Revised 3 April 2018
This FAQ applies to Pretty Good Privacy (PGP), Gnu Privacy Guard (GPG), and some other OpenPGP implementations.
Disclaimer: some of this information is outdated or otherwise inaccurate. I don't update it very often, and when I do, I don't update the whole document. However, you should by all means be able to find an appropriate copy of PGP and its documentation using the information contained herein. Use it at your own risk.
The master copies of this FAQ is at http://cryptography.org/getpgp.htm.
The official (much more complete) PGP FAQ is available at: http://www.pgp.net/pgpnet/pgp-faq/
PGP Mail is now published and supported by PGP Corporation. See
http://www.pgp.com for information on their
current prices, versions, and support. For commercial applications where having
a corporation to back up a product with support is important, or where maximum
integration with Windows is also important, this is the preferable option. For
commercial applications where low cost is the primary option and you want to use
a command line interface, Gnu Privacy Guard (http://www.gnupg.org)
is better.
The best source of PGP information is in the PGP documentation that comes with PGP. For additional information, you may want to read:
PGP 5.0 introduces some new algorithms for both public key and conventional encryption. These changes are good from both technical (security & efficiency) and political (patent) standpoints. With the death of the Diffie-Hellman key exchange patent, the freeware PGP new algorithms are 100% free of patent problems, and free of legalese such as come with the RSAREF toolkit. The Diffie-Hellman key exchange key size limit is also larger than the old RSA limit, so PGP encryption is actually more secure, now.
The new SHA1 hash function is better than MD5, so signatures are more secure, now, too. The conventional encryption used is all sound, and definitely not the weak link in the chain. This much is good news.
The bad news, of course, is that there will be some interoperability problems, since no earlier versions of PGP can handle these algorithm, and some PGP freeware issued before the RSA algorithm math patent expired doesn't support RSA signatures and encryption.
Gnu Privacy Guard was written from the ground up to be free software under the Gnu Public License. That means that it cannot use the IDEA symmetric key algorithm, and also that some versions were issued before the RSA patent expired in the USA, and therefore some older versions of GPG didn't support RSA signatures or encryption.
For more information on PGP and GPG compatibility, please see http://www.openpgp.org.
Protect Your Privacy: A Guide for PGP Users by William Stallings Prentice Hall PTR ISBN 0-13-185596-4 US $19.95 PGP: Pretty Good Privacy by Simson Garfinkel O'Reilly & Associates, Inc. ISBN 1-56592-098-8 US $24.95 E-Mail_Security, How To Keep Your Electronic Messages Private (covers PGP & PEM) by Bruce Schneier 365 pages 1995 pub: John Wiley & Sons, Inc. ISBN 0-471-05318-X $24.95 US The Computer Privacy Handbook: A Practical Guide to E-Mail Encryption, Data Protection, and PGP PRivacy Software by André Bacard Peachpit Press ISBN 1-56609-171-3 US $24.95 800-283-9444 or 510-548-4393 THE OFFICIAL PGP USER'S GUIDE by Philip R. Zimmermann MIT Press April 1995 - 216 pp. - paper - US $14.95 - ISBN 0-262-74017-6 ZIMPP Standard PGP documentation neatly typeset and bound. PGP SOURCE CODE AND INTERNALS by Philip R. Zimmermann April 1995 - 804 pp. - US $55.00 - 0-262-24039-4 ZIMPH How to Use PGP, 61 pages, (Pub #121) from the Superior Broadcasting Company, Box 1533-N, Oil City, PA 16301, phone: (814) 678-8801 (about US $10-$13).
Using and distributing Pretty Good Privacy is legal if you are careful to obey the intellectual property and export rules, as well as any local rules that may apply in the nation you are in.
U. S. export regulations are not as bad as they were, but you may be required to give a notice to the U. S. Government to export or publicly post source code (and the executable compiled from it) under license exception TSU. You can't intentionally export PGP or GPG from the USA to certain forbidden destination (state sponsors of terrorism, etc.) Check the Department of Commerce web site at http://www.bxa.doc.gov/Encryption/Default.htm for current rules.
The RSA patent caused considerable expense in the USA for PGP users, until the Diffie-Hellman patent expired and DSA was offered by the U. S. Government as not infringing. Some people still like to use older versions of PGP that use RSA, especially outside of the USA. Fortunately, the RSA patent is dead and anyone in the USA may use RSA for either business or personal use without restrictions, just like people in the rest of the world have been able to do for many years.
If you want to use PGP for commercial use, the most legal approach is to use Gnu Privacy Guard (http://www.gnupg.org) for free, but you may also be able to buy a license for the commercial version of PGP.
