KEMBAR78
Pretty Good Privacy: PGP - RFC4880 / RFC6637 | PDF | Public Key Cryptography | Key (Cryptography)
Scribd
Upload
87 views10 pages

Pretty Good Privacy: PGP - RFC4880 / RFC6637

PGP (Pretty Good Privacy) is an encryption standard for securing emails and files. It uses both symmetric and asymmetric cryptography. Asymmetric algorithms like RSA are used for encryption and signing with public/private key pairs. Symmetric algorithms like AES encrypt data for confidentiality. Signatures authenticate senders. Compressed data is encrypted with an ephemeral symmetric key, then that key is encrypted with the recipient's public key and attached for decryption and verification of the signature.

Uploaded by

Septian P.R
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
87 views10 pages

Pretty Good Privacy: PGP - RFC4880 / RFC6637

PGP (Pretty Good Privacy) is an encryption standard for securing emails and files. It uses both symmetric and asymmetric cryptography. Asymmetric algorithms like RSA are used for encryption and signing with public/private key pairs. Symmetric algorithms like AES encrypt data for confidentiality. Signatures authenticate senders. Compressed data is encrypted with an ephemeral symmetric key, then that key is encrypted with the recipient's public key and attached for decryption and verification of the signature.

Uploaded by

Septian P.R
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Pretty Good Privacy

PGP - RFC4880 / RFC6637

Reference:
https://www.giac.org/paper/gsec/2415/pgp-works-mathematics/104186
https://datatracker.ietf.org/doc/html/rfc4880
https://datatracker.ietf.org/doc/html/rfc6637
Introduction
PGP - RFC4880 / RFC6637

PGP SSL

Key Management
WoT PKI

Scope
E2E Transit

Usage
E-Mail HTTPS

2
Message Format
PGP - RFC4880 / RFC6637

Block List MESSAGE


MESSAGE, PART X/Y
-----BEGIN PGP …….. BLOCK-----
PUBLIC KEY
SECRET KEY
Header: Value

Radix64 Data
Version
Header List
Comment
MessageID -----END PGP …….. BLOCK-----
Hash
Charset

3
Algorithm
PGP - RFC4880 / RFC6637

Asymmetric Symmetric Compression Hash

RSA (2056 bit min) AES (128, 192, 256 bit) ZIP MD5

RSA (Encrypt) Triple DES ZLIB RIPE-MD/160

RSA (Sign) IDEA BZIP2 SHA (1, 256, 384, 512)

El-Gamal (Encrypt) Two-Fish (Uncompressed) Custom / Experimental

DSA (Sign) Blow-Fish Custom / Experimental

EC-DH (Key Exchange) Cast5

EC-DSA (Sign) (Unencrypted)


Deprecated
Custom / Experimental Custom / Experimental Added in RFC6637 (Elliptic Curve)

https://datatracker.ietf.org/doc/html/rfc6637
4
https://datatracker.ietf.org/doc/html/rfc4880 page 62-63
Core Process
PGP - RFC4880 / RFC6637

Certificate
Digital
Compression Encryption Radix-64
Signature

5
Certificate
PGP - RFC4880 / RFC6637

- General Info
- Algorithm

Public Key Private Key


Owner’s
WoT pc
Sign Passphrase

6
Encryption Process
Convert
Encrypt
Compress
Sign toand
KeyBase64
Create Session Encrypt
Key data
PGP - RFC4880 / RFC6637

Sign Key Data Crypto-Random

Session Key Key-Encryption


Compressed Data (Ephemeral) Key(KEK)

Digital Signature

Encrypted Data Encrypted Key

Symmetric Algorithm
Asymmetric Algorithm

Radix64 Encrypted
7
https://datatracker.ietf.org/doc/html/rfc4880 page 6-8
Decryption Process
PGP - RFC4880 / RFC6637

Data
Key-Encryption
Key(KEK)

Hash Checksum Session Key


(Ephemeral)
Compressed Data

Encrypted Key

Sign Key Digital Signature Encrypted Data

Symmetric Algorithm
Asymmetric Algorithm
Radix64 Encrypted
8
https://datatracker.ietf.org/doc/html/rfc4880 page 6-8
Cryptography Process
PGP - RFC4880 / RFC6637

Asymmetric Algorithm

ElGamal, RSA DSA, ECDSA, RSA Symmetric Algorithm


Recipient’s Sender’s
Recipient’s Sender’s Data
Public Key Private Key
Public Key Public Key

DHE, ECDH Decrypt


Encrypt Sign (Key Exchange)
Data Sender’s Recipient’s Secret Key
Private Key Private Key
Verify Decrypt Shared Secret
Encrypt

Sender’s Recipient’s Symmetric Algorithm Cipher


Public Key Private Key
DSA, ECDSA, RSA ElGamal, RSA

9
Verification Process
PGP - RFC4880 / RFC6637

Digital Signature

Hash Checksum Data

Private Key

10

You might also like