PGP Lock

PGP Public Key for Terry Gliedt,

Version: 2.6.2


So what is a public key?

PGP stands for Pretty Good Privacy. It's a piece of encryption software. It can be used to make sure that no-one reads your mail or your files. It can be used to add digital signatures to things so people can trust they actually came from you. It's a helluva piece of work, and you can get a copy for yourself or learn more by visiting the International PGP Home Page or the US PGP Home Page.

Most encryption systems require a method and a key. The method describes how to take the message and encrypt is. The key is some extra information you use along with the method. To decrypt the message, one needs to know both the method and the key.

There are some really secure methods out there, and PGP makes use of them. But keys are a problem. If I want to send you a secret message, I need to let you know both the method and the key. But if I mail you the key, then you can use to encrypt other messages pretending to be me. Worse, if you accidentally leave the key on your disk somewhere, some third party might grab it and use it to pretend to be me, to decrypt my other communication, etc.

PGP solves this problem by using specially matched pairs of keys. What one key encrypts, the other key decrypts; and vice versa. If we can use a brief analogy, imagine a safe which has two keyholes in it. One keyhole takes a key which can only turn one way, and which locks the safe. The other keyhole takes a key which can only turn one way, and which unlocks the safe. If you want someone to leave you a package, you give them a copy of the locking key and leave the safe unlocked. They bring the package to the safe, insert it, and lock it. Only you have the unlocking key, so the package is safe. Since the locking key is useless for stealing things, you don't care who has a copy. You give copies to the milkman, the mailman, the UPS guy, the neighbor down the street who might someday return your drill, you even publish the key in the newspaper. This is your public key.

The text at the top of this page is my PGP public key. If you have a copy of PGP, you can use my key to send me a message that only the holder of my private key can read.

If the information at the PGP Home Pages mentioned above is too difficult to deal with, I'd suggest getting a copy of Simson Garfinkels excellent book on the topic, PGP: Pretty Good Privacy. It should be available at any good computing bookstore, or can be ordered from O'Reilly & Associates.