PGP & GPG

If you are visiting Jamaica and you want to send a 4x6 color photo of a sandy beach with a quick 'Wish You Were Here' jotted on the back, you don't mind the contents of the message being publicly viewable. But, most mail is sent in sealed envelopes, sometimes with additional protection to ensure the enclosed note can't be read through the paper. Regular email is like a digital postcard and this book will show you how to seal your email in an encrypted 'envelope'.

About The Book

In his Introduction, Michael Lucas provides an overview of the history of PGP encryption and how it has evolved and splintered into OpenPGP and GnuPG (or GPG). He provides a comparison of PGP and GPG, contrasting their ease of use, support, transparency and algorithm support.

Lucas goes on to provide a "Cryptography Kindergarten", educating the reader on basic encryption techniques and terminology so that the rest of the book will make sense. The chapter lineup looks like this:

1. Cryptography Kindergarten
2. Understanding OpenPGP
3. Installing PGP
4. Installing GnuPG
5. The Web of Trust
6. PGP Key Management
7. Managing GnuPG Keys
8. OpenPGP and Email
9. PGP and Email
10. GnuPG and Email
11. Other OpenPGP Considerations

The book wraps up with Appendix A, Introduction to PGP Command Line, and Appendix B, GnuPG Command Line Summary.

Even those who know their way around a computer system, and maybe even a thing or two about network security, often find themselves intimidated by cryptography, especially encryption that could screw up their email if it isn't configured properly.

This book teaches the strengths and weaknesses of these PGP variations and how to get started using them with confience to secure and protect your email communications.

My Review

Email messages are not typically protected or encrypted in any way. What you send could potentially be intercepted and read by anyone. If you are sending something of a private or confidential nature, it is nice to ensure that only the intended recipient can read the message.

Lucas does an excellent job of making a seemingly complex subject seem much simpler. While much of the book is dedicated to the gritty details of the different PGP implementations, those who are confused by the concept of cryptography to begin with will learn a lot just from reading Cryptography Kindergarten and The Web Of Trust.

Table 1.1 alone will answer many readers questions. This simple table illustrates different scenarios and explains what or how you would want to protect it. Do you need to sign the message with your private key, or encrypt the message with the recipient's public key?

Email is one of the most common uses for computers and one of the primary methods of communication for many people. I highly recommend that those who rely on email communications buy and read this book to gain a better understanding of how to protect and secure their messages from unauthorized viewing.