If not redirected, please click here https://www.thesecuritybuddy.com/pgp-and-gpg/pgp-vs-openpgp-vs-gnupg/
PGP is a widely known software program using which one can sign, encrypt and decrypt documents, texts or emails. It can even be used to encrypt a whole disk.
PGP is a widely known software program using which one can sign, encrypt and decrypt documents, texts or emails. It can even be used to encrypt a whole disk.
But, we often see the terms PGP,
OpenPGP and GnuPG. Are they same or are they different ? How are they
different from each other ?
Let's try to understand that.
What is PGP ?
PGP or Pretty Good Privacy is a software program which was
first created by Phil Zimmermann in 1991. History of PGP is actually pretty
rich.
After creating the program in 1991,
Zimmermann and his team started a company in 1996. The company
started to develop new versions of PGP. It was merged with ViaCrypt
and the company was named PGP Inc. They started developing PGP 3
which could be used with GUI.
In 1997, PGP Inc was acquired by
Network Associates Inc. Zimmermann and his team became members of the
company.
Under Network Associates Inc, PGP team
started adding new features to the existing PGP program. It was at
that time when features of Disk Encryption, Desktop Firewalls,
Intrusion Detection and IPSec VPN was added.
In 2001, Zimmermann left Network
Associates Inc.
In 2002, ex-PGP team members formed a
new company named PGP Corp and bought most of the PGP assets from
Network Associates Inc. Zimmermann now serves as a special advisor
and consultant to PGP Corp.
What is OpenPGP ?
OpenPGP is the standard defined by
OpenPGP Working Group of the Internet Engineering Task Force or IETF.
The OpenPGP Working Group was formed in
1997 and they defined the standard OpenPGP which was since then a
proprietary product since 1991.
As OpenPGP became an IETF Proposed
Standard, OpenPGP can now be implemented by any company without
paying any license fees to anyone.
What is GnuPG ?
GnuPG or GNU Privacy Guard is an OpenPGP
compliant program which was developed by Free Software Foundation.
GnuPG is freely available together with
its source code under the GNU General Public License or GPL.
Now, several other vendors also have
developed other OpenPGP compliant software.
The difference between PGP, OpenPGP and GnuPG
So, to summarize, PGP is the software
program which was first developed by Phil Zimmermann in 1991. OpenPGP
is the standard proposed by IETF. And, GnuPG is a freely available
software under GNU General Public License.
How to use PGP ?
PGP is based on Public Key
Cryptography. A user has to first create a public-private keypair.
The private key is kept secret with the user and the public key can
be distributed. This keypair can later be used to sign, encrypt or
decrypt documents, texts, emails etc.
Digital Signature
Digital Signature is done to ensure authenticity and integrity of a document. A user has to make digital signatures using his private key. Any user who has public key of the sender, would be able to verify that the document is indeed sent by the particular sender and is unmodified since then.
Encryption and Decryption
To send someone an encrypted document or email securely, one has to encrypt it using the public key of the recipient. The recipient needs ro decrypt key using his private key. As the private key secret to the recipient only, only the recipient would be able to get the message.
Signing and Encryption
If a sender wants to send secret message to a recipient and ensure the authenticity and integrity of the message at the same time, then the sender has to sign as well as encrypt the message.
For that purpose, the sender needs to
sign it using his provate key and encrypt it with the public key of
the recipient. As the private keys are kept secret to users, only the
recipient would be able to decrypt the message and at the same time,
no one else other than the sender would be able to modify the
message.
Read More
No comments:
Post a Comment