How PGP Works: Keys

Users generate their own RSA Keys: pgp -kg

• Minimum size: 384 bits (easily broken today)
• Maximum size: 2048 bits (should last a long time).
• Larger keys take longer to generate and use.

A key can have a number of userIDs associated with it. This is the user-printable owner of the key. A key is referenced by its userID, or its keyID (the low-order bits of the Public Key).

pgp -kvv warlord
pub   709/C1B06AF1 1992/09/25 Derek Atkins <warlord@MIT.EDU>
sig       23BDC6F9             William J. Clinton <president@whitehouse.gov>
sig       DE09D78D             Albert Gore <vice-president@whitehouse.gov>

Other users can sign the key, once they have verified it. A signature is a binding between key (ID 0xC1B06AF1) and userID (<warlord@MIT.EDU>).

Next: Messages