Gnu Privacy Guard (GnuPG or GPG), is an open, patent-free encryption application whose main purpose is to protect communication and secure data archives. It achieves this goal by implementing a hybrid cipher system that utilizes both a symmetric cipher system and . . .
Gnu Privacy Guard (GnuPG or GPG), is an open, patent-free encryption application whose main purpose is to protect communication and secure data archives. It achieves this goal by implementing a hybrid cipher system that utilizes both a symmetric cipher system and a public-key cipher system. A symmetric cipher is a system that uses a single key for encryption and decryption of data. One problem of using only this type of cryptography system for securing communications is that all parties must know and agree upon the key. The subsequent concern is regarding the best way to securely transmit the information about this key. Unfortunately, no sufficient method for performing this task exists - hence, the weakness in the nature of symmetric cipers.

The public-key cipher system utilizes two keys: a private one that is used for decrypting data, and a public one for encrypting data. This eliminates the problem of secure key communication that is inherent in the symmetric cipher system, since the public key may be freely transmitted. It is, however, imperative that the private key be kept just that - private. As such, the hybrid cryptosystem is one in which the core is the public-key cipher and a symmetric cipher is used to protect the private key.

The link for this article located at UnixReview is no longer available.