143 lines
6.5 KiB
Plaintext
143 lines
6.5 KiB
Plaintext
Extract from PGP documentation
|
|
------------------------------
|
|
|
|
|
|
|
|
|
|
Phil's Pretty Good Software
|
|
Presents
|
|
|
|
=======
|
|
PGP(tm)
|
|
=======
|
|
|
|
Pretty Good(tm) Privacy
|
|
Public Key Encryption for the Masses
|
|
|
|
|
|
--------------------------
|
|
PGP(tm) User's Guide
|
|
Volume I: Essential Topics
|
|
--------------------------
|
|
by Philip Zimmermann
|
|
Revised 11 October 94
|
|
|
|
|
|
PGP Version 2.6.2 - 11 Oct 94
|
|
Software by
|
|
Philip Zimmermann, and many others.
|
|
|
|
|
|
|
|
|
|
Synopsis: PGP(tm) uses public-key encryption to protect E-mail and
|
|
data files. Communicate securely with people you've never met, with
|
|
no secure channels needed for prior exchange of keys. PGP is well
|
|
featured and fast, with sophisticated key management, digital
|
|
signatures, data compression, and good ergonomic design.
|
|
|
|
|
|
Why Do You Need PGP?
|
|
====================
|
|
|
|
It's personal. It's private. And it's no one's business but yours.
|
|
You may be planning a political campaign, discussing your taxes, or
|
|
having an illicit affair. Or you may be doing something that you
|
|
feel shouldn't be illegal, but is. Whatever it is, you don't want
|
|
your private electronic mail (E-mail) or confidential documents read
|
|
by anyone else. There's nothing wrong with asserting your privacy.
|
|
Privacy is as apple-pie as the Constitution.
|
|
|
|
Perhaps you think your E-mail is legitimate enough that encryption is
|
|
unwarranted. If you really are a law-abiding citizen with nothing to
|
|
hide, then why don't you always send your paper mail on postcards?
|
|
Why not submit to drug testing on demand? Why require a warrant for
|
|
police searches of your house? Are you trying to hide something?
|
|
You must be a subversive or a drug dealer if you hide your mail
|
|
inside envelopes. Or maybe a paranoid nut. Do law-abiding citizens
|
|
have any need to encrypt their E-mail?
|
|
|
|
What if everyone believed that law-abiding citizens should use
|
|
postcards for their mail? If some brave soul tried to assert his
|
|
privacy by using an envelope for his mail, it would draw suspicion.
|
|
Perhaps the authorities would open his mail to see what he's hiding.
|
|
Fortunately, we don't live in that kind of world, because everyone
|
|
protects most of their mail with envelopes. So no one draws suspicion
|
|
by asserting their privacy with an envelope. There's safety in
|
|
numbers. Analogously, it would be nice if everyone routinely used
|
|
encryption for all their E-mail, innocent or not, so that no one drew
|
|
suspicion by asserting their E-mail privacy with encryption. Think
|
|
of it as a form of solidarity.
|
|
|
|
Today, if the Government wants to violate the privacy of ordinary
|
|
citizens, it has to expend a certain amount of expense and labor to
|
|
intercept and steam open and read paper mail, and listen to and
|
|
possibly transcribe spoken telephone conversation. This kind of
|
|
labor-intensive monitoring is not practical on a large scale. This
|
|
is only done in important cases when it seems worthwhile.
|
|
|
|
More and more of our private communications are being routed through
|
|
electronic channels. Electronic mail is gradually replacing
|
|
conventional paper mail. E-mail messages are just too easy to
|
|
intercept and scan for interesting keywords. This can be done
|
|
easily, routinely, automatically, and undetectably on a grand scale.
|
|
International cablegrams are already scanned this way on a large
|
|
scale by the NSA.
|
|
|
|
We are moving toward a future when the nation will be crisscrossed
|
|
with high capacity fiber optic data networks linking together all our
|
|
increasingly ubiquitous personal computers. E-mail will be the norm
|
|
for everyone, not the novelty it is today. The Government will
|
|
protect our E-mail with Government-designed encryption protocols.
|
|
Probably most people will acquiesce to that. But perhaps some people
|
|
will prefer their own protective measures.
|
|
|
|
Senate Bill 266, a 1991 omnibus anti-crime bill, had an unsettling
|
|
measure buried in it. If this non-binding resolution had become real
|
|
law, it would have forced manufacturers of secure communications
|
|
equipment to insert special "trap doors" in their products, so that
|
|
the Government can read anyone's encrypted messages. It reads: "It
|
|
is the sense of Congress that providers of electronic communications
|
|
services and manufacturers of electronic communications service
|
|
equipment shall insure that communications systems permit the
|
|
Government to obtain the plain text contents of voice, data, and
|
|
other communications when appropriately authorized by law." This
|
|
measure was defeated after rigorous protest from civil libertarians
|
|
and industry groups.
|
|
|
|
In 1992, the FBI Digital Telephony wiretap proposal was introduced to
|
|
Congress. It would require all manufacturers of communications
|
|
equipment to build in special remote wiretap ports that would enable
|
|
the FBI to remotely wiretap all forms of electronic communication
|
|
from FBI offices. Although it never attracted any sponsors in
|
|
Congress in 1992 because of citizen opposition, it was reintroduced in
|
|
1994.
|
|
|
|
Most alarming of all is the White House's bold new encryption policy
|
|
initiative, under development at NSA since the start of the Bush
|
|
administration, and unveiled April 16th, 1993. The centerpiece of
|
|
this initiative is a Government-built encryption device, called the
|
|
"Clipper" chip, containing a new classified NSA encryption
|
|
algorithm. The Government is encouraging private industry to design
|
|
it into all their secure communication products, like secure phones,
|
|
secure FAX, etc. AT&T is now putting the Clipper into their secure
|
|
voice products. The catch: At the time of manufacture, each Clipper
|
|
chip will be loaded with its own unique key, and the Government gets
|
|
to keep a copy, placed in escrow. Not to worry, though-- the
|
|
Government promises that they will use these keys to read your
|
|
traffic only when duly authorized by law. Of course, to make Clipper
|
|
completely effective, the next logical step would be to outlaw other
|
|
forms of cryptography.
|
|
|
|
If privacy is outlawed, only outlaws will have privacy. Intelligence
|
|
agencies have access to good cryptographic technology. So do the big
|
|
arms and drug traffickers. So do defense contractors, oil companies,
|
|
and other corporate giants. But ordinary people and grassroots
|
|
political organizations mostly have not had access to affordable
|
|
"military grade" public-key cryptographic technology. Until now.
|
|
|
|
PGP empowers people to take their privacy into their own hands.
|
|
There's a growing social need for it. That's why I wrote it.
|
|
|
|
|