Application Protocols

DNS
An application layer protocol defines how the application processes running on different
systems, pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a host on
the network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a sequence of
symbols specified by dots.
o DNS is a service that translates the domain name into IP addresses. This allows the
users of networks to utilize user-friendly names when looking for other hosts instead
of remembering the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50,
most people would reach this site by specifying ftp.EduSoft.com. Therefore, the
domain name is more reliable than IP address.

DNS is a TCP/IP protocol used on different platforms. The domain name space is divided
into three different sections: generic domains, country domains, and inverse domain.

Generic Domains
 o It defines the registered hosts according to their generic behavior.
o Each node in a tree defines the domain name, which is an index to the DNS
database.
o It uses three-character labels, and these labels describe the organization type.

Label Description

aero Airlines and aerospace companies

biz Businesses or firms

com Commercial Organizations

coop Cooperative business Organizations

edu Educational institutions

gov Government institutions

info Information service providers

int International Organizations

mil Military groups

museum Museum & other nonprofit organizations

name Personal names

net Network Support centers

org Nonprofit Organizations

pro Professional individual Organizations

Country Domain
The format of country domain is same as a generic domain, but it uses two-character
country abbreviations (e.g., us for the United States) in place of three character
organizational abbreviations.

Inverse Domain
The inverse domain is used for mapping an address to a name. When the server has
received a request from the client, and the server contains the files of only authorized
clients. To determine whether the client is on the authorized list or not, it sends a query to
the DNS server and ask for mapping an address to the name.

Working of DNS
 o DNS is a client/server network communication protocol. DNS clients send requests to
the. server while DNS servers send responses to the client.
o Client requests contain a name which is converted into an IP address known as a
forward DNS lookups while requests containing an IP address which is converted into
a name known as reverse DNS lookups.
o DNS implements a distributed database to store the name of all the hosts available
on the internet.
o If a client like a web browser sends a request containing a hostname, then a piece of
software such as DNS resolver sends a request to the DNS server to obtain the IP
address of a hostname. If DNS server does not contain the IP address associated
with a hostname, then it forwards the request to another DNS server. If IP address
has arrived at the resolver, which in turn completes the request over the internet
protocol.

FTP
o FTP stands for File transfer protocol.
o FTP is a standard internet protocol provided by TCP/IP used for transmitting the files
from one host to another.
o It is mainly used for transferring the web page files from their creator to the
computer that acts as a server for other computers on the internet.
o It is also used for downloading the files to computer from other servers.

Objectives of FTP
o It provides the sharing of files.
o It is used to encourage the use of remote computers.
o It transfers the data more reliably and efficiently.

Why FTP?
Although transferring files from one system to another is very simple and straightforward,
but sometimes it can cause problems. For example, two systems may have different file
conventions. Two systems may have different ways to represent text and data. Two
systems may have different directory structures. FTP protocol overcomes these problems by
establishing two connections between hosts. One connection is used for data transfer, and
another connection is used for the control connection.

Mechanism of FTP
The above figure shows the basic model of the FTP. The FTP client has three components:
the user interface, control process, and data transfer process. The server has two
components: the server control process and the server data transfer process.

There are two types of connections in FTP:

 o Control Connection: The control connection uses very simple rules for
communication. Through control connection, we can transfer a line of command or
line of response at a time. The control connection is made between the control
processes. The control connection remains connected during the entire interactive
FTP session.
o Data Connection: The Data Connection uses very complex rules as data types may
vary. The data connection is made between data transfer processes. The data
connection opens when a command comes for transferring the files and closes when
the file is transferred.

FTP Clients
o FTP client is a program that implements a file transfer protocol which allows you to
transfer files between two hosts on the internet.
o It allows a user to connect to a remote host and upload or download the files.
o It has a set of commands that we can use to connect to a host, transfer the files
between you and your host and close the connection.
o The FTP program is also available as a built-in component in a Web browser. This
GUI based FTP client makes the file transfer very easy and also does not require to
remember the FTP commands.

