VnutZ Domain
Copyright © 1996 - 2017 [Matthew Vea] - All Rights Reserved

2016-09-08
Featured Article

25 Years of PGP Encryption

[index] [5,718 page views]

A quarter century ago, Phil Zimmerman wrote Pretty Good Privacy (PGP), an email encryption program offering virtually unbreakable codes for the regular public. Despite American export laws in the 1990s, the code still achieved international distribution and became a standard measure of security for groups and individuals needing privacy. Over it's first fifteen years, the software saw various upgrades and versions of the software as it matured, but its promise of high security never faltered. Today, PGP technology is available as a commercial desktop product or freeware command-line utility to anyone. Although, most e-mail encryption is now done through corporately managed PKI S/MIME.

Most people cannot remember the time when Internet software came in two versions, one with domestic "strong" 128 bit encryption and one for international distribution with "weak" 56 bit encryption. This was a requirement of the American government to ensure that monitoring suspicious activity or keeping tabs on international interests could be done with ease. Despite the laxing of export restrictions and the ubiquitious nature of SSL and PKI encryption, most users still do not even know how to tell if their sessions are secure … nor do they care.

In our contemporary world of communications, should public encryption become commonplace or is the measure overkill? Should a "trusted" escrow agent hold keys to decrypt traffic for national security? Are you comfortable knowing criminals and terrorists can communicate securely with impunity?

In the wake of Edward Snowden's leaks about government surveillance capabilities, the venerable PGP revealed its applicability once again. Many of the more dominant mail encryption solutions rely on centrally managed PKI certificate trust (typically corporate) or data-at-rest encryption methods (typically personal). When data security is outsourced, it always begs a question as to the integrity of the servicing entity. Even transmission paths between entities such as TSL and SSL are losing trust requiring more intense algorithms to reinforce. None of these methods offer trust managed directly by the user except for PGP which usually requires explanations to end users to go through the various steps of getting the software, self-generating and exchanging keys, and proper data handling.


More VnutZ.com Content You Might Be Interested In Reading:

This is either the end of déjà vu’s place in the paranormal world or it's seeded information by the Architect to protect us from understanding the Matrix.

Or try your hand at fate - use the Pattern Analysis of the MegaMillions Lottery or the Pattern Analysis of the PowerBall Lottery page to pick "smarter" numbers. Remember, you don't have to win the jackpot to win money from the lottery!

coinbase