PGP encryption is the gold standard for encrypted communications and has been used by everyone from nuclear activists to criminals since its invention in 1991. Although the execution is complex, the concept is simple: you can encrypt, or encode, text, making it unreadable by anyone who doesn’t have the key decoding.
How does PGP encryption work?
Imagine you want to send a letter to someone, but you don’t want anyone but the recipient to be able to read it. The best way to do this is to write the letters in the code, but you can’t send the code key along with the letter, because it’s not very secure. PGP encryption gets around this problem by using public key encryption. Everyone is assigned two keys: a public one that you can share with everyone and a private one that you keep for yourself. What makes this system possible is that the codes only work in one way. If key A encrypts a file, key A cannot reverse the process and decode it. Only its pair, the key B, can do this. Here’s how it usually works:
- Write your message.
- Find your friend’s public key. He can email it to you, put it on a website, etc.
- Run a computer program that uses the public key to convert the message into code.
- Send a message. Anyone who intercepts that message and opens it will see a collection of obscure symbols.
- Your friend receives the message and runs it through his private key to decode it, turning it back into plain text.
- This is a greatly simplified explanation of the process, but covers the basics behind PGP encryption.
What can PGP encryption be used for?
PGP is most commonly used for email encryption, and there are many services that will help you with this. ProtonMail is a great example of an encrypted email service that uses full end-to-end encryption. In addition, you can use this encryption method for a lot of things, depending on your needs: for example, PGP can encrypt any text you need, and can even be used on entire directories and drives.
Investigative journalists often list their public keys online to make it easier for anonymous sources to get in touch with them, and sellers on “Dark Web” markets often use them to ensure that their customers’ personal information remains secret.
How to start using PGP?
Getting your own pair of keys is actually a lot easier than it sounds. You don’t need to understand anything about cryptography. You just need to come up with a few simple programs.
To begin, install an encryption program
Download Gpg4win. This is a free set of coding packages and tools, although you can donate a certain amount of money if you wish. For macOS, check out GPG Suite. You can also add PGP to Linux. Since I am using a Windows operating system, I will go through the setup for Windows in the rest of this article.
- Install Gpg4win. Make sure GnuPG, the material coding package and Kleopatra are installed, i.e. a pleasant user interface. Other components are optional, but it can’t hurt to have them.
How to create encryption keys?
- Once everything is installed, find the Kleopatra program on your computer and open it.
- Go to the “File” tab and select “New Key Pair”. Or select “New key pair” on the “Certificates” tab. The second option is only available when you use the tool for the first time.
- Since you want PGP keys, select “Create a personal OpenPGP key pair”.
- If you want to attach your key to your identity, real or fake, you can enter that information here. Otherwise, you can skip this step. If you want to protect your key with encryption, which is more secure, check the box “Protect the generated key with a passphrase”.
- In the same dialog, visit “Advanced Settings” and make sure “RSA” is selected. Change the default 2048 to 4096; this level of encryption makes your encryption pretty much impenetrable and doesn’t really slow you down during normal use.
- Click “OK” to exit this settings menu, then click “Create” to start generating the key. The program now generates thousands of random characters to create your keys and will ask you for encryption. Make sure you remember this, it’s best to write it down somewhere, because you won’t be able to get it back. It is best to use a password manager to back up your codes. If you did not check the password box in step 4, you will not be asked to enter the encryption or password.
- You now have a public and private key. If you want, you can back them up in a separate file somewhere, or you can email/publicly share your public key.
How to make a backup copy and how to be able to view your own security keys?
- You can generate a file with your public key by right-clicking the key and clicking “Export”. There are several ways to view your public key, but this makes it easy to access it whenever you want, without having to use Cleopatra.
- Choose where you want to save the file (it will be saved as an .asc ASCII file.)
- Open any text editing application, such as Notepad. Any application that supports .asc files will serve the purpose.
If you are using Notepad, go to “File” and select “Open”. Navigate to your file to view it. You may need to select “All Files” in the lower right corner. Alternatively, navigate to your file in File Explorer, right-click on it and select “Open with”. Select the application you want to use.
Open the file with a text editor and you will see your own, your own public key. You can export your private key by following the same procedure, except in step 1 you select “Security Secret Keys” instead of “Export”. Make sure you store it in a safe place or just keep it in Cleopatra; from there it will be available for use. These public and private keys can be used with any program that works with PGP, and Cleopatra can actually encrypt and decrypt files using your keys. If you want to try them out and see how it all works, try encrypting a text file with your public key and decrypting it with your private key. Use the Sign/Encrypt and Decrypt/Verify options in Cleopatra.
Written by: Zlatko Knežević