Pretty Good Privacy (PGP)
- Created
- 2007-07-31
- Last Updated
- 2020-07-21
- Available Formats
-
XML
HTML
Plain text
Registries included below
- PGP String-to-Key (S2K)
- PGP Packet Types/Tags
- PGP User Attribute Types
- Image Format Subpacket Types
- Signature Subpacket Types
- Signature Notation Data Subpacket Types
- Key Server Preference Extensions
- Reason for Revocation Extensions
- Implementation Features
- New Packet Versions
- Key Flags Extensions
- Public Key Algorithms
- Symmetric Key Algorithms
- Hash Algorithms
- Compression Algorithms
PGP String-to-Key (S2K)
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| ID | S2K Type | Reference |
|---|---|---|
| 0 | Simple S2K | [RFC4880] |
| 1 | Salted S2K | [RFC4880] |
| 2 | Reserved value | [RFC4880] |
| 3 | Iterated and Salted S2K | [RFC4880] |
| 4-99 | Unassigned | [RFC4880] |
| 100-110 | Private/Experimental S2K | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
PGP Packet Types/Tags
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved - a packet tag MUST NOT have this value | [RFC4880] |
| 1 | Public-Key Encrypted Session Key Packet | [RFC4880] |
| 2 | Signature Packet | [RFC4880] |
| 3 | Symmetric-Key Encrypted Session Key Packet | [RFC4880] |
| 4 | One-Pass Signature Packet | [RFC4880] |
| 5 | Secret Key Packet | [RFC4880] |
| 6 | Public Key Packet | [RFC4880] |
| 7 | Secret Subkey Packet | [RFC4880] |
| 8 | Compressed Data Packet | [RFC4880] |
| 9 | Symmetrically Encrypted Data Packet | [RFC4880] |
| 10 | Marker Packet | [RFC4880] |
| 11 | Literal Data Packet | [RFC4880] |
| 12 | Trust Packet | [RFC4880] |
| 13 | User ID Packet | [RFC4880] |
| 14 | Public Subkey Packet | [RFC4880] |
| 15-16 | Unknown | |
| 17 | User Attribute Packet | [RFC4880] |
| 18 | Sym. Encrypted and Integrity Protected Data Packet | [RFC4880] |
| 19 | Modification Detection Code Packet | [RFC4880] |
| 20-59 | Unassigned | [RFC4880] |
| 60-63 | Private or Experimental Values | [RFC4880] |
PGP User Attribute Types
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | [RFC4880] |
| 1 | image | [RFC4880] |
| 2-99 | Unassigned | [RFC4880] |
| 100-110 | Experimental or Private Use | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
Image Format Subpacket Types
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | [RFC4880] |
| 1 | JPEG | [RFC4880] |
| 2-99 | Unassigned | [RFC4880] |
| 100-110 | Experimental or Private Use | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |
Signature Subpacket Types
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| Value | Attribute | Reference |
|---|---|---|
| 0 | Reserved | |
| 1 | Reserved | |
| 2 | signature creation time | [RFC4880] |
| 3 | signature expiration time | [RFC4880] |
| 4 | exportable certification | [RFC4880] |
| 5 | trust signature | [RFC4880] |
| 6 | regular expression | [RFC4880] |
| 7 | revocable | [RFC4880] |
| 8 | Reserved | |
| 9 | key expiration time | [RFC4880] |
| 10 | placeholder for backward compatibility | [RFC4880] |
| 11 | preferred symmetric algorithms | [RFC4880] |
| 12 | revocation key | [RFC4880] |
| 13-15 | Reserved | |
| 16 | issuer key ID | [RFC4880] |
| 17-19 | Reserved | |
| 20 | notation data | [RFC4880] |
| 21 | preferred hash algorithms | [RFC4880] |
| 22 | preferred compression algorithms | [RFC4880] |
| 23 | key server preferences | [RFC4880] |
| 24 | preferred key server | [RFC4880] |
| 25 | primary User ID | [RFC4880] |
| 26 | policy URI | [RFC4880] |
| 27 | key flags | [RFC4880] |
| 28 | signer's User ID | [RFC4880] |
| 29 | reason for revocation | [RFC4880] |
| 30 | features | [RFC4880] |
| 31 | signature target | [RFC4880] |
| 32 | embedded signature | [RFC4880] |
| 33-99 | Unassigned | |
| 100-110 | Private or experimental | [RFC4880] |
| 111-127 | Unassigned | [RFC4880] |
Signature Notation Data Subpacket Types
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Unassigned
- Reference
- [RFC4880]
- Note
-
Notation names are arbitrary strings encoded in UTF-8. They reside two name spaces: The IETF name space and the user name space. The IETF name space is registered with IANA. These names MUST NOT contain the "@" character (0x40). This is a tag for the user name space.
