Phil Zimmerman invented the Pretty Good Privacy (PGP) cryptographic framework in 1991 and it became a widely used asymmetric cryptographic system when security developers released the OpenPGP standard for public use. PGP is not an encryption algorithm itself but it provides a framework for the use of those algorithms.
- [Instructor] Let's take a look…at another asymmetric algorithm.…In 1991 Phil Zimmerman released an algorithm…that he called the Pretty Good Privacy, or PGP, algorithm.…PGP is still widely used today,…and the details are freely available for anyone to use…through the OpenPGP standard.…PGP uses public and private key pairs,…but it performs encryption and decryption…in a little more complex manner than other algorithms…that combines both symmetric and asymmetric cryptography.…
Let's take a look at the encryption process using PGP.…The sender of a message has the original plain text…and then generates a random, symmetric encryption key.…Next, the sender encrypts the message…using that random symmetric key,…and then encrypts the random key…using the recipient's public key.…The sender then transmits the encrypted message,…which is a combination of the encrypted data,…and the encrypted random key.…
When the recipient receives the encrypted message,…he or she performs the decryption process.…First, the recipient decrypts the encrypted random key…
Author
Mike Chapple
Updated
8/28/2020Released
3/8/2018Find the companion study books at the Sybex test prep site and review the complete CISSP Body of Knowledge at https://www.isc2.org/cissp-domains/default.aspx. You can also join Mike's free study group at certmike.com.
- Understanding security design principles and models
- Cloud computing and virtualization
- Hardware security
- Client and server vulnerabilities
- Web security vulnerabilities
- Securing mobile devices and smart devices
- Understanding encryption
- Symmetric and asymmetric cryptography
- Key management and public key infrastructure
- Physical security
Skill Level Advanced
Duration
Views
-
Introduction
-
Your security architecture2m 38s
-
-
1. Security Engineering
-
Secure design principles5m 18s
-
Security models4m 14s
-
Security requirements3m 25s
-
-
2. Cloud Computing and Virtualization
-
Virtualization4m 20s
-
Cloud computing models3m 44s
-
Public cloud tiers5m 35s
-
-
3. Hardware Security
-
Memory protection3m 20s
-
Interface protection4m 10s
-
-
4. Client and Server Vulnerabilities
-
Client security issues6m 16s
-
Server security issues4m 25s
-
NoSQL databases6m 53s
-
-
5. Web Security
-
OWASP top ten4m 52s
-
SQL Injection prevention5m 20s
-
Fuzz testing6m 44s
-
Session hijacking3m 50s
-
-
6. Mobile Security
-
Mobile device security2m 35s
-
Mobile device management6m 14s
-
Mobile device tracking3m 14s
-
Mobile application security4m 23s
-
Bring your own device (BYOD)4m 47s
-
-
7. Smart Device Security
-
Industrial control systems4m 36s
-
Smart home technology3m 6s
-
-
8. Encryption
-
Understanding encryption3m 24s
-
Goals of cryptography2m 49s
-
Codes and ciphers3m 20s
-
The cryptographic life cycle2m 49s
-
Digital rights management2m 17s
-
-
9. Symmetric Cryptography
-
3DES3m 35s
-
AES, Blowfish, and Twofish6m 40s
-
RC42m 23s
-
Steganography4m 55s
-
10. Asymmetric Cryptography
-
Rivest-Shamir-Adleman (RSA)3m 26s
-
PGP and GnuPG11m 9s
-
-
11. Key Management
-
Key exchange3m 4s
-
Diffie-Hellman5m 12s
-
Key escrow3m 13s
-
Key stretching1m 55s
-
-
12. Public Key Infrastructure
-
Trust models3m 1s
-
PKI and digital certificates4m 28s
-
Hash functions9m 11s
-
Digital signatures4m 4s
-
Create a digital certificate4m 33s
-
Revoke a digital certificate1m 48s
-
-
13. Cryptanalytic Attacks
-
Brute-force attacks3m 12s
-
Knowledge-based attacks2m 10s
-
-
14. Physical Security
-
Site and facility design3m 7s
-
Physical access control3m 58s
-
Visitor management1m 35s
-
-
Conclusion
-
Next steps41s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: PGP and GnuPG