How PGP works

• About the author
• History of PGP
• How PGP works

Here we have David and Antonia again. David and Antonia generate two pair of keys; one is known as public key; the other, private key. They then exchanged the public keys. These public keys may even be published for other people. Note that the respective private keys are never made known to anyone but themselves.

When David wants to send Antonia any private message, he will encode the message using Antonia's public key. She, then opens the message and decrypt the encrypted message using her private key. Similarly, she replies to David using his public key.

Possible Security Loophole
What happens if the interceptor is in control of the mail server? Let's say a jealous team took over a server, intercepts David's and Antonia's public keys when these two exchanged their public keys. What the interceptor could do is to send a fake key to both David and Antonia, both of them not knowing that the key they received belongs to the interceptor. Then when any of them send a message encrypted in the received public key, the interceptor could easily decode the message using his own private key! He could re-encrypt the message using the real public key of the recipient and nobody will suspect anything. This could be done without even knowing their private keys!