Advantages of FTP:
o Speed: One of the biggest advantages of FTP is speed. The FTP is one of the fastest
way to transfer the files from one computer to another computer.
o Efficient: It is more efficient as we do not need to complete all the operations to get
the entire file.
o Security: To access the FTP server, we need to login with the username and
password. Therefore, we can say that FTP is more secure.
 o Back & forth movement: FTP allows us to transfer the files back and forth.
Suppose you are a manager of the company, you send some information to all the
employees, and they all send information back on the same server.

Disadvantages of FTP:
o The standard requirement of the industry is that all the FTP transmissions should be
encrypted. However, not all the FTP providers are equal and not all the providers
offer encryption. So, we will have to look out for the FTP providers that provides
encryption.
o FTP serves two operations, i.e., to send and receive large files on a network.
However, the size limit of the file is 2GB that can be sent. It also doesn't allow you to
run simultaneous transfers to multiple receivers.
o Passwords and file contents are sent in clear text that allows unwanted
eavesdropping. So, it is quite possible that attackers can carry out the brute force
attack by trying to guess the FTP password.
o It is not compatible with every system.

SMTP
o SMTP stands for Simple Mail Transfer Protocol.
o SMTP is a set of communication guidelines that allow software to transmit an
electronic mail over the internet is called Simple Mail Transfer Protocol.
o It is a program used for sending messages to other computer users based on e-mail
addresses.
o It provides a mail exchange between users on the same or different computers, and
it also supports:
o It can send a single message to one or more recipients.
o Sending message can include text, voice, video or graphics.
o It can also send the messages on networks outside the internet.
o The main purpose of SMTP is used to set up communication rules between servers.
The servers have a way of identifying themselves and announcing what kind of
communication they are trying to perform. They also have a way of handling the
errors such as incorrect email address. For example, if the recipient address is
wrong, then receiving server reply with an error message of some kind.

Components of SMTP
o First, we will break the SMTP client and SMTP server into two components such as
user agent (UA) and mail transfer agent (MTA). The user agent (UA) prepares the
message, creates the envelope and then puts the message in the envelope. The mail
transfer agent (MTA) transfers this mail across the internet.

o SMTP allows a more complex system by adding a relaying system. Instead of just
having one MTA at sending side and one at receiving side, more MTAs can be added,
acting either as a client or server to relay the email.
 o The relaying system without TCP/IP protocol can also be used to send the emails to
users, and this is achieved by the use of the mail gateway. The mail gateway is a
relay MTA that can be used to receive an email.

Working of SMTP
 1. Composition of Mail: A user sends an e-mail by composing an electronic mail
message using a Mail User Agent (MUA). Mail User Agent is a program which is used
to send and receive mail. The message contains two parts: body and header. The
body is the main part of the message while the header includes information such as
the sender and recipient address. The header also includes descriptive information
such as the subject of the message. In this case, the message body is like a letter
and header is like an envelope that contains the recipient's address.
2. Submission of Mail: After composing an email, the mail client then submits the
completed e-mail to the SMTP server by using SMTP on TCP port 25.
3. Delivery of Mail: E-mail addresses contain two parts: username of the recipient and
domain name. For example, [email protected], where "vivek" is the username of the
recipient and "gmail.com" is the domain name.
If the domain name of the recipient's email address is different from the sender's
domain name, then MSA will send the mail to the Mail Transfer Agent (MTA). To
relay the email, the MTA will find the target domain. It checks the MX record from
Domain Name System to obtain the target domain. The MX record contains the
domain name and IP address of the recipient's domain. Once the record is located,
MTA connects to the exchange server to relay the message.
4. Receipt and Processing of Mail: Once the incoming message is received, the
exchange server delivers it to the incoming server (Mail Delivery Agent) which stores
the e-mail where it waits for the user to retrieve it.
5. Access and Retrieval of Mail: The stored email in MDA can be retrieved by using
MUA (Mail User Agent). MUA can be accessed by using login and password.

6. GetNextRequest: The GetNextRequest message is sent from the manager to agent

to retrieve the value of a variable. This type of message is used to retrieve the
values of the entries in a table. If the manager does not know the indexes of the
entries, then it will not be able to retrieve the values. In such situations,
GetNextRequest message is used to define an object.

