|
GNU Privacy Guard (GPG)
Sensitieve data should be encrypted for exchange over the
Internet and publicly shared file systems. If the network connection
is not protected with SSL, the data should be encrypted by GPG/PGP.
A sender encrypts a data file with the public key of a recepient and
sends it to the recepient.
The recepient decrypts the data with his private key. Only the
recepients private key can be used to decrypt the data.
GPG is also used for verifying if files are genuine.
For example, a developer has a file to share. A recepients need to verify that
the file is genuine.
GPG generates a hash of a file and encrypts the hash with the creator's private
key and adds the key ID.
To verify the file, the recepient decrypts the hash (signature) with the
developer's public key, generates hash from the file and compares the
hashes.
Pretty Good Privacy guard (PGP) is an alternative for GPG, but restricted
for using only within the US.
|
|