Question 177. What is PGP?

Pretty Good Privacy (PGP) is a software package originally developed by Phil Zimmerman that provides cryptographic routines for e-mail and file storage applications. Zimmerman took existing cryptosystems and cryptographic protocols and developed a freeware program that can run on multiple platforms. It provides message encryption, digital signatures, data compression, and e-mail compatibility.

The algorithms used for message encryption are RSA (see Question 8) for key transport and IDEA (see Question 77) for bulk encryption of messages. Digital signatures are achieved by the use of RSA (see Question 8) for signing and MD5 (see Question 99) for computing the message digest. The freeware program ZIP is used to compress messages for transmission and storage. E-mail compatibility is achieved by the use of Radix-64 conversion.

MIT PGP versions 2.6 and later are legal freeware for non-commercial use based on RSAREF (see Question 174). Viacrypt PGP versions 2.7 and later are legal commercial versions of the same software. PGP is bound by Federal export laws due to the use of the RSA public key cryptosystem.