Practical Applications - Cryptology Unlocked

Cryptography Reference

In-Depth Information

pro-forma in the appendix of a topic, accidentally in an easily machine-readable

font and with page numbers within C comment characters:

/* 131 */

As I wrote this section for the first edition, I received roughly the following mes-

sage on detours: ' ... and if you want PGP 3.0 — the only place to download it

from is currently my desk. There are 2000 sheets of bound paper in the form of

four topics, which will soon be cut into single sheets and fed into a scanner ... '

The 'cutting' part took longer than expected, though. What came out of it

wasn't really convincing. There was still only one library for UNIX and no

ready-made application, despite disclosure of the source text. PGP 2.6 was no

longer supported. That cut off the secure communication of Windows users

and owners of older releases using PGP 5. Rumors had it that PGP was no

longer secure, and that it contained 'picklock keys'. Yes and no. PGP is still

secure, and picklock keys were available only upon 'special request'. The thing

is that, meanwhile, a company called NAI had taken over further development

of PGP, and Phil Zimmermann had become an advisor to that firm. And com-

mercial users sometimes need key escrow, for example, to monitor corporate

communications, or to get hold of sensitive data in case a user lost his key.

Based on the description of PGP 5 the OpenPGP standard emerged, which has

become the foundation for all PGP products. (However, PGP 5 itself wasn't

fully OpenPGP-compatible then.) As a sideline, Phil Zimmermann was no

longer with NAI, but supported other firms in implementing the OpenPGP

standard.

The release numbers of PGP grew quickly, having meanwhile arrived at 9.5.

NAI disclosed the source texts of some older releases. Currently (end of 2006),

PGP Corporation develops and sells the software ( www.pgp.com ). It's best you

have a look around on the Net to see where PGP is currently at home.

Since the confusion that PGP 5 created, the number of PGP-encrypted emails

has decreased heavily, at least within my personal circle; I've been receiving

almost all mails in the clear. Has data security in the private domain fallen out

of fashion? More about this in Section 7.2.3.

GnuPG

Amidst this awkward situation, the German programmer Werner Koch began

to create free software by the name of GnuPG ( GNU Privacy Guard ), which

Search WWH ::

Custom Search

Home