RSA Laboratories

5.2.6 What is PGP?

Pretty Good Privacy (PGP) is a software package originally developed by Philip R. Zimmermann that provides cryptographic routines for e-mail and file storage applications. Zimmerman took existing cryptosystems and cryptographic protocols and developed a program that can run on multiple platforms. It provides message encryption, digital signatures, data compression, and e-mail compatibility.

The default algorithms used for encryption as specified in RFC 2440 are, in order of preference, ElGamal (see Question 3.6.8) and RSA (see Section 3.1) for key transport and triple-DES (see Question 3.2.6), IDEA, and CAST5 (see Question 3.6.7) for bulk encryption of messages. Digital signatures are achieved by the use of DSA (see Section 3.4) or RSA for signing and SHA-1 (see Question 3.6.5) or MD5 (see Question 3.6.6) for computing message digests. The shareware program ZIP is used to compress messages for transmission and storage. E-mail compatibility is achieved by the use of Radix-64 conversion.

U.S. versions of PGP have been bound by Federal export laws due to their use of export-controlled cryptosystems, but recent relaxations of the U.S. export restrictions will eliminate several such obstacles.

Top of the page