XBlock By Actiance - Home
Someone Spying on You? Fight Back!
Currently 25,860,543 Spy Software Busted!

Better Living Through Encryption- PGP (Pretty Good Privacy)

by Jan Hertsens

Better Living Through Encryption- PGP (Pretty Good Privacy)

The best protection against your adversary (boss, spouse) finding incriminating evidence against you left behind on a hard disk, is to make sure they do not have access to it. A simple "slide out drive-bay" could do the trick perfectly. But dragging your gigs around all day and making sure you do not accidentally bump into something and lose all your valuable data might not be so practical.

The Encrypted Virtual Disk

So what is the second best solution?

You can make it so that only you have access to your data, and nobody else. A good encryption package and a well-chosen password (not your son's first name) can do that job. You could encrypt and encrypt each file before and after use, but that gets annoying and bothersome real fast.

A far better solution is to create an encrypted virtual disk. How does this work? You use the package to reserve a section of your real hard disk for the creation of your drive. When you "mount" (activate) your virtual disk (which can only be done with the correct password), you get to see a "new" drive that can be used just like any other drive in your system. You can add, change or delete files and applications on it. In the background, each time you save a file to that disk, it is encrypted and then stored in the space you reserved. When you read or open a file, it is decrypted on the fly fo you. The beauty of this setup is that it is very transparent, and once installed, it requires no additional effort to ensure your security. When the drive is "unmounted" (either manually by rebooting or shutting down) your data remains in an encrypted form, safe for even the more elaborate attacks.

PGP, a full-featured encryption package that has all this functionality is available for download here.

What is PGP?

PGP Encryption (Pretty Good Privacy) is a computer program which provides cryptographic privacy and authentication. The first PGP version, by designer and developer Phil Zimmermann, became available in 1991. The ideas are a bit complicated but here is a simplistic overview.

To the best of my knowledge, there is no known method to break PGP encryption by cryptographic, computational means regardless of the version being employed. In contrast to security protocols like SSL which only protect data in transit over a network, PGP encryption can also be used to protect data in long-term data storage such as disk files- remember that encrypted virtual disk above!

The cryptographic security of PGP encryption depends on the assumption that the algorithms used are unbreakable by direct cryptanalysis with current equipment and techniques. For instance, in the original version, the RSA algorithm was used to encrypt session keys. RSA's security depends upon the one-way function nature of mathematical integer factoring. New unknown techniques have the potential to make breaking RSA easier than now, or some theorize even trivial. Likewise the secret key algorithm originally used in PGP was IDEA, which might, at some future time, be found to have a previously unsuspected flaw. if these insecurities exist they are not publicly known. As current versions of PGP have added additional encryption algorithms, the degree of their cryptographic vulnerability varies.

* In cryptology, RSA is an algorithm for public-key encryption. It was the first algorithm known to be suitable for signing as well as encryption, and one of the first major advances in public key cryptography. RSA is still widely used in electronic commerce protocols,like HTTpS, and is believed to be secure given sufficiently long keys.

This article is copyright 2005 by XBlock.com.
It may not be reprinted or copied without the express written consent of the author.

Related Articles

Read other articles (back to full list)

© Copyright 2003-2011, Actiance, Inc. All rights reserved.   Privacy Policy