OpenPGP is a tool which is used to encrypt the data such as email, files and disks that holds sensitive information. Along with this, OpenPGP allows deleting the data and files from the system securely. The tools related that are mostly used for this purpose are basically command line based. There are some GUI interfaces also exist in this tool in the commercial products such as NAI, PGPi and GnuPG.
There are several steps which must be considered after installation of OpenPGP in which the generation of the key pair for the user is the first step. In this step, the public and private key both are generated by the user. In order to protect the private key, the passphrase is adopted in case if the private key goes in wrong hand. In order to overcome this problem, it is necessary to keep the secret key off from the networked filed shares otherwise the key can be recovered by the applying the password cracking program in enough time.
The public key generated in OpenPGP can be shared with the friends posted on the website and can be published on a key server in order to provide access to the data. There are chances that the public key can be compromised through Man in the Middle attack as the man in the middle can intercept the key can replace the key with another fake key. This may allow the man in the middle to decrypt, read and modify the file before sending it to the receipt ant. Therefore, before sending the data packet to the destination, it is necessary to confirm that the receipt and has the right secret key to decrypt the data.
After the generation of the key, PGP is available to encrypt emails and files. In order to encrypt the files or email, the PGP must have the copy of the private key in order to make sure that there is no third party involvement in the process and the data is encrypted in its original form. The message sent through PGP can only be decrypted with the secret key. Another important feature of PGP is that it has the ability to sign a message before transmitting the data. The signing of the data with private key makes it sure that the receipting is reading an original data and there is no modification in the data. These advantages of PGP can be achieved with the help of two steps such as:
- In the first step, the message digest functions are used to translate long messages to certain length string. It uses 128-bit number produced from MD5 digest function.
- Signing is also used without the encryption method in case of posting for the new groups. The intent is to let everyone read the message, and it is ensured that there is no alteration in the original data.
Open SSL (Secure Sockets Layer)
SSL is also a protocol which is designed to bring the encryption and authentication to communication which occurs in TCP/IP network. The main motive of this protocol is to provide the better communication experience to the users without any issue of eavesdropping, tampering or message forgery before sending the data to the destination mode.
The SSL protocol is designed in such a way that it provides the authentication, encryption and data integrity as transparently as possible to make sure that there is no data tampering in the data. The authentication from the server makes sure that there is only original client accessing the data. The encryption method in the OpenSSL ensures that there is no eavesdropping in communication while the client makes the communication with the server in the network. If the hackers or attackers do not have the knowledge of the transaction, then it will become difficult for them to hack the credit card number and other banking details.
The data integrity in the OpenSSL makes sure that the transaction made through the network is not tempered and is in its original form. This will help in preventing the replay of transition and makes sure that the hackers do not have any access to the credentials or sensitive information. In the SSL protocol, the server’s public key is used to encrypt the session key received from the client. The server in the SSL can use the private key in order to decrypt the session key and encrypt the entire traffic with faster session algorithm.