Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


PGP - Is it possible to break PGP protected E-mail sent

Posted on 2006-04-06
Medium Priority
Last Modified: 2008-01-09
I was wondering how secure is PGP from a outside person that does not have my key.  Would a normal security person with CISSP, or even a secuirty major be able to break in and read the email contents

Question by:AppsGrp

Accepted Solution

csgeekpyro earned 128 total points
ID: 16395670
Short answer, no.

Not so short answer, yes...but it would take many hundreds of years or a breakthrough in quantum computing.
LVL 10

Assisted Solution

fostejo earned 124 total points
ID: 16396536

Taking into account your stipulation of "a normal security person" I'd tend to agree with csgeenpyro - PGP is, literally, Pretty Good Privacy.  I use it myself and I'm confident that my private data will remain so for a long(ish) time to come.

However, is PGP 'uncrackable'? - No.  There have been issues identified with PGP previously and the likelyhood is that current versions are also not 'perfect' and may under some very specific circumstances allow data to be accessed by someone with the appropriate knowledge and access to the data.  Have a look at http://www.rossde.com/PGP/pgp_weak.html for some furhter detail about known glitches in previous versions.

In reality, many encryption/security systems, including PGP, tend to fall down not due to them being "cracked" due to some fundemental flaw in their algorithms (though that happens also!), but rather because the user keeps the complex password on the sticky note under the keyboard or uses their birthday/spouses name/favorite Buffy character as the "key" or their machine is compromise already due to bad security practices (a keylogger for instance) - in other words, the human side of the equation.  ;)

The following PDF is quite an interesting read also.. http://www.blackhat.com/presentations/bh-europe-05/bh-eu-05-callas-up.pdf



Assisted Solution

mnb93 earned 124 total points
ID: 16396609
I agree with the above, however Asymmetric Encryption that we have today (eg. PGP) in theory will be cracked in less than a second with quantum computers.
(Even 4096-bit keys) Though a 128bit  (and 256bit..... well...) Symmetric Encryption Key (Provided the Algoithmn is ok) will last till the sun explodes; with quantum computers. (256bit = time till the sun explodes^2)  
LVL 32

Assisted Solution

jhance earned 124 total points
ID: 16397039
Short answer, yes it's possible to crack the PGP encryption algorithm.

Practical?  Well unless you've chosen a weak key, no it's not practical to crack this encryption using today's technology.  

There are easier attack vectors if someone really wanted this data.  

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question