GnuPG – general information on encryption methods

GnuPG is an email encryption software which can be installed on university computers from the software portal.

Tabs

Detailed help

Definitions

The following definitions of terms apply to this and other instructions related to encryption:

  • A key is a character string used for the encryption and/or decryption of data content with a suitable algorithm
  • A secret key is the key used for symmetrical encryption and its decryption
  • A private key is the key pair half used for decryption and electronic signatures in the public key method
  • A public key is the key pair half used for the encryption of data and the verification of electronic signature in the public key method

Encryption

The general purpose of encryption is to change the presentation of data into such a format that only the party knowing how to decrypt the data is able to read the contents. On a principal level this is done by processing the data content using an encryption method and an encryption key so that the end result cannot be read as such without the information on both the method used and the key. This allows sending information between parties even through unsecure communications channels.

Additional information:
http://fi.wikipedia.org/wiki/Salausmenetelmä
http://en.wikipedia.org/wiki/Cryptography

Encryption methods are divided into two groups

Symmetric encryption

In the symmetric key method, the same key is used both for encryption and decryption. For the recipient to be able to decrypt the message, the parties have to agree on a process for agreeing the encryption method and the key in advance or transferring them using a secure channel.

Additional information:
http://fi.wikipedia.org/wiki/Symmetrinen_salaus
http://en.wikipedia.org/wiki/Symmetric-key_algorithm

Asymmetric encryption or the public key method

In the public key method, encryption and decryption are done using different keys. The public key of the key pair is one which can only be used for encrypting data. The other half of the pair, the private key, is one which can only be used for decrypting data. The parties therefore only need to make their public keys available to others in order to be able to encrypt data. No secure communications channel or method agreed in advance are needed for key exchange.

The method for sending the public key varies according to usage. In the case of the PGP used for the encryption of e-mail, for example, the public keys are usually sent to the key server acting as a "phone directory" of a kind or published on the person's website.

The public key method has another benefit over the symmetric key method – it allows you to create electronic signatures. The holder of a private key can use their key to create a signature of the desired content containing the verification information. This allows anyone holding the public key corresponding to the private key in question to verify whether the content has been changed after the signing and whether the correct private key was used for signing the content. This allows the verification of the content, origin and original status of an e-mail message, for example.

Additional information:
http://fi.wikipedia.org/wiki/Julkisen_avaimen_salaus
http://en.wikipedia.org/wiki/Public key_cryptography