Pretty Good Privacy (PGP) is a cryptography software widely used on the Internet to protect e-mail communication. The PGP protocol is an RSA implementation that was distributed over the Internet in an initial version in 1991. Non-commercial software was also released for license-free use. Since the export of this software from the USA is still prohibited, but not the export of the RSA algorithm, separate PGP versions were developed outside the USA.
The PGP process is based on the Rivest-Shamir-Adleman (RSA) asymmetric encryption. In this method, two keys are generated: a private key and a public key. The public key is used to encrypt the plaintext to the ciphertext. The respective user can decrypt these messages with his private key. During the encryption itself, the plaintext file is compressed and encrypted with the session key, which is randomly generated. In addition, the session key is encrypted with the public key and transmitted along with the ciphertext. Encrypting the session key makes sense in that it significantly increases the efficiency of the encryption compared to other public key methods.
In the PGP procedure, the key exchange takes place on a trust basis between the partners, who certify each other as trustworthy. PGP is widely used by Internet users because of its decentralized handling and can also be found as shareware in German via Archie. Pretty Good Privacy can be used for digital signatures, with it documents and messages can be encrypted and signed forgery- proof. In newer versions PGP also supports graphical interfaces and central security infrastructures( PKI).
Using Pretty Good Privacy, documents and messages can be encrypted and signed in a forgery-proof manner.