How PGP Works Under the Hood

  1. The plaintext is processed by a hashing algorithm such as MD5.
  2. The digest (this is the name of the output of a hashing function) is encrypted with Alice’s private key. When Bob will receive the message, he can decrypt the hash (Bob has Alice’s public key) and verify that the hash is correct. This is the signature of the message: we are sure that the message was send by Alice and that it was not modified by someone.
  3. The plaintex and the encrypted hash are now concatenated into a single message.
  4. This message is now compressed using the ZIP program.
  5. The compressed text is the input for the symmetric IDEA (International Data Encryption Algorithm). The IDEA algorithm uses a 128 bit key called Km. Km is randomly chosen.
  6. The 128 bit IDEA key (Km) is now encrypted with Bob’s public key.
  7. The encrypted key (6th step) is concatenated with the output of the IDEA algorithm (5th step).
  8. All this is converted in Base64.