Pretty good privacy how does it work

A digital signature proves to the recipient that an attacker has not manipulated the message or the sender, and can therefore be trusted. If either the private key or the message is altered, the digital signature is invalid. After all, the server could easily give a bogus public key to the sender.

To solve this problem, we introduced Address Verification , which allows you to share your public key and digitally sign the public keys of others that you have personally verified. These trusted public keys are then securely stored in your encrypted contacts.

PGP is a battle-tested standard, and we can be virtually certain that even intelligence agencies like the NSA cannot break its encryption.

While there have been security bugs with certain implementations of PGP, such as the infamous Efail vulnerability , PGP itself is very secure. ProtonMail has not been affected by any known vulnerabilities.

Like most other information security systems, the biggest weakness is the user. Often the simplest and most effective attacks are the least high-tech, as this comic illustrates. Phishing remains the most common kind of cyberattack, and PGP cannot protect you if your device or accounts are compromised. Check out these email safety tips , and the password managers we recommend.

PGP is notoriously complicated. While there are programs for Thunderbird, Outlook, and Apple Mail that enable PGP encryption, these are not practical solutions for everyday emails. However, ProtonMail solves this problem by making PGP encryption automatic and built-in for all emails sent between ProtonMail accounts.

You can also easily encrypt emails to non-ProtonMail users. Anyone can create a free ProtonMail account in a minute or two and immediately start sending PGP emails. As new encryption standards gain popularity, we will test and implement the strongest security features for ProtonMail. We will also continue to adapt to new cyber threats.

We recently upgraded to elliptic curve cryptography , which maximizes security and efficiency, and we commission independent security audits to ensure that all our apps meet the highest standards of security possible.

PGP uses three types of keys. Your encrypted one-use session key, your personal private key which should never be shared with anyone , and your public key. These three keys are used to encrypt your emails and prevent anyone from intercepting and reading them.

Your session key is used to encrypt your message, while the public and private key pairs are used to encrypt and decrypt the session key. Ben Wolford is a writer at Proton. A journalist for many years, Ben joined Proton to help lead the fight for data privacy. General : Show Email Media : media protonmail. Abuse : abuse protonmail. For support inquires please visit: protonmail. PGP aims to solve this and enhance email security by encrypting the data to make the communication method more private.

PGP was one of the first public-key cryptography software publicly available for free. Originally, it was used to enable individual users to communicate on bulletin board system computer servers. Later, it was standardized and supported by other applications such as email. It has now become a core standard in email security and has been widely used to protect individuals and organizations.

The data encryption program provides cryptographic authentication and privacy for data used in online communication. This allows PGP to be used for encrypting and decrypting text messages, emails, and files.

PGP works through a combination of cryptography, data compression, and hashing techniques. It is similar to other popular encryption methods such as Kerberos, which authenticates network users, secure sockets layer SSL , which secures websites, and the Secure File Transfer Protocol SFTP , which protects data in motion. PGP uses the public key system in which every user has a unique encryption key known publicly and a private key that only they know.

A message is encrypted when a user sends it to someone using their public key, then decrypted when the recipient opens it with their private key. It combines private-key and public-key cryptography and the use of symmetric and asymmetric key technology to encrypt data as it travels across networks. Encrypting entire messages can take a long time, but PGP encrypts it using a faster algorithm. PGP compresses plaintext data, which saves on disk space and transmission time, as well as reinforces cryptographic security.

The public key is used to encrypt the shorter version that encrypted the full message. Both are sent to the recipient, who uses their private key to unlock the shorter key, then decrypt the full message. PGP uses efficient algorithms that create a mathematical summary known as a hash to send digital signatures. This sees users create and publish public keys based on two prime numbers, which are required for anyone to decode, and use the message-digest algorithm MD5 to create a hash code.

The RSA algorithm is effectively considered unbreakable, to the point where it has been used in highly sophisticated malware strands such as CryptoLocker.

However, it is a fairly slow algorithm, which means it is not appropriate for encrypting user data. Diffie-Hellman : The Diffie-Hellman version enables two users to generate shared private keys through which they can exchange data on insecure channels. The most common reason for PGP encryption use is to enable people to confidentially send messages and data to each other using a combination of their public and private keys.

It is often used to encrypt and decrypt emails, files, text messages, and entire disk partitions, and to authenticate digital certificates. PGP is also used to authenticate messages and for integrity checking, which detects whether a message is altered after it was written and sent by the person who claims to have sent it. PGP creates a digital signature for private and public keys to prove that a sender is the rightful owner of the message.

PGP can also be used to confirm that a message reaches the intended recipient. PGP products can also confirm whether a certificate belongs to someone, also known as the web of trust concept. PGP is most commonly used to encrypt email messages.

It was initially used by anyone wanting to share sensitive information, such as activists and journalists. But its popularity has increased significantly in the face of organizations and government agencies collecting user data, as people look to keep their personal and sensitive information private. PGP can be used for email verification. For example, if an email recipient is not sure about the identity of the people sending them an email, they can use a digital signature in conjunction with PGP to verify their identity.

Hashing means turning a given key into another value. You use a hash function to generate the new value depending on your mathematical algorithm. Data compression refers to encoding, restructuring, or modifying data to reduce its size. It involves reencoding information with fewer bits than when it was initially represented. Symmetric-key cryptography or symmetric encryption occurs when you use a secret key to encrypt and decrypt data.

It is the reverse of asymmetric encryption, where you use one key to encrypt data and another to decrypt it.

Public-key cryptography or asymmetric encryption, as mentioned above, uses two keys—a public key and a private key. The public key is known to others, while the private key is only known by its owner. If you are interested, you can learn more about public key encryption and private key encryption in this piece , where we explain both in simple terms. PGP works by going through the steps mentioned in the previous section.

But users on both sides senders and recipients need to ensure they use compatible systems, keep to agreed-upon confidentiality rules, and maintain the same level of security.