Let’s take a look at ProtonMail – as an example. In practice, sending a message encrypted with PGP is simpler than the above explanation makes it sound. So by encrypting the symmetric key using the (asymmetric) public-key system, PGP combines the efficiency of symmetric encryption with the security of public-key cryptography. Using symmetric encryption requires, though, that a sender share the encryption key with the recipient in plain text, and this would be insecure. Public key cryptography is much, much slower than symmetric encryption (where both the sender and recipient have the same key). Why would we encrypt the encryption key itself? This might seem like a strange way to do things.
Using this session key, the recipient is now able to decrypt the actual message. The sender sends their encrypted PGP session key to the recipient, and they are able to decrypt it using their private key.The public key is tied to a particular person’s identity, and anyone can use it to send them a message. This is done using the public key of the intended recipient of the message. This key is a huge number that cannot be guessed, and is only used once. First, PGP generates a random session key using one of two (main) algorithms.At the highest level, this is how PGP encryption works: The mathematics behind encryption can get pretty complex (though you can take a look at the math if you like), so here we’ll stick to the basic concepts. In order to understand how PGP works, it’s useful to look at a diagram: PGP shares some features with other encryption systems you may have heard of, like Kerberos encryption (which is used to authenticate network users) and SSL encryption (which is used to secure websites).Īt a basic level, PGP encryption uses a combination of two forms of encryption: symmetric key encryption, and public-key encryption. If you want to improve the security of your email messages, PGP offers a relatively easy and cost-effective way to do this. “This really opened my eyes to AD security in a way defensive work never did.” Featured Webinar DatAlert Master Class On Demand Watch Now.Get a Personalized Varonis Demo (In-Person or Online) Schedule Now.Data Classification Engine Sensitive Data Discovery.Data Security Platform Product Suite Overview.See How you Rank Data Risk Assessment Non-intrusive, hassle-free.