Pretty Good Privacy (PGP)

PGP is another security mechanism, which is an abbreviation for Pretty Good Privacy. PGP is an application of Cryptographic technology that uses public-key encryption. PGP has been used to protect the privacy in any communication forms such as, email, data, data storage and more.

PGP was designed to provide the security and privacy measures that are not currently presented in many forms of online communication. The email, for example, travels from one destination to another in an encrypted form. The recipient will decrypt the message back to the plaintext using PGP.

 

PGP works with two keys (public-key and private-key); where the public-key encrypts the message and the private-key decrypts the message. In addition, PGP provides authentication, since the users can use the private-key to digitally sign the message. This will make sure that the recipient knows where the message (mail) came from.

Note: The sensitive data files stored on the hard drive or USB can also be protected by PGP, by using the public-key to encrypt the files; and private-key to decrypt them.

More Encryption Techniques on Stream Cipher

There are various encryption techniques on stream ciphers such as, Random Number Generator (RNG), One-Time Pad (OTP), Linear Feedback Shift Registers (LFSR) and  Trivium: a modern stream cipher.

Starting with the RNG, which stands for Random Number Generator is a stream cipher that is very technique in cryptography, which generate random numbers. RNG is divided into three parts: True Random Number Generator, Pseudorandom Number Generator and Cryptographically Secure Random Number Generator.

RNG.png

  • Initially, the True Random Number Generator (TRNG) is based on the physical random processes such as, coin flipping or dice rolling. The output stream (si) should have good statistical properties of 50% (either 0 or 1), since the output can neither be predicted nor reproduced. It is usually used for generating the key.
  • Secondly, the Pseudorandom Number Generator (PRNG), where it generates sequences from the initial seed value. Typically, output stream has good statistical properties. The output can be reproduced and can be predicted, because it is often computed in a recursive way. Note: Most (PRNGs) have bad cryptographic properties.
  • Eventually, the Cryptographically Secure Pseudorandom Number Generator (CSPRNG) is similar to (PRNG), but with additional property to ensure that the output unpredictable. This will make sure that the output cannot be predicted.

 

The second encryption technique on the stream cipher is the One-Time Pad (OTP). OTP is a cryptosystem developed by Mauborgne and it is based on Vernam’s stream cipher. Note: The OTP is unconditionally secure, if and only if the key bit (ki) is only used once.

The main problems are for almost all applications; the OTP is impractical since the key must be as long as the message! (Imagine you have to encrypt a 1GByte email attachment); side by side with the ability for the hacker to know the approximate the length of the message.

Remember: The One-Time Pad is a provable secure symmetric cipher. However, it is highly impractical for most applications because the key length has to equal the message length.

 

The third encryption technique on the stream cipher is the Linear Feedback Shift Registers (LFSR). LFSR is trying to emulate the OTP, since it designs a random number generator and XORs output with plaintext stream. Using a single (LFSR) is bad, but it is recommended to use multi (LFSR).

screen-shot-2017-02-17-at-11-33-37-am

Remember: Single LFSRs make poor stream ciphers despite their good statistical properties. However, careful combinations of several LFSR can yield strong ciphers.

 

Finally, is the modern stream cipher, which is known as Trivium. This encryption technique is small in Hardware with a total of 288 register count, 3 AND-Gates & 7 XOR-Gates (4 with three inputs). The encryption is an XOR-Sum of all three NLFSR outputs generates key stream (si). The figure below shows the process of generating the stream key out of the original key (Trivium).

trivium