OpenPGP set to become global standard

Godfather of encryption and creator of PGP, Phil Zimmermann, has moved over to security company Hush Communications, in a bid to set a global standard for encryption in digital communication and strike a killer blow for privacy on the web.

Zimmermann, formerly a senior fellow at Network Associates, said he plans to move Hush's free web based secure email service, Hushmail, over from Blowfish to OpenPGP-based encryption.

OpenPGP is an Internet Engineering Task Force (IETF) ratified standard based around PGP 5, which Hush and Zimmermann hope will become a global standard as the public demand for secure communications increases. OpenPGP as a development platform can be used to develop email encryption as well as roll out digital signatures and key management systems, said Zimmermann.

PGP 5 is guaranteed free of backdoors after being "developed on my watch", said Zimmermann. A point of contention between the cryptographer and the now-owners of PGP, Network Associates, was that his previous employers refused to publish the PGP source code. Hush, however, does publish the source code for both its previous encryption product and OpenPGP.

Zimmermann said: "OpenPGP is easier to use than PGP because it works over a simple Java applet. The fact that it's encrypted also gives it the security advantage over most web based email."

As well as crusading for privacy on the internet, Zimmermann is no stranger to controversy since the release of his first version of PGP back in 1991, when he became an instant hero online. The uptake of PGP prompted a five-year criminal investigation by the FBI because the encryption levels in the software apparently violated US export laws on encryption. But Zimmermann reckons that rolling OpenPGP out as a global standard will strike the final blow in the name of internet privacy.

"We pretty much won after the encryption export standards were dropped," he said, "but we haven't properly won until email is secure from the prying eyes of government."

See also:

Phil Zimmermann joins UK tech think-tank

Godfather of encryption signs up to the FIPR  13 Sep 2002

Careless encryption key to privacy breach

Student discovers PGP flaw  20 Sep 2001

OpenPGP flaw confirmed

Czechoslovakian security group ICZ, which made a vague warning about vulnerabilities in PGP encryption software at the start of the week, has released a more detailed advisory of the flaw.  22 Mar 2001

Chief privacy officers come on board

Chief privacy officers will join chief information officers and chief technology officers at board level over the next 12 months.  09 Mar 2001

Network Associates eyes the top spot

Security giant Network Associates is running the rule over its entire product line, and will back out of any market it cannot dominate, its new chief executive, George Samenuk, warned last week.  02 Mar 2001

Managers complain of email overload

Managers risk drowning in email as it becomes the by-product of a communications system that may also be hampering efficient knowledge sharing, according to a Mori report.  28 Feb 2001

NA reaffirms channel ties after Q4 losses

Network Associates' chief executive, George Samenuk, has warned that the company faces some "difficult decisions" after it suffered fourth-quarter losses.  02 Feb 2001

Software flaws put internet at risk

Four separate vulnerabilities have been discovered in the software used by most of the internet's domain name system servers, putting parts of the network at risk.  30 Jan 2001

Network Associates divides to rule products

In a surprising turnabout, security software vendor Network Associates has announced it will split into four divisions to take advantage of customer demand for individual products over enterprise solution suites.  21 Jan 2000

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!