What are the keys used by PGP in information security?

PGP creates use of four types of keys including one-time session symmetric keys, Public keys, Private keys, and Passphrase based symmetric keys.

  • Session key generation − Each session key is related to a single message and is used only for the goals of encryption and decrypting that message. Remind that message encryption/decryption is completed with a symmetric encryption algorithm. Considering that it is a 128 bit key that is needed, the random 128 bit numbers are created using CAST-128.

    The input to the random number generator include as 128-bit key (this is a random number using the keystroke input from the user) and two 64-bit blocks that are considered as plaintext to be encrypted. By using CFB mode two 64-bit cipher text blocks are generated and concatenated to form the 128 bit session key. The algorithm that is used is based on the one specified in ANSI X12.17.

  • Key Identifiers − It is applicable to have more than one public/private key pair per user. Each one require an ID of some kind. The key ID related to each public key include its least significant 64 bits. That is, the key ID of public key KUa is (KUa mod 264). This is an adequate length that the probability of duplicate key IDs is very small.

    A key ID is also used for the PGP digital signature as the sender can use one of a number of private keys to encrypt the message digest and the recipient should understand which one was used.

  • Key Rings − Key IDs are important to the service of PGP. It can be view that two key IDs are contained in any PGP message that supports both confidentiality and authentication.

These keys need to be stored and organised in a systematic method for efficient and effective use by some parties. The design used in PGP is to provide a team of data structures at each node, one to save the public/private key pairs owned by that node and one to save the public keys of other users known at this node.

It can be seen the ring as a table where each row defines one of the public/private key pairs owned by this user. Each row includes the following −

  • Timestamp − The date/time when this key pair was created.

  • Key ID − The least important 64 bits of the public key for this entry.

  • Public Key − The public-key portion of the pair.

  • Private Key − The private-key portion of the pair.

  • User ID − Generally a user’s e-mail address.

The private key ring can be indexed by User ID, key ID or both. But for security the value of the key is not saved in the key ring but an encrypted version of its which needed a pass procedure to decrypt.