Europe South Asia Asia Pacific Americas Middle East Africa BBC Homepage World Service Education
BBC Homepagelow graphics version | feedback | help
BBC News Online
 You are in: Business
Front Page 
UK Politics 
Market Data 
Your Money 
Business Basics 
Talking Point 
In Depth 
Wednesday, 15 December, 1999, 22:50 GMT
Internet security boon

PGP - "Pretty Good Privacy" - is the e-mail security standard

One of the hottest topics in the world of e-commerce just now is e-security - how to send and receive private information across the internet and provide the electronic equivalent of a signature.

The US government has recently confirmed that it is relaxing the rules on exporting encryption systems, which it had seen as having largely military and secret service applications.

Now it is recognising how they have become an increasingly critical means of shaping the development of global communications and e-commerce.

It has also been estimated that the worldwide market for security software will be well in excess of $8bn by 2003, and the Americans want a big slice of the cake.


A US company, Network Associates, has now announced that it has been granted a full licence by the federal authorities to export its PGP encryption software.

This means that Network, which describes itself as the world's largest security software company, is able to export its systems to virtually any country worldwide without restriction.

The Santa Clara-based firm says its PGP system secures all e-mail, disk, file and network communications between businesses.

It can also send a digital signature to confirm identity and that an e-mail has not been tampered with en route.

Er, P-G-what?

PGP stands for Pretty Good Privacy and is widely used for securing e-mail.

The system was developed by Philip Zimmermann in 1991 and is available as freeware (see links in the right-hand panel of this page), although it may not be used commercially in this form.

Business users must buy it from Network, who acquired the rights from Mr Zimmermann in 1997.

PGP uses the most common system for authenticating messages on the internet, known as public key cryptography.

Each user has a public encryption key and a private key known only to themselves.

If someone wants to send you a message, they would encrypt it using your public key. On its arrival, you would unscramble it using your private key.

Signing off

The digital signature facility means that the private key can also be used to send a digital certificate over the internet - a kind of electronic credit card - to authenticate the holder's credentials.

The certificate can be decoded by the receiving organisation using the sender's public key.

Earlier this month, the UK government staged an event designed to demonstrate its commitment to encouraging British companies to embrace e-commerce in which the Trade Secretary, Stephen Byers, signed a document digitally and published it on the net.

The government's Electronic Communications Bill is in the process of passing through Parliament.

Search BBC News Online

Advanced search options
Launch console

See also:
07 Dec 99 |  Business
Byers has e-signs on web
17 Sep 99 |  Americas
Encryption ruling raises security fears
30 Sep 99 |  The Economy
CIA invests in Silicon Valley
30 Nov 99 |  Business
Online share dealing - is it safe?
17 Nov 99 |  Sci/Tech
Police net powers switched
07 Dec 99 |  Business
EU e-commerce agreement
29 Nov 99 |  Business
E-business: opportunity or peril?

Internet links:

The BBC is not responsible for the content of external internet sites
Links to other Business stories are at the foot of the page.

E-mail this story to a friend

Links to more Business stories