PEM/PGP EncapsulationPEM stands for Privacy Enhanced Mail and PGP for Pretty Good Privacy
Privacy Enhanced Mail and Pretty Good Privacy are encryption programs used to assure the privacy of e-mail transmissions--secure electronic envelopes as it were. They allow messages between two parties in a way that 1) precludes third parties from reading them, and 2) allows certification of the sender's digital signature to assure that the person who sent the message is really who they claim to be. Both PGP and PEM use RSA encryption and a combination of public and private keys.
PEM is the official Internet standard for digital signature and encryption services for text-based electronic mail. PGP is a non-standard encryption program that is nevertheless the de facto standard on the Internet.
Both rely on a two-key approach. Someone else uses your widely-distributed public key to send you mail; you use your private key to decrypt the transmission. Both parties must therefore have PGP software, and the sender must have a copy of the receivers public key. You can verify someone else's private-key encoded signature with your copy of their public key.
PGP is available in DOS and Windows (WinPGP) as well as Macintosh (MacPGP) versions.
The free distribution of PGP by its creator, Phil Zimmerman, created a stir in government encryption circles. In an effort to assure surveillance for purposes of national security, the United States government has banned the distribution of RSA encryption technology devices outside the United States. The government, charged with responsibilities for breaking the ciphers of other nations, obviously cannot countenance the publication of a cipher that it cannot break. While restrictions such as these are difficult, if not impossible, to enforce on the Internet, the MIT, distributor of PGP, does monitor the location of downloading sites.