PGP is a security encryption system used for email security. It provides authentication and confidentiality for all email services and communications. It is based on public-key cryptography. PGP is based on a web of trust which is completely dependent on certificate authorities. Certificate Authorities are used to establish trust for the communication to take place between any two users. In the absence of Certificate authorities, a relationship cannot be established and hence the communication can never take place. PGP was developed in the year 1991.
Certificate Authorities are responsible for establishing trust between the user and the authority. In earlier systems, public keys were generated by the users and exchanged those keys to develop trust among each other. While in PGP, the user only trusts the Certificate authorities rather than trusting each other.
Any combination of PGP services can be used for establishing safe electronic mail communication. Only one PGP service can also be used at a time.
Here are some of the services provided by PGP
Encryption is the technique used to convert a message into an undecipherable code so that it cannot be prone to unauthorized access. In PGP encryption takes place in various steps. First, PGP generates a random number for symmetric-key cryptography to take place. Then messages are encrypted and decrypted using this symmetric key.
Compression is applied before the encryption process in cryptography in email systems. Compression is very useful as an added advantage to the security system of emails. Whenever tampered by any hacker or unwanted source, the compressed data does not simply decompress without giving any errors. This alarms the user and thus operationally of electronic mail system is enhanced.
3. Digital Signature
It uses a hash code or message-digest algorithm to provide a secure communication platform. A public key signature algorithm can also be used. Its main purpose is to add a layer of authenticity to verify crucial and confidential documents or even messages.
4. Radix-64 Conversion
Radix-64 conversion is used for email compatibility for different systems on which the email system will be used. Many email systems can only send ASCII text. Due to this problem, the ciphertext block in encryption operation is not able to translate the ASCII characters. So Radix-64 conversion is used to overcome this.
Some symmetric and asymmetric cryptographic algorithms such as RSA, DSS, DES, IDEA, Diffie Hellman Algorithm, and hashing algorithms such as SHA1, SHA256, SHA224, SHA384, RIPEMD160, MD5 can be used for various services.
How to Maintain Web Security?
Web Security is used to safeguard the private information of internet users. As we know that www or the world wide web is a collection of a huge number of web servers hosting communicating along several devices using several protocols. SSL (now TLS) is the perfect protocol to maintain web security over a communication network.