12-09-2023, 03:09 AM
You might have seen PGP or GPG keys floating around in profiles or forum posts. Here's a crash course for the noobs and a (high-level) refresher for the grizzled veterans among us.
PGP Basics:
PGP (Pretty Good Privacy) and its open-source cousin, GPG (GNU Privacy Guard), are all about encrypting your digital messages. The core of PGP encryption lies in key pairs: a public key and a private key.
Public and Private Keys:
Your public key is like a padlock; anyone can use it to lock (encrypt) a message for you. But the magic happens with your private key – it's the only key that can unlock (decrypt) that message. Share your public key openly, but guard your private key like your life depends on it.
PGP, OpenPGP, and GPG:
PGP kicked off this encryption party in the early '90s. OpenPGP is the standard that evolved from PGP, while GPG is the modern, open-source version you'll bump into most often.
PGP Tools and How-to:
You've got options when it comes to PGP tools. Here's the deal:
Using PGP:
Conclusion:
PGP is your way to stay private in a world of open comms. Keep your private keys safe, and you can have secure conversations anywhere.
TL;DR:
PGP Basics:
PGP (Pretty Good Privacy) and its open-source cousin, GPG (GNU Privacy Guard), are all about encrypting your digital messages. The core of PGP encryption lies in key pairs: a public key and a private key.
Public and Private Keys:
Your public key is like a padlock; anyone can use it to lock (encrypt) a message for you. But the magic happens with your private key – it's the only key that can unlock (decrypt) that message. Share your public key openly, but guard your private key like your life depends on it.
PGP, OpenPGP, and GPG:
PGP kicked off this encryption party in the early '90s. OpenPGP is the standard that evolved from PGP, while GPG is the modern, open-source version you'll bump into most often.
PGP Tools and How-to:
You've got options when it comes to PGP tools. Here's the deal:
- GPG Command Line: For the terminal lovers, GPG is your go-to. Install it using your favorite package manager (Linux, MacOS, Windows).
- ProtonMail: Already using ProtonMail? Congrats, you're in the PGP game. ProtonMail automates PGP encryption for both internal and external comms.
- GPGTools for Apple Mail: Mac users, check out GPGTools to integrate GPG with your Apple Mail.
- Keybase: A decent way to share your keys, but be mindful of your opsec, especially if you have something to hide. Also has a messenger client.
Using PGP:
- Install your chosen PGP tool and generate your key pair.
- Securely back up your keys. (Literally just don't lose them)
- Share your public key with targets for encrypted conversations. (Don't send your private key, duh)
- Add your target's public key to your PGP tool to encrypt messages they can decrypt. (The message is like a box that requires two keys to open, so you need their public key and they need their own private key. The same is true when responding)
- Encrypt your message using their public key, paste it into any platform (like Gmail), and send it off. It'll be a jumble of characters to anyone but your target because it's encrypted. Obviously.
- Decrypt messages from them using your private key.
Conclusion:
PGP is your way to stay private in a world of open comms. Keep your private keys safe, and you can have secure conversations anywhere.
TL;DR:
- Get your accomplices' public keys and give them yours.
- Everyone write and encrypt and sign with their own private keys and send the encrypted message.
- Use their public keys to decrypt the messages from them.
- ???
- Profit
