Secure your files: An introduction to GnuPG
GnuPG allows you to encrypt data so only the intended recipient, with a key and a password, can decrypt it. It also provides a mechanism for verifying data is from the person who has claimed to send it. GnuPG can also provide a way for you to securely prevent your files from being opened without authorisation (at a US border, for example).
GnuPG, in technical terms, utilises a mixture of symmetric-key cryptography and public-key cryptography. This basically means a person generates a pair of keys; one of which is publicly shared and one is not. The publicly shared key is used to people can encrypt data for a specific person whilst the private key is used to decrypt, encrypt and sign data.
If you encrypt data to only be decrypted only by your private key and you carry your private key on another medium of storage, the data you encrypted will be effectively impossible to decipher.
To get started with GnuPG, you must download GnuPG which is free and open-source.
GnuPG is available for effectively all operating systems. After you have downloaded and installed GnuPG, it might be wise to download a graphical interface because it is command line based.
Some GUIs focus on the management of keys, such as the generation of them and storing other people's public keys, whilst others focus on the encrypting/decrypting.
WinPT is a popular Windows option. As for encrypting and decrypting, there are many choices including Enigmail for Thunderbird, FireGPG for Firefox and WinPT also provides facilities to do this.
With a GUI, it is fairly easy to get to grips with GnuPG. Most key managers provide wizards for the generation of keys.
To obtain someone's public key, so you can send data to them securely, you could either ask them or go onto a keyserver such as pgp.mit.edu, copy their key into Notepad and then import it into your key manager.
It is essential to send your keys to keyservers, I would suggest pgp.mit.edu, and this can be done either through the GUI or through exporting your public key and uploading it to these sites. Once you have someone's public key, and you are sure it belongs to them and is not a hoax, you can sign the key inside your key manager and then submit it, so people know that key is authentic.
Key software to get started with GPG
- GnuPG is absolutely necessary. There is a Windows binary available.
- A GUI is also necessary. For Windows users, WinPT is a safe bet.
- If you use Thunderbird, install Enigmail. If you use Firefox, install FireGPG.
If you have installed GPG and would like to try it out, feel free to send me an encrypted email. My email is computerjoe (at) gmail.com and my key is on this page.Advertisement