Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Is PGP security still strong or is it time for a new encryption standard?

Pretty Good Privacy is nearly 25 years old and still widely used -- but is it as effective as it once was? Application security expert Michael Cobb explains the past, present and future of PGP.

The viability of PGP security has been questioned lately, as some critics have argued that it's time for the encryption...

standard to be retired. Does PGP carry too much enterprise risk, and if so, what viable encryption alternatives are available to replace it?

The Internet standard for electronic mail transmission -- Simple Mail Transfer Protocol (SMTP) -- was first defined by RFC 821 in 1982. SMTP became widely used in the early 1980s, having evolved from standards developed during the 1970s. This was when very few hosts were connected to the U.S. government's ARPANET, the network that became the basis for the Internet. The security of messages wasn't considered to be a critical requirement, this is why the content of emails are sent in cleartext; the original specification did not include a facility for authenticating senders.

PGP, or Pretty Good Privacy, solved these problems and was a revelation when it arrived on the scene in 1991, particularly as it was compatible with legacy email systems. Using public key cryptography and fast symmetric ciphers, PGP provides privacy, security and authenticity, and can be used for signing and encrypting emails, files, directories and whole disk partitions.

It was, however, certainly a case of security before usability, and Matthew Green -- who lectures in computer science and cryptography at Johns Hopkins University in Maryland -- argues that it's "time for PGP to die", describing it as "downright unpleasant." He believes poor usability and weak mail client implementations adversely impact overall security, while PGP's use of a mixture of key servers and public key fingerprints adds an unwelcome complexity to key management. While complexity is certainly the enemy of security, many experts believe that PGP's web of trust model is in better shape than the certificate authority-based hierarchy of trust model that SSL certificates currently rely on.

Green complains that PGP keys tend to be large and contain lots of extraneous information. However, encryption keys aren't designed to be processed by human beings, but rather by machines. Even the modern elliptic curve implementations produce fairly large keys. Green also thinks email should have perfect forward secrecy (PFS), which PGP does not support. (PFS means that the compromise of a single key cannot lead to the compromise of multiple messages, whereas if a hacker obtains someone's PGP private key, they can use it to decrypt all previously encrypted messages.) However, adding PFS to email is a big challenge as it doesn't require an end-to-end connection, and most companies need to be able to inspect traffic for security and compliance reasons, which PFS would prevent.

Ensuring that users can easily send secure, encrypted emails is vitally important as it remains a key means of communication. According to researchers at the Radicati Group, we send on average 108 billion business-related emails a day. Green's solution is to build networks designed from the ground up to protect messages instead of plugging encryption software into today's plaintext email systems as an afterthought. While he is not wrong, it is far easier said than done. Replacing SMTP completely is probably unfeasible due its huge installed base and legacy compatibility issues. It would require a concerted, coordinated effort by the major Internet players such as Google, Apple and Microsoft to roll out new operating systems and push legacy updates to migrate everyone en masse from SMTP to a new protocol.

PGP is by no means perfect, and Green's comments have certainly sparked a debate about the future of secure email. But as of yet, there is no publicly known method of breaking PGP encryption by cryptographic or computational means. Yahoo and Google's end-to-end email encryption extensions are based on OpenPGP, so PGP looks to be alive and well. It's also getting more user-friendly, so it's very unlikely that it will be replaced anytime soon.

Ask the Expert:
Want to ask Michael Cobb a question about application security? Submit your questions now via email. (All questions are anonymous.)

Next Steps

Is symmetric encryption better than PGP email security? Get the answer here

Learn how to protect PGP keys

This was last published in April 2015

Dig Deeper on Email and Messaging Threats-Information Security Threats

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

5 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you think PGP security still up to par?
Cancel
Definitely NOT. In spite of using long key pairs and passphrases, it relies on 256 bit encryption for the message itself. Such encryption is not able to resist brute force attacks performed by government (i.e. NSA) sponsored attacks.
Cancel
I don't mean to underrate PGP's achievements.
It must be recognized as one of the major achievements in information
security and Internet freedom of speech. A landmark and watershed.
However 25 years have elapsed. Nowadays NSA spends $10 Billion a year
spying on the Internet and cellular networks. Even not judging whether
NSA is right or wrong, let's face it: PGP's 256 bit encryption cannot
resist to that. This is a threat that the average hardworking taxpayer
citizen, willing to protect his constitutional right to privacy, faces
every time that sends an e-mail, even if supposedly PGP protected. Time
has come for something better.
Cancel
For most people, PGP is fine, but the biggest issues, as the author states, is that it is often a pain to make it work, and that is a natural barrier to many people using it. Security measures that require a lot of set up and tweaking will likely always be the domain of the enthusiasts, and the fact is, those who are enthusiasts are a very small subset of overall users.
Cancel
I don't mean to underrate PGP's achievements. It must be recognized as one of the major achievements in information security and Internet freedom of speech. A landmark and watershed. However 25 years have elapsed. Nowadays NSA spends $10 Billion a year spying on the Internet and cellular networks. Even not judging whether NSA is right or wrong, let's face it: PGP's 256 bit encryption cannot resist to that. This is a threat that the average hardworking taxpayer citizen, willing to protect his constitutional right to privacy, faces every time that sends an e-mail, even if supposedly PGP protected. Time has come for something better.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close