7. GetResponse: The GetResponse message is sent from an agent to the manager in

response to the GetRequest and GetNextRequest message. This message contains
the value of a variable requested by the manager.

8. SetRequest: The SetRequest message is sent from a manager to the agent to set a

value in a variable.

9. Trap: The Trap message is sent from an agent to the manager to report an event.
For example, if the agent is rebooted, then it informs the manager as well as sends
the time of rebooting.

HTTP
 o HTTP stands for HyperText Transfer Protocol.
o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency that
allows us to use in a hypertext environment where there are rapid jumps from one
document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another host.
But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no control
connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to the
server and from server to the client. SMTP messages are stored and forwarded while
HTTP messages are delivered immediately.

Features of HTTP:
o Connectionless protocol: HTTP is a connectionless protocol. HTTP client initiates a
request and waits for a response from the server. When the server receives the
request, the server processes the request and sends back the response to the HTTP
client after which the client disconnects the connection. The connection between
client and server exist only during the current request and response time only.
o Media independent: HTTP protocol is a media independent as data can be sent as
long as both the client and server know how to handle the data content. It is
required for both the client and server to specify the content type in MIME-type
header.
o Stateless: HTTP is a stateless protocol as both the client and server know each
other only during the current request. Due to this nature of the protocol, both the
client and server do not retain the information between various requests of the web
pages.

HTTP Transactions
The above figure shows the HTTP transaction between client and server. The client initiates
a transaction by sending a request message to the server. The server replies to the request
message by sending a response message.

Messages
HTTP messages are of two types: request and response. Both the message types follow the
same message format.

Request Message: The request message is sent by the client that consists of a request
line, headers, and sometimes a body.

next →← prev

HTTP
 o HTTP stands for HyperText Transfer Protocol.
o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its efficiency
that allows us to use in a hypertext environment where there are rapid jumps
from one document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to another
host. But, HTTP is simpler than FTP as HTTP uses only one connection, i.e., no
control connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and server. The
HTTP differs from the SMTP in the way the messages are sent from the client to
the server and from server to the client. SMTP messages are stored and
forwarded while HTTP messages are delivered immediately.

Features of HTTP:
o Connectionless protocol: HTTP is a connectionless protocol. HTTP client initiates
a request and waits for a response from the server. When the server receives the
request, the server processes the request and sends back the response to the
HTTP client after which the client disconnects the connection. The connection
between client and server exist only during the current request and response time
only.
o Media independent: HTTP protocol is a media independent as data can be sent
as long as both the client and server know how to handle the data content. It is
required for both the client and server to specify the content type in MIME-type
header.
o Stateless: HTTP is a stateless protocol as both the client and server know each
other only during the current request. Due to this nature of the protocol, both the
client and server do not retain the information between various requests of the
web pages.

HTTP Transactions
The above figure shows the HTTP transaction between client and server. The client
initiates a transaction by sending a request message to the server. The server replies to
the request message by sending a response message.

Messages
HTTP messages are of two types: request and response. Both the message types follow
the same message format.

Request Message: The request message is sent by the client that consists of a request
line, headers, and sometimes a body.
Response Message: The response message is sent by the server to the client that
consists of a status line, headers, and sometimes a body.

Uniform Resource Locator (URL)

o A client that wants to access the document in an internet needs an address and to
facilitate the access of documents, the HTTP uses the concept of Uniform
Resource Locator (URL).
o The Uniform Resource Locator (URL) is a standard way of specifying any kind of
information on the internet.
o The URL defines four parts: method, host computer, port, and path.
 o Method: The method is the protocol used to retrieve the document from a server.
For example, HTTP.
o Host: The host is the computer where the information is stored, and the
computer is given an alias name. Web pages are mainly stored in the computers
and the computers are given an alias name that begins with the characters
"www". This field is not mandatory.
o Port: The URL can also contain the port number of the server, but it's an optional
field. If the port number is included, then it must come between the host and
path and it should be separated from the host by a colon.
o Path: Path is the pathname of the file where the information is stored. The path
itself contain slashes that separate the directories from the subdirectories and
files.

Computer Network Security

Computer network security consists of measures taken by business or some organizations
to monitor and prevent unauthorized access from the outside attackers.

