[H-GEN] Linux Dialup Configuration
Craig Eldershaw
ce at comlab.ox.ac.uk
Fri Feb 12 10:51:20 EST 1999
>Now if I might ask another question ... all this PGP stuff that a few
>people use and apparently 99% don't ...
Most people don't use it for casual or personal email (some do, their
reasons vary). It is certainly important in some situations to verify
that the email *did* come from who it purports to come from (eg. a
security alert from AusCERT).
>whats the point if everyone has access to the key anyway ??
Ummm...I suspect you don't quite grasp the concept of public key
encryption. If you want the details, then I can suggest some text
books, in the mean time:
Each person who send PGP signed stuff has *two* keys, their private one
(which no-one but them knows) and their public one (which is the thing
everyone knows and is often listed in public directories). What
happens (in normal use of PGP) is that a person's email (eg mine) is
sumarised (in a lossy way) into a short set of numers, this is then
encrypted with my Personal key and sent out with the email. Now you
(who receive the email) can use my public key to decrypt the numbers
and confirm that they do correspond to the message I attached them to.
It is extremely difficult (ie. computationally infeasible) for anyone
else to have ecrypted anything which could be decrypted correctly with
my public key unless that person also has my private key (and hopefully
noone but me does !). So, having decryted the numbers using my public
key, you (or anyone else who reads it) knows that *I* came up with
those numbers (my "signature"). And since those numbers were generated
in a way that cannot feasibly be reversed (ie. text->numbers is OK, but
numbers->text is near impossible), then you can check that I signed
*that* message (not some other message which an impersonator has
snipped my signature off). So using my public key, you can verify that
I am the only person that could possibly (for very strong values of
possibly) have sent that to you.
PGP can also be use to encrypt the message too (in that case, I would
encrypt the text of your message using your public key, and only your
private key could unlock it).
For details of *why* the maths works, refer to a textbook on pure
mathematics.
Hope this clears things up...
Cheers,
Craig.
More information about the General
mailing list