Browse Definitions :
Definition

OpenPGP

OpenPGP is an open and free version of the Pretty Good Privacy (PGP) standard that defines encryption formats to enable private messaging abilities for email and other message encryption.

The standard uses the PKI (public key infrastructure) to create keys that are bound to individual email addresses and uses symmetric encryption based on elliptical curve cryptography. Compliant applications generate a random key that is encrypted with the public receive key. That process creates an encrypted message that contains both the data and the encrypted key. The receiver decrypts the key and uses their private key to retrieve the original random key and decrypt the data.

OpenPGP-compliant software products include Symantec Command Line, McAfee E-Business Server, Diplomat OpenPGP Community Edition, many email clients. OpenPGP clients must use up-to-date or matched versions so that settings and files created by one application are compatible with another. Only then can the applications share and mutually decrypt messages. The OpenPGP Alliance promotes OpenPGP for other communications as well as email. Facebook, for example, has added the capacity for users to add an OpenPGP key to their profile so that notifications and messages are encrypted.

Security expert Bruce Schneier advises that open encryption standards are best for security and privacy when dealing with such pervasive forces as NSA mass surveillance. He states that open security and encryption standards are much harder for the NSA to back door -- especially without getting caught. The difficulty is increased when the standard is compatible with other services and used by other vendors, because any one of them may discover the back door. Schneier worked along with Edward Snowden and the Guardian newspaper in breaking the whistleblower’s revelations about NSA surveillance.

OpenPGP is specified in IETF (Internet Engineering Task Force) RFC 4880.

This was last updated in June 2015

Continue Reading About OpenPGP

SearchNetworking
  • network packet

    A network packet is a basic unit of data that's grouped together and transferred over a computer network, typically a ...

  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

SearchSecurity
  • Domain-based Message Authentication, Reporting and Conformance (DMARC)

    The Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol is one leg of the tripod of internet ...

  • data breach

    A data breach is a cyber attack in which sensitive, confidential or otherwise protected data has been accessed or disclosed in an...

  • insider threat

    An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.

SearchCIO
  • data privacy (information privacy)

    Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, ...

  • leadership skills

    Leadership skills are the strengths and abilities individuals demonstrate that help to oversee processes, guide initiatives and ...

  • data governance policy

    A data governance policy is a documented set of guidelines for ensuring that an organization's data and information assets are ...

SearchHRSoftware
SearchCustomerExperience
  • recommerce

    Recommerce is the selling of previously owned items through online marketplaces to buyers who reuse, recycle or resell them.

  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

Close