Shulou(Shulou.com)06/01 Report--

This article focuses on "the difference between PGP and SMIME encryption". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn the difference between PGP and SMIME encryption.

What is PGP encryption?

PGP (full name: Pretty Good Privacy, excellent confidentiality Agreement) is a set of applications for information encryption and verification, which can be used to encrypt e-mail content. PGP itself is a commercial application; a similar open source tool is called GnuPG (GPG). PGP and its similar products all comply with OpenPGP data encryption and decryption standards.

Philippe Zimmerman (Philip R. Zimmermann) created the first version of PGP in 1991. In July 1997, PGP Inc. Zimmerman agreed with IETF to develop a public Internet standard called OpenPGP (RFC 4880), and any program that supports this standard is also allowed to be called OpenPGP. The OpenPGP program developed by the Free Software Foundation is called GnuPG (GPG), and some commercial OpenPGP software has been developed one after another.

What is S/MIME encryption?

S/MIME is the abbreviation of Secure/Multipurpose Internet Mail Extensions (secure Multi-purpose Internet Mail extension Protocol). It is an international standard protocol that uses PKI technology to sign and encrypt mail subjects with digital certificates. In 1992, the MIME (Multipurpose Internet Mail extension) protocol was compiled for communication between Internet mail servers and gateways. This standard method supports non-ASCII encoded attachments, which means that you can send attachments and ensure that files can be delivered to the other end, but attachments are sometimes tampered with to ensure email confidentiality and integrity. In 1995, the V1 version of the S/MIME (secure / Multipurpose Internet Mail extension) protocol was developed, which extended the security functions by providing digital signatures and email encryption, which were used to protect the content of e-mail, digital signatures used to verify the identity of the sender, to prevent identity fraud, and to protect the integrity of e-mail. In 1998 and 1999, V2/V3 versions were issued and IETF was submitted to form a series of RFC international standards.

The difference between PGP and S/MIME encryption

Both S/MIME and PGP are protocols for authentication and encryption protection of messages over the Internet, and both use public key encryption technology for e-mail signature and encryption. The main differences are:

Public key credibility: in the S/MIME standard, users must apply for a X.509v3 digital certificate from a trusted certificate authority. The authoritative CA authority verifies the true identity of the user and signs the public key to ensure the credibility of the user's public key. The recipient verifies the sender's identity through the certificate public key. While PGP does not provide a policy to force the creation of trust, the sender creates and signs his own key pair, or signs the public key for other communication users to increase their key credibility. There is no trusted authority to verify identity information, and each user must decide whether to trust each other.

The scope of encryption protection: PGP was born to solve the security problem of plain text messages, while S/MIME not only protects text messages, but also aims to protect various attachments / data files.

Centralized management: from an administrative point of view, S / MIME is considered to be superior to PGP because of its powerful capabilities to support centralized key management through X.509 certificate servers.

Compatibility and ease of use: S/MIME has broader industry support, and the S/MIME protocol has been built into most email client software, such as Outlook, Thunderbird, and iMail, which support S/MIME encryption. From an end-user perspective, S/MIME is also easier to use than PGP because PGP needs to download additional plug-ins to run, and the S/MIME protocol allows most vendors to send and receive encrypted e-mail without using other plug-ins.

Therefore, on the whole, the applicability of S/MIME standard is more extensive, and it can protect the security and credibility of e-mail more comprehensively. The trusted email standard issued by the National Institute of Standards and Technology explicitly recommends that federal agencies use S/MIME to protect email security:

For federation use, OpenPGP is not the preferred message encryption technology. S/MIME and a certificate issued by a known CA should be used.

Use S/MIME signatures to ensure the authenticity and integrity of the message.

Enterprises should build a key management system to protect e-mail users' session encryption keys.

At this point, I believe you have a deeper understanding of the "difference between PGP and SMIME encryption". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.