The private key is kept by the user for decrypting messages, turning them back into readable form. The public key is just that, and is distributed to anyone who might wish to send the user an encrypted message. PGP is an implementation of public key cryptography in which the "keys" that lock and unlock the meaning of a message are produced in pairs, public and private. New advances in computing could ultimately change that, but for the moment, PGP is more than just pretty good. The result of using it, however, is easily grasped: data so jumbled that, according to its developers and some cryptography experts, our sun would burn out before all computers now in existence, working together, would have time to find the correct key for a single message. PGP's mathematical heart is so complex that it defies any meaningful lay description.
#Gnupg mac os x software#
When programmer Phil Zimmermann dubbed his pet encryption software "Pretty Good Privacy" it was a master stroke of subtle understatement. And making a software program easy to use is exactly the challenge that open-source software has historically been weakest at meeting. Even a relatively slick consumer product like PGP has been deemed too technically challenging by many normal computer users - despite widespread anxieties about privacy on the part of the general Internet-using population.
#Gnupg mac os x free#
But the story of how GnuPG is coming to the cryptogeek rescue also illuminates some of the limitations of open-source, or free software. The synergies of the relationship are obvious: open-source software and cryptography are two sublimely geeky obsessions that go well together. Increasingly, they're finding haven in a small corner of the open-source software world, bringing both opportunity and new users to an oddly named and heretofore little-known programming effort fueled by volunteers: GnuPG. Koh and tens of thousands of other PGP users have been forced to seek alternatives. Updated operating systems from Microsoft and Apple require updated versions of PGP, but Network Associates is currently not making the necessary improvements. "Typically, I sign most of my outgoing messages, and several people and organizations with whom I correspond regularly also require encryption of messages," he says.īut online security, just like everything else, is subject to the ebb and flow of capitalism - and the relentless releases of new software products with which one must be compatible. So for the past five years, both at work and at home, he has used PGP to routinely encrypt potentially sensitive communication, turning ordinary data into bits and bytes of meaningless gibberish readable only by those with the proper digital key. There are just some things that are no one else's business.
It wasn't a question of Koh having secrets. That realization long ago inspired an epiphany for the Northwestern University network engineer: "I was really amazed at the ease with which my network traffic could be intercepted and examined, even with no malicious intent whatsoever." Koh considers everything that passes across the Internet - e-mail, mailing list postings, Web pages - as no more private than postcards that can be read by anyone along their path. When Network Associates halted development of its widely respected PGP (Pretty Good Privacy) desktop encryption software in late February, Julian Koh worried about his "postcards."
0 kommentar(er)
