Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: PGP - help please

  • Subject: Re: PGP - help please
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Thu, 25 Aug 2005 03:24:51 +0100
  • Newsgroups: alt.hacker
  • Organization: schestowitz.com / Manchester University
  • References: <pan.2005.>
  • Reply-to: newsgroups@xxxxxxxxxxxxxxx
  • User-agent: KNode/0.7.2
_____/ On Wednesday 24 August 2005 23:31, [kitt] wrote : \_____

> Hi - i have just started reading about PGP & encryption. Unfortunately, I
> cannot seem to understand the basics of it :( . I was hoping someone could
> give me a 'idiot proof' explanation or point me in the right direction.

The principal idea is this: you have two sides -- side A and side B. If side
A just put a lock on a parcel (i.e. encrypted it) and sent it to B, B would
not have the key to unlock the parcel. Likewise the curious thief or anyone
between A and B.

Imagine the following scenario: A locks his parcel and sends it to B. B
receives the parcel, puts his/he _own_ lock on the parcel (so it now has
two locks) and sends it back to A. A then removes his own lock (1 of the 2
locks on the parcel) and returns it to B. B can now unlock his own lock and
open the parcel. Note that at no point was the parcel send between A and B
while unlocked.

Unlock = Enter passphrase

Lock = Passphrase (password)

Thieves = routers or curious people in the midst

> Now, i understand that before programs like pgp, a sender would scramble a
> message with a code key and communicate this code key to the person who
> was to read the message. That person could then simply enter the code and
> read the message. This method was flawed because someone other than the
> intended recipent might get hold of the key code and read the message. I
> fully understand this scenerio.

You need key + passphrase. The passphrase is never public, only the key is

> But I don't understand *how* pgp works in general:
> 1. A sender has a 'public key' of the reciever. Q1. If this is done via
> email, wont the person who owns the 'public key' get spammed if their
> details are on a database??


> 2.The reciever decodes the message with his/her 'private key'. Q2. How is
> this done?

You are prompted for your passphrase.

> I am really very confused about how the pgp system works and would
> appreciate any explanation / help anyone could give me to understand it.
> The user manuals dont seem to help me any. I have installed a evaluation
> version of pgp software and it might help if i could test it out with
> someone by setting up 'keys' & sending / recieving a email.
> Thanks in advance.

If it helps, send me your key to r [at] schestowitz [dot] com. You can get
mine at http://Schestowitz.com/PGP . For testing purposes, we can then
exchange an encrypted message.


Roy S. Schestowitz        Useless fact: Women blink twice as much as men

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index