Home

PGP

PGP, short for Pretty Good Privacy, is a data encryption program and protocol designed to provide cryptographic privacy and authentication for data communication. It was created by Phil Zimmermann and released in 1991, and it quickly became widely used for securing email and files. PGP combines symmetric-key cryptography for fast data encryption with public-key cryptography for secure key exchange and digital signatures.

PGP operates as a hybrid cryptosystem. A random session key is used to encrypt the message with

Key management relies largely on a web of trust model, in which users sign each other’s public

Historically, PGP faced legal and export-control issues in the 1990s in the United States, related to cryptographic

a
symmetric
cipher;
the
session
key
is
then
encrypted
with
the
recipient’s
public
key.
The
recipient
uses
their
private
key
to
decrypt
the
session
key
and
then
the
message.
Digital
signatures
provide
authentication
and
data
integrity.
PGP’s
OpenPGP
standard,
formalized
in
RFC
4880,
defines
formats
and
algorithms
for
interoperability
among
compatible
implementations.
keys
to
indicate
trust.
This
decentralized
approach
contrasts
with
centralized
certificate
authorities
used
in
other
public-key
infrastructures.
Several
software
implementations
exist,
including
the
original
PGP
products
and
the
OpenPGP-compatible
GNU
Privacy
Guard
(GnuPG
or
GPG),
which
has
become
widely
used
in
free
and
open-source
environments.
Other
products
include
commercial
PGP
versions
and
integrations
in
mail
clients.
software
export
restrictions.
These
conflicts
helped
shape
the
development
of
open
standards
like
OpenPGP
and
contributed
to
the
growth
of
open-source
implementations.
Today,
PGP
and
OpenPGP
remain
in
use
for
email
and
file
encryption,
with
ongoing
updates
and
security
patches
and
varying
levels
of
consumer
adoption
depending
on
platform
and
user
needs.