This suite of tools was largely a political statement. In 1991, Phil Zimmermann (one of Newsweek’s "Net 50", the 50 most influential people on the Internet) authored PGP (Pretty Good Privacy). In order to properly discuss the history of GPG, we must set the scene. One very popular implementation of this standard is GPG4WIN which can be used on Windows systems to encrypt files at-rest. GPG can be thought of as a suite of individual tools, used for different purposes. One very popular tool for accomplishing this feat is GPG (GNU Privacy Guard), which is an open source standard for securing data storage. Encryption at-rest can be applied to an entire drive or value such as with Microsoft’s Bitlocker, or it can be more granularly applied to specific files. A key, passphrase, or both, is required to return the state of the data into something readable. Arbitrary data is treated as plaintext, and encrypted into ciphertext. This protects against physical theft, or an attacker who has already compromised the machine on which the data resides. In contrast, encryption at-rest encrypts data sitting on a hard drive. While encryption in-transit (also called in-flight) focuses on secure transmission via an insecure channel, both the sending and receiving endpoint have access to the information in the clear. However, equally worth understanding is encryption at-rest. Usually we focus on SSL/TLS and its role in encryption in-transit.
0 Comments
Leave a Reply. |