Understanding PGP Encryption | Creating a key-pair using gpg4win on Windows
So, the first question that everyone must be having in their minds is what exactly is PGP?
PGP stands for Pretty Good Privacy and it is one of the most widely used email encryption systems in the world. When you send messages using PGP encryption, no one can intercept and read your message in transit.
Well, PGP is an encryption program that provides cryptographic privacy and authentication for data communication. It is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions to increase the security of e-mail communications and sensitive files being sent. In essence, it allows you to send files and messages securely over the internet without them being intercepted and deciphered.
Another term you may come across regarding PGP encryption is RSA. RSA (Rivest–Shamir–Adleman) is a public-key cryptosystem(asymmetric algorithm) that is widely used for secure data transmission. In a public-key cryptosystem, the encryption key is public and the decryption key is kept secret (private). An RSA user creates and publishes a public key based on two large prime numbers, along with an auxiliary value. The prime numbers are kept secret and messages can be encrypted by anyone, via the public key, but can only be decoded by someone who knows the prime numbers.
The public key is given to everyone else who is sending you messages and the private key is kept private with you so that you can decrypt those messages that were sent to you or encrypt them with your public key. It essentially means that you give out your public key to people who want to send you messages or who are going to send you messages and they encrypt the message with your public key. When they send the encrypted message to you, you are the only one who can decrypt it because you have the corresponding private key.
Now, we’ll see how we can create a key-pair using gpg4win on Windows 10
Gpg4win is an installation package for Windows with computer programs and handbooks for e-mail and file encryption. It includes the GnuPG(the actual encryption software), Kleopatra(central certificate administration of Gpg4win, which ensures uniform user navigation for all cryptographic operations), GNU Privacy Assistant(alternative program for managing certificates, in addition to Kleopatra), GnuPG for Outlook(extension for Microsoft Outlook, which is used to sign and encrypt messages), GPG Explorer eXtension(extension for Windows Explorer which can be used to sign and encrypt files using the context menu), Claws Mail(full e-mail program that offers very good support for GnuPG).
At the time of writing, I will be demonstrating using Gpg4win 3.1.6. In your case, it may be a later version but the majority of the things will be the same.
- Download the latest setup for free from here.
- After downloading, click on install and a setup wizard launches up. Check whatever you want to install or just for the sake of this tutorial, keep the defaults as it is.
- After finishing the setup, run Kleopatra which will allow us to generate our key pairs and also manage them in a nice graphical user interface.
- Now, to create a new key pair. Go to File -> New Key Pair or just type Ctrl+N.
- Choose Create a personal OpenPGP key pair and click on Next.
6. Fill in your details(Name and e-mail), which are optional but preferred. Do check the text-box which says to Protect the generated key with a passphrase, for an added layer of security.
7. You may click on Advanced Settings to see some extra configuration options(you may notice RSA) but here, we will avoid them for this tutorial. 3072 bits is the encryption algorithm strength. You can also see Signing is enabled here, just to verify that the message that has been sent has not been tampered with. Valid-until is used to provide validity to the key pair(by default, it is 1 year)
8. Now, click on OK. It will ask for the passphrase you want to use. Make sure it is secure. A secure passphrase requires at least 1 number or special character.
9. Congrats, your key pair is created and now you can look into the Next steps if you want to do those things.
10. It will now appear in the Certificates section.
Thanks for reading, If you liked it, a 👏 will be appreciated. Have a nice day!