Different approaches to computer network security management have different

requirements depending on the size of the computer network. For example, a home office
requires basic network security while large businesses require high maintenance to prevent
the network from malicious attacks.

Network Administrator controls access to the data and software on the network. A network
administrator assigns the user ID and password to the authorized person.

Aspects of Network Security:

Following are the desirable properties to achieve secure communication:
 o Privacy: Privacy means both the sender and the receiver expects confidentiality.
The transmitted message should be sent only to the intended receiver while the
message should be opaque for other users. Only the sender and receiver should be
able to understand the transmitted message as eavesdroppers can intercept the
message. Therefore, there is a requirement to encrypt the message so that the
message cannot be intercepted. This aspect of confidentiality is commonly used to
achieve secure communication.
o Message Integrity: Data integrity means that the data must arrive at the receiver
exactly as it was sent. There must be no changes in the data content during
transmission, either maliciously or accident, in a transit. As there are more and more
monetary exchanges over the internet, data integrity is more crucial. The data
integrity must be preserved for secure communication.
o End-point authentication: Authentication means that the receiver is sure of the
sender?s identity, i.e., no imposter has sent the message.
o Non-Repudiation: Non-Repudiation means that the receiver must be able to prove
that the received message has come from a specific sender. The sender must not
deny sending a message that he or she send. The burden of proving the identity
comes on the receiver. For example, if a customer sends a request to transfer the
money from one account to another account, then the bank must have a proof that
the customer has requested for the transaction.

Privacy
The concept of how to achieve privacy has not been changed for thousands of years: the
message cannot be encrypted. The message must be rendered as opaque to all the
unauthorized parties. A good encryption/decryption technique is used to achieve privacy to
some extent. This technique ensures that the eavesdropper cannot understand the contents
of the message.

Encryption/Decryption
Encryption: Encryption means that the sender converts the original information into
another form and sends the unintelligible message over the network.

Decryption: Decryption reverses the Encryption process in order to transform the message

back to the original form.

The data which is to be encrypted at the sender site is known as plaintext, and the
encrypted data is known as ciphertext. The data is decrypted at the receiver site.

There are two types of Encryption/Decryption techniques:

o Privacy with secret key Encryption/Decryption

o Privacy with public key Encryption/Decryption

Secret Key Encryption/Decryption technique

o In Secret Key Encryption/Decryption technique, the same key is used by both the
parties, i.e., the sender and receiver.
o The sender uses the secret key and encryption algorithm to encrypt the data; the
receiver uses this key and decryption algorithm to decrypt the data.
o In Secret Key Encryption/Decryption technique, the algorithm used for encryption is
the inverse of the algorithm used for decryption. It means that if the encryption
 algorithm uses a combination of addition and multiplication, then the decryption
algorithm uses a combination of subtraction and division.
o The secret key encryption algorithm is also known as symmetric encryption
algorithm because the same secret key is used in bidirectional communication.
o In secret key encryption/decryption algorithm, the secret code is used by the
computer to encrypt the information before it is sent over the network to another
computer.
o The secret key requires that we should know which computers are talking to each
other so that we can install the key on each computer.

Data Encryption Standard (DES)

o The Data Encryption Standard (DES) was designed by IBM and adopted by the U.S.
government as the standard encryption method for nonmilitary and nonclassified
use.
o The Data Encryption Standard is a standard used for encryption, and it is a form of
Secret Key Cryptography.

Advantage
Efficient: The secret key algorithms are more efficient as it takes less time to encrypt the
message than to encrypt the message by using a public key encryption algorithm. The
reason for this is that the size of the key is small. Due to this reason, Secret Key Algorithms
are mainly used for encryption and decryption.

Disadvantages of Secret Key Encryption

The Secret Key Encryption/Decryption has the following disadvantages:

o Each pair of users must have a secret key. If the number of people wants to use this
method in the world is N, then there are N(N-1)/2 secret keys. For example, for one
million people, then there are half billion secret keys.
o The distribution of keys among different parties can be very difficult. This problem
can be resolved by combining the Secret Key Encryption/Decryption with the Public
Key Encryption/Decryption algorithm.

