PGP

PGP: Pretty Good Privacy & GNU Privacy Guard #

Pretty Good Privacy #

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.1

PGP is a program that can provide users with tools for encryption through asymmetric encryption with public and private keys.

If you want to know more about how this works, this video explains it well:

GNU Privacy Guard #

GNU Privacy Guard, better known as GnuPG or GPG, is an free and open-source implementation of OpenPGP. Per their website:

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories.2

Because of its open-source nature, it is typically recommended to use GnuPG when using PGP for encryption.

Using PGP/GnuPG #

Using PGP and GnuPG is incredibly simple.

Installation #

To use PGP, we will be installing GnuPG. Many will argue that one should use Linux if you prefer privacy and security due to the closed-source nature of the Windows operating system. However, this depends on your threat model. I highly doubt a major government is actively targeting your communications if you’re on this website.

Windows #

Using GnuPG on Windows is typically recommended to be done using the GPG4Win software suite.

There are other methods to use GPG but this is the preferred method as it will give you access to the full suite and tools such as smartcard usage.

  1. Download and install GPG4Win at https://gpg4win.org/download.html

  2. When selecting components to install, you can deselect every option except for GnuPG (duh) as I will mainly be describing usage on the command line for GPG. If you’re scared of CLI and would rather use a GUI, you can select to install Kleopatra and GpgEX.

  1. If you are not a system administrator, install GPG in your local user directory. (Will install under your home directory, under C:\Users\USERNAME)

  2. Once installed, test installation by opening a new command prompt (or your preferred terminal emulator) and type gpg --version

GPG should now be fully operational.

Linux #

Installation on Linux largely depends on your distribution.

Debian & Debian-based distros (Ubuntu, Mint, etc.) #

Install using apt:

$ apt install gnupg

Arch & Arch-based distros #

Install using pacman:

$ pacman -S gnupg

There is more information on the official Arch wiki page that describes different install configurations (such as swapping pinentry programs).

macOS / OS X #

There are two main methods to install GnuPG on macOS, as per the GnuPG website:

iOS #

Unfortunately, there is no real free method of installing GnuPG on iOS due to the lack of demand for free solutions, and the relatively difficult process of publishing software for iOS.

Creating a Keypair #

Recommendations #

Preparations #

Creating Keypair #

Using a YubiKey/SmartCard #

Currently empty, please refer to drduh’s immensely helpful documentation on this subject.

Encryption, Signing, Authentication #

Encryption and Decryption #

Signing and Verifying #

Authentication #

  1. https://en.wikipedia.org/wiki/Pretty_Good_Privacy ↩︎

  2. https://gnupg.org/ ↩︎