| Allowed values | Name | Type | Reference |
|---|---|---|---|
| No registrations at this time. | |||
Key Server Preference Extensions
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Note
-
This is a variable length bit field. - Available Formats
-
CSV
| First octet | Extension | Reference |
|---|---|---|
| 0x00-0x07 | Unassigned | [RFC4880] |
| 0x80 | No-modify | [RFC4880] |
Reason for Revocation Extensions
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| Value | Flag | Reference |
|---|---|---|
| 0 | No reason specified (key revocations or cert revocations) | [RFC4880] |
| 1 | Key is superseded (key revocations) | [RFC4880] |
| 2 | Key material has been compromised (key revocations) | [RFC4880] |
| 3 | Key is retired and no longer used (key revocations) | [RFC4880] |
| 4-31 | Unassigned | |
| 32 | User ID information is no longer valid (cert revocations) | [RFC4880] |
| 33-99 | Unassigned | |
| 100-110 | Private Use | |
| 111-255 | Unassigned |
Implementation Features
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| First octet | Feature | Reference |
|---|---|---|
| 0x01 | Modification Detection (packets 18 and 19) | [RFC4880] |
| 0x02-0x80 | Unassigned | [RFC4880] |
New Packet Versions
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
| Name | Type | Allowed Values | Reference |
|---|---|---|---|
| No registrations at this time. | |||
Key Flags Extensions
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Note
-
The flags in this packet may appear in self-signatures or in certification signatures. They mean different things depending on who is making the statement -- for example, a certification signature that has the "sign data" flag is stating that the certification is for that use. On the other hand, the "communications encryption" flag in a self-signature is stating a preference that a given key be used for communications. Note however, that it is a thorny issue to determine what is "communications" and what is "storage." This decision is left wholly up to the implementation; the authors of this document do not claim any special wisdom on the issue, and realize that accepted opinion may change. The "split key" (0x10) and "group key" (0x80) flags are placed on a self-signature only; they are meaningless on a certification signature. They SHOULD be placed only on a direct-key signature (type 0x1f) or a subkey signature (type 0x18), one that refers to the key the flag applies to. - Available Formats
-
CSV
| First octet | Extension | Reference |
|---|---|---|
| 0x01 | This key may be used to certify other keys. | [RFC4880] |
| 0x02 | This key may be used to sign data. | [RFC4880] |
| 0x04 | This key may be used to encrypt communications. | [RFC4880] |
| 0x08 | This key may be used to encrypt storage. | [RFC4880] |
| 0x10 | The private component of this key may have been split by a secret-sharing mechanism. | [RFC4880] |
| 0x20 | This key may be used for authentication. | [RFC4880] |
| 0x80 | The private component of this key may be in the possession of more than one person. | [RFC4880] |
Public Key Algorithms
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Reserved | |
| 1 | RSA (Encrypt or Sign) | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 2 | RSA Encrypt-Only | |
| 3 | RSA Sign-Only | |
| 4-15 | Unassigned | [RFC4880] |
| 16 | Elgamal (Encrypt-Only) | [T. Elgamal, "A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," IEEE Transactions on Information Theory, v. IT-31, n. 4, 1985, pp. 469-472.][Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 17 | DSA (Digital Signature Algorithm) | [FIPS 186-2change1][FIPS 186-3][Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 18 | ECDH public key algorithm | [RFC6637] |
| 19 | ECDSA public key algorithm | [RFC6637] |
| 20 | Reserved (formerly Elgamal Encrypt or Sign) | |
| 21 | Reserved for Diffie-Hellman (X9.42, as defined for IETF-S/MIME) | |
| 22-99 | Unassigned | |
| 100-110 | Private/Experimental algorithm | |
| 111-255 | Unassigned |
Symmetric Key Algorithms
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Plaintext or unencrypted data | [RFC4880] |
| 1 | IDEA | [Lai, X., "On the design and security of block ciphers", ETH Series in Information Processing, J.L. Massey (editor), Vol. 1, Hartung-Gorre Verlag Knostanz, Technische Hochschule (Zurich), 1992] |
| 2 | TripleDES (DES-EDE, [SCHNEIER] [HAC] 168 bit key derived from 192) | |
| 3 | CAST5 (128 bit key, as per RFC 2144) | |
| 4 | Blowfish (128 bit key, 16 rounds) | [Schneier, B. "Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish)" Fast Software Encryption, Cambridge Security Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp191-204] |
| 5 | Reserved | |
| 6 | Reserved | |
| 7 | AES with 128-bit key | [http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf] |
| 8 | AES with 192-bit key | [http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf] |
| 9 | AES with 256-bit key | [http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf] |
| 10 | Twofish with 256-bit key | [B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, and N. Ferguson, "The Twofish Encryption Algorithm", John Wiley & Sons, 1999.] |
| 11 | Camellia with 128 bit key | [RFC5581] |
| 12 | Camellia with 192 bit key | [RFC5581] |
| 13 | Camellia with 256 bit key | [RFC5581] |
| 14-99 | Unassigned | |
| 100-110 | Private/Experimental algorithm | [RFC4880] |
| 111-255 | Unassigned |
Hash Algorithms
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| ID | Algorithm | Text Name | Reference |
|---|---|---|---|
| 1 | MD5 (deprecated) | "MD5" | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.][RFC1321] |
| 2 | SHA-1 | "SHA1" | [[FIPS180]] |
| 3 | RIPE-MD/160 | "RIPEMD160" | [Alfred Menezes, Paul van Oorschot, and Scott Vanstone, "Handbook of Applied Cryptography," CRC Press, 1996.] |
| 4-7 | Reserved | [RFC4880] | |
| 8 | SHA256 | "SHA256" | [[FIPS180]] |
| 9 | SHA384 | "SHA384" | [[FIPS180]] |
| 10 | SHA512 | "SHA512" | [[FIPS180]] |
| 11 | SHA224 | "SHA224" | [[FIPS180]] |
| 12-99 | Unassigned | [RFC4880] | |
| 100-110 | Private/Experimental algorithm | ||
| 111-255 | Unassigned | [RFC4880] |
Compression Algorithms
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC4880]
- Available Formats
-
CSV
| ID | Algorithm | Reference |
|---|---|---|
| 0 | Uncompressed | [RFC4880] |
| 1 | ZIP | [RFC1951] |
| 2 | ZLIB | [RFC1950] |
| 3 | BZip2 | [J. Seward, jseward&acm.org, "The Bzip2 and libbzip2 home page"] |
| 4-99 | Unassigned | [RFC4880] |
| 100-110 | Private/Experimental algorithm | [RFC4880] |
| 111-255 | Unassigned | [RFC4880] |