If you are in a country where the IDEA cipher patent holds in software (including the USA and some countries in Europe), make
sure you are licensed to use the IDEA cipher commercially before using PGP commercially, or avoid it by using Gnu Privacy
Guard or a version of PGP that allows the use of alternate algorithms like CAST,
instead. (No separate license is required to use the freeware PGP for personal, noncommercial use). For direct IDEA licensing,
contact Ascom Systec:
Erhard Widmer, Ascom Systec AG, Dep't. CMVV
Phone +41 64 56 59 83
Peter Hartmann, Ascom Systec AG, Dep't. CMN
Phone +41 64 56 59 45
Fax: +41 64 56 59 90
e-mail: IDEA@ascom.ch
Mail address: Gewerbepark, CH-5506 Maegenwil (Switzerland)
Network Associates, Inc., has an exclusive marketing agreement for commercial distribution of Philip Zimmermann's copyrighted code. (Selling shareware/freeware disks or connect time is OK, as is building on older GPL versions of PGP or the new GPG.)
If you modify PGP (other than porting it to another platform, fixing a bug, or adapting it to another compiler), don't call it PGP (TM) or Pretty Good Privacy (TM) without Philip Zimmermann's permission.
Within the U.S. there is no legal obstacle for use of strong encryption. Export regulations used to be quite draconian in the USA, and are still partially irrational, but they have greatly improved to the point where U. S. Citizens no longer need to hesitate to publish (even on the Internet) and use strong cryptography, as long as they send the required notices of export and/or posting on the Internet described by http://www.bxa.doc.gov/Encryption/Default.htm.
In an ideal world every honest person would have the right to use encryption. Unfortunately, this isn't an ideal world.
France used to be quite restrictive, but now that nation allows its citizens to use strong cryptography, recognizing its value in preventing some crimes and strengthening electronic commerce.
Germany once considered banning the use and distribution of strong cryptographic software in the name of "national security," but now the German government has actually endorsed and helped fund the development of Gnu Privacy Guard.
In Russia, you can be arrested for using cryptography and even be put in jail for using a GPS receiver.
U. S. Citizens may want to view travel advisories at http://travel.state.gov before visiting another country.
For information on the legal situation see The Crypto Law
Survey http://cwis.kub.nl/~frw/people/koops/lawsurvy.htm
Philip Zimmermann was under investigation for alleged violation of export regulations, with a grand jury hearing evidence for about 28 months, ending 11 January 1996. The Federal Government chose not to comment on why it decided to not prosecute, nor is it likely to. The Commerce Secretary stated that he would seek relaxed export controls for cryptographic products, since studies show that U. S. industry is being harmed by current regulations. Philip endured some serious threats to his livelihood and freedom, as well as some very real legal expenses, for the sake of your right to electronic privacy.
See:
See:
PGP can do conventional encryption only of a file (-c) option, but you might want to investigate some of the other alternatives if you do this a lot.
Alternatives include Atbash2 for DOS, DLOCK2 for DOS & UNIX, Curve Encrypt (for the Mac), HPACK (many platforms), and a few others.
Atbash2 is interesting in that it generates ciphertext that can be read over the telephone or sent by Morse code. DLOCK2 is a no-frills strong encryption program with complete source code. Curve Encrypt has certain user-friendliness advantages. HPACK is an archiver (like ZIP or ARC), but with strong encryption. A couple of starting points for your search are:
If you have the Norton Utilities, Norton WipeInfo is pretty good. I use DELETE.EXE in del210.zip, which is really good at deleting existing files, but doesn't wipe "unused" space.
PGPfone is for private telephone calls over a modem or the Internet.
[Top]Bill Dorsey, Pat Mullarky, and Paul Rubin have come out with a program called Nautilus that enables you to engage in secure voice conversations between people with multimedia PCs and modems capable of at least 7200 bps (but 14.4 kbps is better). See:
Gnu Privacy Guard (GPG) is a serious OpenPGP standard competitor to PGP, but really it is more of a growth from the initial Gnu Public License versions of PGP itself, with some independently-written code added where necessary. It is a serious alternative, and quite secure.
S/MIME is gaining a foothold on the secure email market, but my experience with it has been rather negative. Current implementations of S/MIME (1) don't always use secure key lengths, (2) often require payment of an annual fee to a central key certification authority, (3) have much more limited key management facilities than PGP, and (4) usually don't have source code open to inspection like GPG and most versions of PGP. On the positive side, S/MIME is integrated into email packages like Microsoft Outlook and Netscape Messenger.
The latest PGP and GPG versions will interact with key servers automatically if you are connected to the Internet and if you configure them to. For manual key publication, see https://pgp.mit.edu/.
Yes and no. Yes, it is secure against most attackers when used on a physically secure system in accordance with its instructions. This includes using a good passphrase to protect your private keys and keeping your passphrase and private keys truly private. You must also never run or allow to be run any rogue software (including viruses, worms, and Trojan horses) that might send your passphrase keystrokes and your PGP key file back to some spy.
If an adversary of yours has physical access to the computer that you use
with PGP, it is not hard to install a hardware or software keystroke logger that
can capture your passphrase, and to copy your private keyring. With that
combination, any of your PGP-encrypted messages can be read. PGP is not secure if you don't understand what you are doing. It is also true that God
knows your thoughts even before you encrypt them, so you can't hide anything from Him.
Yes. Please only do so in appropriate forums, and provide pointers to the home location of this FAQ.
Michael Paul Johnson maintains this FAQ from time to time. My PGP and Gnu Privacy Guard public keys are available on MLJohnson.org.