Public Key Encryption/Decryption technique

o There are two keys in public key encryption: a private key and a public key.
o The private key is given to the receiver while the public key is provided to the public.
In the above figure, we see that A is sending the message to user B. 'A' uses the public key
to encrypt the data while 'B' uses the private key to decrypt the data.

o In public key Encryption/Decryption, the public key used by the sender is different
from the private key used by the receiver.
o The public key is available to the public while the private key is kept by each
individual.
o The most commonly used public key algorithm is known as RSA.

Advantages of Public Key Encryption

o The main restriction of private key encryption is the sharing of a secret key. A third
party cannot use this key. In public key encryption, each entity creates a pair of
keys, and they keep the private one and distribute the public key.
o The number of keys in public key encryption is reduced tremendously. For example,
for one million users to communicate, only two million keys are required, not a half-
billion keys as in the case of secret key encryption.

Disadvantages of Public Key Encryption

 o Speed: One of the major disadvantage of the public-key encryption is that it is
slower than secret-key encryption. In secret key encryption, a single shared key is
used to encrypt and decrypt the message which speeds up the process while in
public key encryption, different two keys are used, both related to each other by a
complex mathematical process. Therefore, we can say that encryption and
decryption take more time in public key encryption.
o Authentication: A public key encryption does not have a built-in authentication.
Without authentication, the message can be interpreted or intercepted without the
user's knowledge.
o Inefficient: The main disadvantage of the public key is its complexity. If we want
the method to be effective, large numbers are needed. But in public key encryption,
converting the plaintext into ciphertext using long keys takes a lot of time.
Therefore, the public key encryption algorithms are efficient for short messages not
for long messages.

Differences b/w Secret Key Encryption & Public Key

Encryption

Basis for Secret Key Encryption Public Key Encryption

Comparison

Define Secret Key Encryption is defined as the Public Key Encryption is define
technique that uses a single shared key to that uses two different keys fo
encrypt and decrypt the message. decryption.

Efficieny It is efficient as this technique is It is inefficient as this techniqu

recommended for large amounts of text. short messages.

Other name It is also known as Symmetric Key encryption. It is also known as Asymmetri

Speed Its speed is high as it uses a single key for Its speed is slow as it uses two
encryption and decryption. both keys are related to each
complicated mathematical pro

Algorithms The Secret key algorithms are DES, 3DES, AES The Public key algorithms are
& RCA.

Purpose The main purpose of the secret key algorithm The main purpose of the publi
 is to transmit the bulk data. share the keys securely.

Digital Signature
The Digital Signature is a technique which is used to validate the authenticity and integrity
of the message. We know that there are four aspects of security: privacy, authentication,
integrity, and non-repudiation. We have already discussed the first aspect of security and
other three aspects can be achieved by using a digital signature.

The basic idea behind the Digital Signature is to sign a document. When we send a
document electronically, we can also sign it. We can sign a document in two ways: to sign a
whole document and to sign a digest.

Signing the Whole Document

o In Digital Signature, a public key encryption technique is used to sign a document.
However, the roles of a public key and private key are different here. The sender
uses a private key to encrypt the message while the receiver uses the public key of
the sender to decrypt the message.
o In Digital Signature, the private key is used for encryption while the public key is
used for decryption.
o Digital Signature cannot be achieved by using secret key encryption.
Digital Signature is used to achieve the following three aspects:
o Integrity: The Digital Signature preserves the integrity of a message because, if any
malicious attack intercepts a message and partially or totally changes it, then the
decrypted message would be impossible.
o Authentication: We can use the following reasoning to show how the message is
authenticated. If an intruder (user X) sends a message pretending that it is coming
from someone else (user A), user X uses her own private key to encrypt the
message. The message is decrypted by using the public key of user A. Therefore this
makes the message unreadable. Encryption with X's private key and decryption with
A's public key results in garbage value.
o Non-Repudiation: Digital Signature also provides non-repudiation. If the sender
denies sending the message, then her private key corresponding to her public key is
tested on the plaintext. If the decrypted message is the same as the original
message, then we know that the sender has sent the message.

