Privacy-Enhanced Mail (PEM) is an Internet standard that provides for secure exchange of electronic mail. PEM employs a range of cryptographic techniques to allow for confidentiality, sender authentication, and message integrity. The message integrity aspects allow the user to ensure that a message hasn't been modified during transport from the sender. The sender authentication allows a user to verify that the PEM message that they have received is truly from the person who claims to have sent it. The confidentiality feature allows a message to be kept secret from people to whom the message was not addressed.

It uses a hierarchical authentication framework. Central to the PEM authentication framework are certificates, which contain items such as the digital signature algorithm used to sign the certificate, the subject's Distinguished Name, the certificate issuer's Distinguished name, a validity period, indicating the starting and ending dates the certificate should be considered valid, the subject's public key along with the accompanying algorithm. This hierarchical authentication framework has four entities.

The first is a central authority called the Internet Policy Registration Authority (IPRA), acting as the root of the hierarchy and forming the foundation of all certificate validation in the hierarchy. Second level is Policy Certification Authorities (PCAs), which are responsible for certifying the next lower level of authorities. Third level consists of Certification Authorities (CAs), responsible for certifying both subordinate CAs and also individual users. Individual users are on the lowest level of the hierarchy.

Message confidentiality in PEM is implemented by using standardized cryptographic algorithms. Both symmetric and asymmetric encryption algorithms to be used in PEM key management and message encryption. Currently, the only standardized algorithm for message encryption is the Data Encryption Standard (DES) in Cipher Block Chaining (CBC) mode. Currently, DES in both Electronic Code Book (ECB) mode and Encrypt-Decrypt-Encrypt (EDE) mode, using a pair of 64-bit keys, are standardized for symmetric key management. For asymmetric key management, the RSA algorithm is used.

PEM implements a concept known as a message digest. The message digests that PEM uses are known as RSA-MD2 and RSA-MD5 for both symmetric and asymmetric key management modes. Essentially both algorithms take arbitrary-length ``messages,'' which could be any message or file, and produce a 16-octet value. This value is then encrypted with whichever key management technique is currently in use. When the message is received, the recipient can also run the message digest on the message, and if it hasn't been modified in-transit, the recipient can be reasonably assured that the message hasn't been tampered with maliciously. The reason message digests are used is because they're relatively fast to compute, and finding two different meaningful messages that produce the same value is nearly impossible.

Learn More on RSA-MD2 and RSA-MD5 from Wikipedia

Its a computer program created by Philip Zimmermann that provides cryptographic privacy and authentication. It is used for signing, encrypting and decrypting e-mails to increase the security of e-mail communications.

PDF on Basic PGP functioning available here അപാരനോട്ടാ… വായിച്ചാല്‍ സംഭവം മനസ്സിലാവും ഉറപ്പു്… Learn More at PGP at Wikipedia.and about GPG

The slide available here

• www.iacr.org. International Association for Cryptologic Research (IACR).The IACR holds cryptographic conferences and publishes journals.

• www.pgpi.org. An international PGP Web site, which is not maintained by PGP Corporation, is an unofficial yet comprehensive resource for PGP.

• www.nist.gov/aes. The National Institute of Standards and Technology (NIST) Advanced Encryption Standard (AES) Development Effort, perhaps the most interesting project going on in cryptography today.

• www.ietf.org/rfc/rfc2440.txt. The IETF OpenPGP specification, written by Jon Callas, Lutz Donnerhacke, Hal Finney, and Rodney Thayer.

• www.ietf.org/rfc/rfc3156.txt. The IETF OpenPGP/MIME specification, written by Michael Elkins, Dave del Torto, Raph Levien, and Thomas Roessler.