivalent in functionality, and they can all work with each other in most respects.

All versions of PGP after 2.3 produce messages that cannot be read by 2.3 or earlier, although the "international" versions have a switch to enable the creation of messages in a compatible format. This is the legal_kludge=on option in the configuration file.

MIT has released the freeware version of PGP 5.0 for Windows '95 and the Macintosh. This version has some limitations over the previous "official" freeware version 2.6.2 (for example, no conventional encryption and no wiping option). The source for PGP 5.0 is only available in book form. An international effort is underway to scan in this source to produce the electronic form. US export regulations forbid the export of PGP source in electronic form, but not of export in book form.

Note: there now is a beta version of PGP 5.0 for Linux available at http://www.pgp.com/products/50-linux-beta.cgi. Thanks to Lou Rinaldi for pointing this out.

PGP, Inc sells two versions of PGP: PGPmail 4.5 for business use (formerly Viacrypt PGP Business Edition) and PGP 5.0 for personal use. See question 1.9 for more details on these versions.

PGP 2.6.3i ("international") is a version of PGP developed from the source code of MIT PGP, which was exported illegally from the United States at some point. Basically, it is MIT PGP 2.6.2, but it uses the old encryption routines from PGP 2.3a; these routines perform better than RSAREF and in addition do not have the usage restrictions in the RSAREF copyright license. It also contains some fixes for bugs discovered since the release of MIT PGP 2.6.2, as well as several small enhancements. For more information, see the International PGP homepage

PGP 2.6ui ("unofficial international") is PGP 2.3a with minor modifications made so it can decrypt files encrypted with MIT PGP. It does not contain any of the MIT fixes and improvements; it does, however, have other improvements, most notably in the Macintosh version.

The 2.6.3(i)n version was developed to fullfill the policy of the Individual Network e.V. Certification Hierarchy. It supports the features described in the pgformat.doc:

• expire of keys
• support of certificate revokation certificates. You can revoke your ID without loosing your key.
• While certifying a key the certifier can specify how he checked the users real identity. This question is quite different to the question if the key was presented by this person or not!

It fixed announing bugs of PGP:

• certificates of compromised keys are invalid now

Furthermore it adds:

• support SIGN/ENCR keys
• support of a seperate encrypt to self id

References:

• http://www.in-ca.individual.net/
• ftp://ftp.iks-jena.de/pub/mitarb/lutz/crypt/software/pgp/

Not really.

Of course, you can try using Dejanews or Alta Vista if you are looking for articles about specific topics.

Yes. Until recently, Viacrypt was marketing the only commercially licensed version of PGP. The company was bought by PGP Inc., a company founded by Phil Zimmerman. This company offers two versions of PGP: PGPmail 4.5 for corporate use, and PGP 5.0 for personal use. It is not entirely clear if the license for RSA that Viacrypt had is still valid.

The PGP 5.0 FAQ discusses this version in more detail.

PGPmail 4.5 is the successor of Viacrypt PGP Business Edition. In addition to the features found in normal versions of PGP, it also has a "Corporate Message Recovery" feature, which enables a site admin to recover messages encrypted by employees using PGPmail 4.5 in case their secret key is lost. It also has the Enclyptor, which adds a toolbar for email programs and word processors. For more information, see http://www.pgp.com/products/PGPmail-faq.cgi.

(Note: the Corporate Message Recovery feature is not a backdoor in PGP in the traditional sense. The freeware versions of PGP do not have this feature, and PGPmail 4.5's encryption has not been weakened in any way. Its only function is a backup so that the company can recover company data if the employee who encrypted it has left or has lost his secret key.)

There is a PGP library that can be used in programs:
ftp://dslab1.cs.uit.no/pub/PGPlib.tar.gz.

NAI has a software developer's kit for PGP available at:
http://www.pgp.com/sdk/.

Alternatively, you can write your programs to call the PGP program when necessary. In C, for example, you would use the system() or spawn...() functions to do this.

There are several people working on DLL versions (most often for Windows 3.1 or NT) of PGP, but I have no information on the status of these versions. PGP Inc. (formerly Viacrypt, see question 1.9) sells an MS Windows DLL which can be used for this purpose.

PGP has been ported successfully to many different platforms, including DOS, the Macintosh, OS/2, Unix (just about all flavors), VMS, the Atari ST, Acorn RISC OS (Archimedes), and the Commodore Amiga. A Windows NT port is reportably in the works as well.

