PGP - Is it possible to break PGP protected E-mail sent

I was wondering how secure is PGP from a outside person that does not have my key.  Would a normal security person with CISSP, or even a secuirty major be able to break in and read the email contents



AppsGrpAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

csgeekpyroCommented:
Short answer, no.

Not so short answer, yes...but it would take many hundreds of years or a breakthrough in quantum computing.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
fostejoCommented:
AppsGrp,

Taking into account your stipulation of "a normal security person" I'd tend to agree with csgeenpyro - PGP is, literally, Pretty Good Privacy.  I use it myself and I'm confident that my private data will remain so for a long(ish) time to come.

However, is PGP 'uncrackable'? - No.  There have been issues identified with PGP previously and the likelyhood is that current versions are also not 'perfect' and may under some very specific circumstances allow data to be accessed by someone with the appropriate knowledge and access to the data.  Have a look at http://www.rossde.com/PGP/pgp_weak.html for some furhter detail about known glitches in previous versions.

In reality, many encryption/security systems, including PGP, tend to fall down not due to them being "cracked" due to some fundemental flaw in their algorithms (though that happens also!), but rather because the user keeps the complex password on the sticky note under the keyboard or uses their birthday/spouses name/favorite Buffy character as the "key" or their machine is compromise already due to bad security practices (a keylogger for instance) - in other words, the human side of the equation.  ;)

The following PDF is quite an interesting read also.. http://www.blackhat.com/presentations/bh-europe-05/bh-eu-05-callas-up.pdf

cheers,



0
mnb93Commented:
I agree with the above, however Asymmetric Encryption that we have today (eg. PGP) in theory will be cracked in less than a second with quantum computers.
(Even 4096-bit keys) Though a 128bit  (and 256bit..... well...) Symmetric Encryption Key (Provided the Algoithmn is ok) will last till the sun explodes; with quantum computers. (256bit = time till the sun explodes^2)  
0
jhanceCommented:
Short answer, yes it's possible to crack the PGP encryption algorithm.

Practical?  Well unless you've chosen a weak key, no it's not practical to crack this encryption using today's technology.  

There are easier attack vectors if someone really wanted this data.  
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.