Linux Journal: High-Tech How Not to be Seen, Part 2Nov 13, 1999, 00:54 (2 Talkback[s])
(Other stories by Marcel Gagné)
"Secret Codes for Grown-Ups."
"Last week, I touched on the concept of an encrypted session: in that case, using ssh, or the secure shell. What I did not mention was the means by which secure sessions and encrypted data are managed and how to decrypt that information. You've probably heard the terms "public key encryption" and "DSA" bandied about. You've probably received messages with a "PGP signature" attached to the message. What does that mean?..."
"Enter public key encryption, a popular form being PGP, or Pretty Good Privacy (much more than just pretty good, I assure you). My messages are encrypted with two keys. One is my private key, which I guard jealously and never hand out to anyone. I will take a copy of this key, print it out, save it to a diskette, and store both in a safe-deposit box. Anyone knowing the whereabouts of this key would have to be ... well, that's a bit dramatic, but you get the idea. Now, when I encode a message, I do so by combining my key with a public key. This is not my public key, but one supplied to me by the person I want to communicate with. Both keys are required for the encryption/decryption process, but anyone having just one half of the key pair has nothing, and you never hand out your private key to anyone."
0 Talkback[s] (click to add your comment)