Returning to our example of exchanging secret mail, you'd
only need four keys to exchange mail amongst four people -- each
person needs a copy of every other's public key. Adding a new person
to the circle requires distributing just one new public key.
Public key cryptography relies on such mathematical coolness as
exponentiation, large numbers, prime numbers, and the commutative
property of multiplication. Some of that is second-grade math, while
most of it is twenty-year-old work done by Whitfield Diffie and Marty
Hellman (the Diffie-Hellman key exchange) and Ron Rivest, Adi Shamir,
and Len Adelman (RSA encryption). For now, all you need to know is
that exchanging public keys with someone lets you exchange strongly
encrypted data. RSA keys are typically 512, 768, or 1,024 bits long:
the longer the key, the stronger the encryption. With 1,024-bit
keys, the encryption is not practically breakable by brute-force
methods -- there are simply too many keys to put into the electronic
What's the buzz?
PGP is available, in source form, for nearly all Unix machines. There
are also DOS and Macintosh versions available in source and binary
form. One of PGP's many attractions is its immense
portability. Getting PGP, however, is not as trivial as finding the local ftp
archive and slurping bits over the wire. Because it contains
strong cryptography, PGP is export-embargoed in the U.S. -- it cannot
be taken or sent outside of the country. There are versions of PGP
developed outside of the U.S. that can be used in other countries, and
can be imported into the U.S. safely.
To ensure that only U.S. citizens currently living in the U.S. retrieve
PGP, the primary distribution site at MIT makes you go through a short
question-and-answer session. Telnet to net-dist.mit.edu, with a login
getpgp, and answer the questions posed to you. You'll
be given a directory on that machine from which you can fetch PGP via
anonymous ftp. Do so quickly after filling in the questionnaire,
because the directory changes frequently. For more information, check
MIT distribution site's home page.