PGP (Pretty Good Privacy)
PGP or Pretty Good Privacy is software developed for the purpose of providing good, fast and accessible encryption to anyone who might need it.
The first version of PGP was developed by Phil Zimmermann in 1991. Since then and since its simple symmetric key algorithm, PGP has evolved to become an encryption standard for today’s market.
PGP uses what is known as “hybrid encryption” that utilizes the benefits of several different encryption methods in order to provide the best balance between encryption speed and security.
PGP – Encryption
Thanks to its unique encryption method, PGP is now considered a standard in encryption industry.
This is done by first compressing the data to increase the speed at which it can be sent and also to help in preventing pattern attacks. There is a special, temporary session key created for this which allows for a fast encryption of compressed cyphertext.
After the session key is created, it is encrypted using recipient’s public key and sent along with the cyphertext.
Decryption is the same as encryption, done in reverse. The public key decryption which takes a lot of time to perform is instead done on a smaller session key, before it can be used to decipher cyphertext.
This allows for both quick and safe encryption available in the form of freeware.
The downsides of using PGP have more to do with data encryption in general rather than PGP as software.
• The most obvious one is the fact that you need to keep your key private at all costs, since the moment you let somebody else have access to it, means that your information is compromised and can easily be stolen.
• Another thing to worry about is that, due to the fact that PGP has a pre-boot authentication, in the instance of any drive failure or corruption you will have a very hard time salvaging the encrypted data from it.
• And lastly, in case you decide to encrypt your entire drive, you will not be able to create a backup image of it unless you decrypt the entire thing.
PGP – Keys
PGP uses two sorts of keys used to encrypt and decrypt messages:
• PGP public key, used for encrypting and which everyone can see and
• PGP private key, used for decrypting, which only you can see.
So if you want to send someone an encrypted message you have to know their public key, and you can ask them to give you, or you can search for it the at the public PGP market or anywhere on the internet.
The message you are sending is going to be encrypted with the receiver’s public key and when he receives it, he will decrypt it with his private key. This way you are sure that nobody else will be able to decrypt it, even if they know your or the receiver’s public key.
However, when you are using PGP signatures, the process is reversed. Meaning, I will sign my message with my name or pseudonym, encrypt it with my private key and paste it to the document I wish to sign.
The only way to make sure that I really wrote that message is to decrypt it with my public key.
Since PGP Corp was purchased by Symantec, PGP is now available only from Symantec.
However, there are some other tools that might suit the purpose, and one of them is called GPG4Win (GNU Privacy Guard for Windows) and it can be downloaded from here: https://gpg4win.org/download.html
Setting up GPG4Win
- When you download the file and run it, you will be able to choose which of the components you wish to install. Simply select Kleopatra, GpgEX, and Gpg4win Compendium.
- Now that you’ve got the tools, you can easily send your encrypted messages.
I. Generate keypairs
- After you’ve installed everything, open Kleopatra. We will use this software to generate your keypair. Remember, you cannot send a message before you know your receiver’s public key, and vice versa – nobody can send you a message unless you have and share your public PGP key.
- When you open Kleopatra, you’ll see this window:
- Now, click – File – New Certificate and when a new window opens, select – Create a Personal OpenPGP key pair.
- Fill in the information, but before you click Next, there are some additional setting to configure, so click – Advanced Settings.
- Make sure that RSA is checked and choose 4,096 bits; also check if the Signing and Encryption are checked. When you are done, click OK.
- The next Window will ask you to confirm that all of the details are correct, so, when ready, click Create Key.
- This popup will ask you to enter a passphrase. Passphrase is different than the password; it is much longer and it contains both upper and lower case letters and numbers. Make sure you remember the passphrase, or write it down and keep it safe. If you lose it, you’ll never again be able to use your private key and decrypt your messages.
- Your key will then be generated.
- Finally, when your private key pair is created, click Finish.
II. Export public key
- Next thing you want to do is to Export your public key. Select your key and click – Export Certificates. Choose where you want to save it. Don’t forget to add your key to the public market so people can contact you more easily.
III. Preserve private key
- Next step is to preserve your private key. To do that, select your key file once again, right click and then select – Export Secret Keys. Make sure you place it somewhere safe and keep it to yourself.
IV. Import public keys
- To import somebody’s key, simply copy it from the source you’ve obtained it, and paste the whole key including the text —–BEGIN PGP PUBLIC KEY BLOCK—– to —–END PGP PUBLIC KEY BLOCK—
- Then, go to your taskbar, right click on Kleopatra icon and go to Certificate Import – Clipboard
- Press OK when Popup shows.
V. Encrypting a message
- To encrypt a message, type any text in your notepad, copy it, right click on Kleopatra icon, select – Clipboard – Encrypt.
- It will ask you to choose a receiver. Remember, it is important to pick the right one, since your message is going to be encrypted by the receiver’s public key.
- The wizard will lead you all the way through, and you message should look something like this:
VI. Decrypting a message
- When you receive the PGP message, all you should do is copy it, right click on Kleopatra icon, Clipboard – Decrypt/Verify
- A popup will show, asking you to enter your passphrase.
- A window should appear verifying it’s been decrypted and copied to your clipboard. Click Finish.
- Open your notepad or any other text editor and paste your message. It’s that easy!