Quote from: gratefulheadofdead on May 14, 2013, 08:55 pmCan someone explain to me what a ElGamal key pair is?Ok, you need to know a little theory to really understand this.--PGP is not actually an encryption algorithm, or even an encryption program per se. Lies! you say. But wait.PGP is a cryptosystem. It is a composite of several different technologies, not just one.The public key cryptography part of the PGP cryptosystem has several different encryption algorithms to offer. RSA is the most popular, followed by ElGamal.In public key crypto, there is 1 PGP key which is composed of two parts. A public key and a private key. The public key is used to encrypt only, and the private key is used to decrypt only. In symmetric crypto, there is just 1 key for encryption and decryption.Public key cryptography is brilliant because it solves a problem that has been around for several thousands of years. If somebody gets hold of a symmetric key, then then can listen in to all encrypted traffic on whatever channel is used to communicate. So symmetric cryptography is super secure, until it totally breaks on you and you never know it until it's too late. Ask the Germans or Japanese.So... if it is possible to encrypt with 1 key, and decrypt with another, this means you can give out the encryption key to everybody. It does not help the enemy to receive a public key. It's almost completely useless. That's why everybody posts them on here.Like the traditional symmetric key though, the private key must be kept secret.The problem with public key crypto is that it is very computationally expensive. Very. So, PGP uses a mixture of public key and symmetric key technology to solve the problem. A symmetric key is used to encrypt the email or file. This happens very fast because symmetric crypto is both very strong and very fast.Then, we have two things: the symmetric key which is needed for decryption, and the encrypted message. What PGP does, is it uses public key crypto like RSA or ELG to encrypt, but not the message, but the symmetric key itself, which is much smaller than the message. Then the symmetrically encrypted message and public key encrypted symmetric key are sent to the recipient.The recipient decrypts the symmetric key, and then uses the symmetric key to decrypt the rest of hte message. If this makes your head spin, think metaphorically. It's just like putting your bank deposit box key inside somebody else's briefcase with a combination lock. You spin the combination and the briefcase is locked. Then you give it to the other person, they give the briefcase the correct code and open it up to extract the bank deposit box key. Then they can go to the bank to open the deposit box (which is the real message).This makes public key cryptography possible for regular people without supercomputers and the consequence is cryptoanarchy. But that's another subject.