DEV Community

Henry Korir
Henry Korir

Posted on

1

PGP: Pretty Good Privacy

Hey, take this lock and secure the box of goodies you’re sending me. I’ll unlock it with my own key!

A long time ago, I frequented blogs and websites where authors provided strange, unintelligible text prefixed with ‘-----BEGIN PGP PUBLIC KEY BLOCK-----’ to be included with any message sent to them. This made me ponder what this text was for. I did some research, but it didn’t make much sense to me then. My curiosity faded, and I stopped bothering to search the internet for answers.

Later in my quest to find an alternative to Gmail, I stumbled upon ProtonMail. I loved the user interface, but my confrontation with PGP (Pretty Good Privacy) prompted me to delve deeper into my previous research. The email service revolves around PGP; without it, the service ceases to be as “private and secure” as they claim. Leveraging my grit, I finally had my “Eureka” moment. Unlike Archimedes, I didn’t discover something entirely new, but I gained a deeper understanding of how PGP ensures security and privacy.

I discovered that:

  • A message recipient is responsible for generating two keys: a public key (to be shared) and a private key (to be kept secret).

  • Whenever a sender is sending a message to the recipient, he/she has to include the public key in the message.

  • The encryption system encrypts the message using the public key and transmits a hash string to the recipient.

  • The decryption system at the receiver’s end uses the private key to ‘decrypt’ the hash string, revealing the human-readable text to the receiver.

  • Decryption will be successful only if the sender used the receiver’s public key to encrypt the message.

This is akin to giving someone your lock to secure something that needs to be sent to you. When the item arrives, you use the key that only you know to unlock it and check the contents inside. If the sender uses a lock that is not yours, your key will not be able to unlock it.

What if the sender tempered with your lock?

Heroku

Build apps, not infrastructure.

Dealing with servers, hardware, and infrastructure can take up your valuable time. Discover the benefits of Heroku, the PaaS of choice for developers since 2007.

Visit Site

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay