Cover story for Technologic February 23, 1994

By Jason Romney

Technologic last week described how the information you send as electronic mail can be intercepted by people you might not want to have access to your data.

However, programs are available which encode your electronic mail so that only your intended recipients can read it.

PGP (which stands for Pretty Good Privacy) is a program, written by Philip Zimmerman and widely available, that safely encodes and unencodes ASCII e-mail. In fact, with existing technology it is impossible for ANYONE to break into PGP encoded data.

PGP is designed to do two things. First, it allows you to send messages to people and for them to have a pretty good idea that you are the actual sender of the information. This is achieved by the sender adding an electronic signature to the text which is unforgeable with current technology.

Second, PGP can encrypt the message so that only specified recipients can actually decode the information that has been sent.

The PGP program is available for most common computer platforms such as Unix, Amiga-DOS, MS-DOS and the Macintosh at Internet hosts such as Werple (which Technologic recently described during its 6-part series on the Internet).

After dialling Werple (tel: 888 1726 for 14,400 bps or tel: 888 1386 for 2400 bps), simply type ``cd /ftp/ms-dos". This logs you into the subdirectory that contains PGP and other useful MS-DOS utilities for PCs. Then type ``sz pgp23A.zip" to download PGP to your computer.

The steps can be combined with the command ``sz /ftp/ms-dos/pgp23A.zip" - note that a capital ``A" rather than lower case ``a" in pgp23A.zip is important.

The PGP program and its associated help files are contained in pgp23A.zip in compressed format (which is faster to download). If you do not already own a program which can decompress zipped files, an MS-DOS version of zip, called Info-ZIP, that will perform this job is in the same subdirectory as PGP - download the file called unzip.exe.

The zipped file for the MS-DOS platform is 221,000 bytes. It is 564K of uncompressed information so make sure you have enough space on your hard disk - there are 18 files of help etc.

If you use PGP for MS-DOS, type ``PGP /h" to obtain a help menu.

To harness PGP's power you need to understand the difference between the ``public" and ``private" keys needed to encrypt and de-encrypt data.

You, the data sender, have a ``public" key (just as in key and lock) provided by the data receiver.

This public key can be freely distributed by a data receiver to enable people to encrypt messages intended to be sent to that receiver.

To read messages encrypted with a public key, the receiver must use his/her private key (so it is important to keep your private key secret because anyone with your private key can decode messages sent which have been encoded using your public key).

A public or private key is a series of alphanumeric characters up to 128 bytes long, created for you by the PGP program (to create a secret or private key, type: pgp -kg and answer the questions on the screen).

To decode an encrypted message (encrypted messages have a ``.Asc" suffix) you would type ``pgp encryptedfilename". The PGP program will ask you for your ``pass phrase" ie the password that your secret key is locked with, and after receiving it, decode the encrypted file.

To encode a straight ASCII file, type: ``pgp-e unencodedasciifilename nameofdestinationemailaddress". The result will be a new, encoded file with the .Asc suffix, ready to be e-mailed.

PGP Bits & Bytes for February 23, 1994

The data encryption program PGP comes with extensive electronic help and advice about installation on different kinds of computers.

However, this is a summary of PGP v2.3 commands (in all the examples below, do not type the speech marks when you enter the command):

To get the unencrypted version of an encoded file to scroll down the screen rather than be stored as a file on your hard disk, type: ``pgp-m encodedfilename".

To encrypt a plaintext file with the recipient's public key, type: ``pgp -e textfile her_userid".

To sign a plaintext file with your secret key, type: ``pgp -s textfile [-u your_userid]".

To sign a plaintext file with your secret key, and then encrypt it with the recipient's public key, type: ``pgp -es textfile her_userid [-u your_userid]"

To encrypt a plaintext file with just conventional cryptography, type: ``pgp -c textfile"

To decrypt an encrypted file, or to check the signature integrity of a signed file, type: ``pgp ciphertextfile [-o plaintextfile]".

To encrypt a message for any number of multiple recipients, type: ``pgp -e textfile userid1 userid2 userid3".

To generate your own unique public/secret key pair, type: ``pgp -kg".

To add a public or secret key file's contents to your public or secret key ring, type: ``pgp -ka keyfile [keyring]"

To extract (copy) a key from your public or secret key ring, type: ``pgp -kx userid keyfile [keyring]" or ``pgp -kxa userid keyfile [keyring]"

To view the contents of your public key ring, type: ``pgp -kv[v] [userid] [keyring]"

To view the ``fingerprint" of a public key, to help verify it over the telephone with its owner, type: ``pgp -kvc [userid] [keyring]".

To view the contents and check the certifying signatures of your public key ring, type: ``pgp -kc [userid] [keyring]".

To edit the userid or pass phrase for your secret key, type: ``pgp -ke userid [keyring]".

To remove a key or just a userid from your public key ring: ``pgp -kr userid [keyring]".

To sign and certify someone else's public key on your public key ring: ``pgp -ks her_userid [-u your_userid] [keyring]".

To remove selected signatures from a userid on a keyring, type: ``pgp -krs userid [keyring]".