Note: Digital Signature does not provide privacy. If there is a need for privacy, then another
layer of encryption/decryption is applied.

Signing the Digest

o Public key encryption is efficient if the message is short. If the message is long, a
public key encryption is inefficient to use. The solution to this problem is to let the
sender sign a digest of the document instead of the whole document.
o The sender creates a miniature version (digest) of the document and then signs it,
the receiver checks the signature of the miniature version.
o The hash function is used to create a digest of the message. The hash function
creates a fixed-size digest from the variable-length message.
o The two most common hash functions used: MD5 (Message Digest 5) and SHA-1
(Secure Hash Algorithm 1). The first one produces 120-bit digest while the second
one produces a 160-bit digest.
o A hash function must have two properties to ensure the success:
o First, the digest must be one way, i.e., the digest can only be created from
the message but not vice versa.
o Second, hashing is a one-to-one function, i.e., two messages should not
create the same digest.

Following are the steps taken to ensure security:

 o The miniature version (digest) of the message is created by using a hash function.
o The digest is encrypted by using the sender's private key.
o After the digest is encrypted, then the encrypted digest is attached to the original
message and sent to the receiver.
o The receiver receives the original message and encrypted digest and separates the
two. The receiver implements the hash function on the original message to create
the second digest, and it also decrypts the received digest by using the public key of
the sender. If both the digests are same, then all the aspects of security are
preserved.

At the Sender site

At the Receiver site

PGP
o PGP stands for Pretty Good Privacy (PGP) which is invented by Phil Zimmermann.
o PGP was designed to provide all four aspects of security, i.e., privacy, integrity,
authentication, and non-repudiation in the sending of email.
o PGP uses a digital signature (a combination of hashing and public key encryption) to
provide integrity, authentication, and non-repudiation. PGP uses a combination of
secret key encryption and public key encryption to provide privacy. Therefore, we
can say that the digital signature uses one hash function, one secret key, and two
private-public key pairs.
o PGP is an open source and freely available software package for email security.
o PGP provides authentication through the use of Digital Signature.
o It provides confidentiality through the use of symmetric block encryption.
o It provides compression by using the ZIP algorithm, and EMAIL compatibility using
the radix-64 encoding scheme.

Following are the steps taken by PGP to create secure e-mail at

the sender site:
o The e-mail message is hashed by using a hashing function to create a digest.
 o The digest is then encrypted to form a signed digest by using the sender's private
key, and then signed digest is added to the original email message.
o The original message and signed digest are encrypted by using a one-time secret
key created by the sender.
o The secret key is encrypted by using a receiver's public key.
o Both the encrypted secret key and the encrypted combination of message and digest
are sent together.

PGP at the Sender site (A)

Following are the steps taken to show how PGP uses hashing
and a combination of three keys to generate the original
message:
o The receiver receives the combination of encrypted secret key and message digest is
received.
o The encrypted secret key is decrypted by using the sender's private key to get the
one-time secret key.
o The secret key is then used to decrypt the combination of message and digest.
o The digest is decrypted by using the sender's public key, and the original message is
hashed by using a hash function to create a digest.
 o Both the digests are compared if both of them are equal means that all the aspects
of security are preserved.

PGP at the Receiver site (B)

Disadvantages of PGP Encryption

o The Administration is difficult: The different versions of PGP complicate the
administration.
o Compatibility issues: Both the sender and the receiver must have compatible
versions of PGP. For example, if you encrypt an email by using PGP with one of the
encryption technique, the receiver has a different version of PGP which cannot read
the data.
o Complexity: PGP is a complex technique. Other security schemes use symmetric
encryption that uses one key or asymmetric encryption that uses two different keys.
PGP uses a hybrid approach that implements symmetric encryption with two keys.
 PGP is more complex, and it is less familiar than the traditional symmetric or
asymmetric methods.
o No Recovery: Computer administrators face the problems of losing their passwords.
In such situations, an administrator should use a special program to retrieve
passwords. For example, a technician has physical access to a PC which can be used
to retrieve a password. However, PGP does not offer such a special program for
recovery; encryption methods are very strong so, it does not retrieve the forgotten
passwords results in lost messages or lost files.