If you don't see your favorite platform above, don't despair! It's likely that porting PGP to your platform won't be too terribly difficult, considering all the platforms it has been ported to. Just ask around to see if there might in fact be a port to your system, and if not, try it!

PGP's VMS port, by the way, has its own Web page.

PGP is very widely available, so much so that a separate FAQ has been written for answering this question. It is called, "WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP)"; it is posted in alt.security.pgp regularly, is in the various FAQ archive sites, and is also available from ftp://ftp.csn.net/mpj/getpgp.asc

However, I will describe below the ways to get the differing versions of PGP from their source sites. Please refer to the above document for more information.

MIT PGP:

Due to the ITAR regulations, MIT has found it necessary to place PGP in an export-controlled directory to prevent people outside the United States from downloading it. If you are in the USA, you may follow these directions:

Telnet to net-dist.mit.edu and log in as "getpgp". You will then be given a short statement about the regulations concerning the export of cryptographic software, and be given a series of yes/no questions to answer. If you answer correctly to the questions (they consist mostly of agreements to the RSADSI and MIT licenses and questions about whether you intend to export PGP), you will be given a special directory name in which to find the PGP code. At that point, you can FTP to net-dist.mit.edu, change to that directory, and access the software. You may be denied access to the directories even if you answer the questions correctly if the MIT site cannot verify that your site does in fact reside in the USA.

Further directions, copies of the MIT and RSAREF licenses, notes, and the full documentation are freely available from:

ftp://net-dist.mit.edu/pub/PGP/

An easier method of getting to the PGP software is now available on the World Wide Web at the following location:

http://bs.mit.edu:8001/pgp-form.html

PGPmail and PGP 5.0:

The freeware version of PGP 5.0 is available from MIT (see above). Other versions are commercial software and must be bought from PGP, Inc. They are, furthermore, not available outside the United States or Canada except under special circumstances. See above (question 1.9) for contact information.

PGP 2.6.3i:

As Norway is not limited by ITAR, no hoops are needed to get this version: http://www.ifi.uio.no/pgp/

You may also get it via mail by sending a message to hypnotech-request@ifi.uio.no with your request in the subject:
GET pgp262i[s].[zip | tar.gz]

Specify the "s" if you want the source code. Putting ".zip" at the end gets you the files in the PKZIP/Info-ZIP archive format, while putting "tar.gz" at the end gets the files in a gzipped tar file.

A US-compiled version of 2.6.3i (which means it does not use the MPILIB RSA library that violates a patent in the USA) can be downloaded from http://www.isc.rit.edu/~pdw5973/crypto/pgpdown.html.

PGP 2.6ui:

• ftp://ftp.mantis.co.uk/pub/cryptography/
• http://thegate.gamers.org/~tony/pgp.html

This link is also an excellent resource for other information about PGP.

A note on ftpmail:

For those individuals who do not have access to FTP, but do have access to e-mail, you can get FTP files mailed to you. For information on this service, send a message saying "Help" to ftpmail@ftpmail.ramona.vix.com. You will be sent an instruction sheet on how to use the ftpmail service.

If this FAQ doesn't answer your question, there are several places for finding out information about PGP.

World Wide Web

http://sun1.bham.ac.uk/N.M.Queen/pgp/pgp.html

A good place to start, includes pointers on where to download PGP.

http://www.stack.nl/~galactus/remailers/bg2pgp.txt

Although the documentation that comes with PGP is very complete, you might also want to read this guide. It covers all the basic steps needed to install and use PGP, and also gives you tips on how to use it more effectively.

http://www.stack.nl/~galactus/remailers/passphrase-faq.html

Your pass phrase is used to protect your PGP secret key. Here's how to generate and manage strong pass phrases. This may also be useful for creating passwords for other purposes.

PGP-related resources

A large collection of PGP-related Web sites, links to front-ends, and more.

http://www.stack.nl/~galactus/remailers/attack-faq.html

A very detailed analysis on the security of PGP and possible attacks.

FTP Sites:

• ftp://ftp.pgp.net/pub/pgp/
• ftp://ftp.ox.ac.uk/pub/crypto/
• ftp://ripem.msu.edu/pub/crypt/
• ftp://ftp.csua.berkeley.edu/pub/cypherpunks/

Also see part 10, "Recommended Reading".