Tech Note #82: Hints for Using PGP
1998 Bionic Buffalo Corporation; All Rights Reserved.
28 October 1998
1 of 4
Bionic Buffalo Tech Note #82:
Hints for Using PGP
last revised Wednesday 28 October 1998
©1998 Bionic Buffalo Corporation. All rights reserved.
Tatanka and TOAD are trademarks of Bionic Buffalo Corporation.
This document gives some miscellaneous hints for using PGP. It is not a substitute for other
PGP documentation. It is a quick introduction for anyone who wants it. We hope this will make
it easier to use PGP.
There are two main uses of PGP:
authentication - PGP will verify the authorship of digitally-signed documents or files
encryption - PGP will scramble data so that only the intended recipients can unscramble it
A PGP user first creates a key pair. The key pair has two parts: a public key and a private key.
The public key should be distributed widely to anyone who wants to communicate with the
PGP user. The private key is kept a secret, and remains known only to the PGP user who
created the key pair.
PGP uses a pass-phrase to keep the private key secret. The pass-phrase is not the same as the
private key itself. The pass-phrase is used to encrypt (scramble) the private key so the private
key cannot be read from the user’s disk.
This is how authentication (document signing) works:
The author of the document uses his private key to create a signature. The signature can be
given out with the document.
A reader can use the matching public key to verify it was signed using the private key.
To sign a document, you need your own private key. To verify a signature, you need the
public key of the signer.
This is how encryption works:
The author of the document encrypts (scrambles) the document using the public keys of
anyone who should be able to read the document.
Each reader must use his matching private key to decrypt (unscramble) the document.