PGP Public and Private Keys

<< Click to Display Table of Contents >>

Navigation:  Robo-FTP User's Guide > Appendix > Security > PGP Encryption and Decryption > PGP Concepts >

PGP Public and Private Keys

 

PGP utilizes public key cryptography. Public key cryptography is a scheme that uses a pair of keys for encryption: a public key, which encrypts files, and a corresponding private, or secret key for decryption. You provide your public key to anyone you want to receive encrypted information from while keeping your private key secret.

 

Anyone with a copy of your public key can then encrypt information that only you can read. Conversely, If you have someone else’s public key, you can encrypt information that only they can read - in other words, only the person who has the corresponding private key can decrypt the information.

 

PGP, as implemented by Robo-FTP, permits you to create keys of three different sizes (measured in bits): 1024, 2048, and 4096. Larger keys will be cryptographically secure for a longer period of time. If what you want to encrypt needs to be hidden for many years, you might want to use the largest key. Robo-FTP maintains backwards compatibility with shorter keys from previous versions.

 

Robo-FTP stores keys in an encrypted form on disk. As you use PGP, you will typically import the public keys of your recipients. If you lose your private key, you will be unable to decrypt any information encrypted with its associated public key.

 

Keys created by Robo-FTP consist of the following user-supplied elements:

 

A user name (required and at least five characters in length)
A comment (optional and of any desired length)
An e-mail address (optional and of any desired length)
A passphrase (required and at least eight characters in length)

 

When encrypting a file, the public key of the recipient must be specified. Keys are identified by any combination of user name, comment, and/or e-mail address. This combination will be referred to as the key name. These elements may be specified in part or in full. You often see a key name specified in the following format:

 

user name (comment) <e-mail address>

 

All that is required within a key name is enough unique information to locate the desired key. For example, if a key is created using a user name of Richard Tracy and there are no other keys on a keyring with a user name containing Richard, then only the first name is required as part of the key name.

 

Important

The required key creation elements vary between PGP implementations. For example, not all PGP keys contain a comment element. Some PGP implementations may permit shorter user names and some may not require a passphrase.

 

 

Related: PGP Passphrases, PGP ASCII Armoring, PGP Digital Signatures

See also: Robo-FTP and PGP Cryptography