PGP key exchange

If PGP is installed on your computer, Speak Freely will cooperate with it to provide the convenience of public key encryption. To encrypt sound to one or more users on your PGP public keyring, enter enough of their user name(s) to uniquely identify them in the "PGP user name(s)" field of the Option/Connections dialogue. When you click OK to close the dialogue, Speak Freely generates a 128 bit random session key for subsequent communications, invokes PGP in an MS-DOS window to encrypt it with the public key(s) of the named user(s), and transmits it to the host or multicast group the connection addresses. Sound packets sent subsequently to that connection are IDEA encrypted (the same algorithm PGP uses for message bodies) using the session key. The ability to encrypt a session key with more than one user's public key allows you to transmit securely to multiple subscribers to a multicast.

When a session key is received from a remote host, PGP is invoked to decrypt it using your secret key. If you haven't specified your secret key pass phrase using the PGPPASS environment variable, you'll have to type the pass phrase in the MS-DOS window in which PGP is running. See the discussion of the security risks created by the undeniably convenient PGPPASS variable in Phil Zimmerman's " The Official PGP User's Guide" cited in the bookshelf.

Speak Freely invokes PGP via the SFPGP.PIF file in Speak Freely's release directory. If you'd like to change the modes used for running PGP (for example, to use full-screen mode instead of an MS-DOS window), edit this file with the PIF editor and select the modes you prefer. If no SFPGP.PIF file is found, Speak Freely attempts to run PGP directly, using whatever default modes you've set for MS-DOS programs launched by Windows applications.

The IDEA encryption algorithm used to encrypt audio following a PGP key exchange is patented and may not be used commercially without a license; see "Patent issues" for further details.

PGP key exchange and its subsequent IDEA encryption are independent of, and can be used in conjunction with, the other secret key encryption options provided by Speak Freely. There's little to be gained in security and everything to be lost in convenience by combining secret and public key encryption, but if you want to for some reason, you can.

Since the IDEA encryption performed by PGP key exchange is not specified as a part of the RTP and VAT protocols, PGP key exchange can be used only when transmitting in Speak Freely protocol.