Pretty Good Privacy (PGP)

Phil Zimmermann (b. 1954)

Pretty Good Privacy (PGP) is an email encryption program developed by Phil
Zimmermann, a peace activist and computer programmer who cared deeply
about the privacy rights of global citizens.
In 1991, Zimmermann learned there was an anticrime bill being debated in the
US Senate to require companies selling encryption products in the United
States to include “trap doors” in their software so that government
investigators could get copies of the unencrypted messages—the so-called plain
text.
Zimmermann foresaw codebreaking warrants being used against people like
him who were lawfully protesting the government’s policies. So he decided to
write a program to let people exchange encrypted email.
Zimmermann called his program Pretty Good Privacy and released version 1.0
on June 5, 1991. The program was buggy and had security vulnerabilities that
were later discovered (and fixed), but there was just enough functionality to let
people create public/private key pairs, distribute public keys over the internet,
and then use those public keys to send each other encrypted mail. And as near
as anyone could tell at the time, the messages sent by PGP were uncrackable
by any government.
In 1993, RSA Security, Inc., the company created by the three MIT professors
who had invented the RSA algorithm, complained to the US government that
PGP violated patent 4,405,829, “cryptographic communications system and
method,” assigned to MIT and licensed to RSA Security. The government
responded by launching an investigation of Zimmermann for illegally exporting
cryptographic software in violation of laws restricting the export of munitions.
That investigation lasted until January 11, 1996, when the government
announced it was giving up on the prosecution. Four years later, the US
Department of Commerce revised the export control regulations, making it legal
to export encryption software in source code form.
Today, the PGP standard, implemented by both PGP and its compatible cousin,
the GNU Privacy Guard, is one of the dominant systems for exchanging
encrypted email.
SEE ALSO RSA Encryption (1977), GNU Manifesto (1985)
Pretty Good Privacy provided padlock-like security for everyday email
messages.