PGP(Pretty Good Privacy) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.
PGP is a popular program used to encrypt and decrypt email over the Internet, as well as authenticate messages with digital signatures and encrypted stored files.
What is TLS?
TLS is a cryptographic protocol that provides end-to-end communications security over networks and is widely used for internet communications and online transactions.
Transport Layer Security (TLS) is a protocol that provides authentication, privacy, and data integrity between two communicating computer applications. It's the most widely-deployed security protocol used today and is used for web browsers and other applications that require data to be securely exchanged over a network, such as web browsing sessions, file transfers, VPN connections, remote desktop sessions, and voice over IP (VoIP).
The TLS protocol specification defines two layers. The TLS record protocol provides connection security, and the TLS handshake protocol enables the client and server to authenticate each other and to negotiate security keys before any data is transmitted.
Secure Sockets Layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet. After being formally introduced in 1995, SSL made it possible for a web server to securely enable online transactions between consumers and businesses. Due to numerous protocol and implementation flaws and vulnerabilities, SSL was deprecated for use on the internet by the Internet Engineering Task Force (IETF) in 2015 and has been replaced by the Transport Layer Security (TLS) protocol.
SSL uses a combination of public key encryption and private key encryption and other cryptographic functions to secure a connection between two machines, typically a web server or mail server and a client system, communicating over the internet or another TCP/IP network.
TLS and SSL are not interoperable, but TLS does offer backward compatibility for older devices still using SSL
A Security Association (SA) is the establishment of shared security attributes between two network entities to support secure communication. An SA may include attributes such as: cryptographic algorithm and mode; traffic encryption key; and parameters for the network data to be passed over the connection. The framework for establishing security associations is provided by the Internet Security Association and Key Management Protocol (ISAKMP). Protocols such as Internet Key Exchange and Kerberized Internet Negotiation of Keys provide authenticated keying material.
An SA is a simplex (one-way channel) and logical connection which endorses and provides a secure data connection between the network devices.
IPsec (Internet Protocol Security)
IP Security protocol, defines the architecture for security services for IP network traffic. IPsec describes the framework for providing security at the IP layer, as well as the suite of protocols designed to provide that security, through authentication and encryption of IP network packets. Also included in IPsec are protocols that define the cryptographic algorithms used to encrypt, decrypt and authenticate packets, as well as the protocols needed for secure key exchange and key management.
IPsec originally defined two mechanisms for imposing security on IP packets:
the Encapsulating Security Payload (ESP) protocol, which defined a method for encrypting data in IP packets, and
the Authentication Header (AH) protocol, which defined a method for digitally signing IP packets.
The Internet Key Exchange (IKE) protocol is used to manage the cryptographic keys used by hosts for IPsec.