PGP provides cryptographic privacy and authentication when communicating or transferring data over the Internet. How does it do so? By using public-key cryptography, symmetric-key cryptography and digital signatures.

We share a lot of data in our daily lives, both professionally and personally, and privacy is a top priority. On this matter, PGP is one the most widely used encryption systems worldwide. Let’s see what PGP is and how it can help improve data protection and privacy on the Internet.

What is PGP encryption?

PGP or Pretty Good Privacy is an encryption software combining data compression, hashing, symmetric-key cryptography and public-key cryptography. PGP was developed and published by Philip Zimmermann, a North American computer scientist and cryptographer, in 1991. It was initially made available for download via public FTP, before going international via the Internet.

PGP provides cryptographic authentication and privacy for data communication and transfer. It also supports digital signatures; message authentication — to verify the sender — and integrity checking — to verify that the message has not been altered.

Symmetric-key and public-key encryption

In symmetric-key encryption, both the sender and the recipient have the same key. However, when sending the encryption key between them, the symmetric key must be encrypted using an asymmetric or public-key cryptography system.

Using PGP, data is encrypted so that it can only be decrypted using a public key, which is associated with a username or email address. When PGP compresses the data, a random private key is automatically generated. This public-private key pair keeps data safe, as data can only be decrypted using the private key matching the public key. Although it might seem complex, many current email applications offering PGP make the encryption and decryption process simpler for users.

If you are interested in public-key authentication, our guide to set up SSH keys on Linux might also be helpful.

What is PGP encryption used for?

PGP encryption is used for:

  • Signing, encrypting and decrypting texts, emails, files, directories, etc.
  • Increasing security in email communications.
  • Digitally signing messages as a way of verifying its authenticity.
  • Generating website security certificates.

Due to the importance of PGP encryption, in 1997, the Internet Engineering Task Force (IETF) started a working group to create the OpenPGP standard.

OpenPGP: email encryption standard

OpenPGP is a non-proprietary format for authenticating and encrypting data, and an open email encryption standard, based on the PGP software. It combines symmetric-key cryptography and public-key cryptography to provide security services for communications and data storage.

OpenPGP is available for all major platforms — GNU/Linux, Windows, Mac OS, Android and iOS. It is used for:

  • Email communications and messages encryption.
  • Identity verification using digital signatures.
  • Passwords management.

OpenPGP formats and uses are specified in diverse Proposed Standards: RFC 4880, RFC 3156, RFC 6091, etc.

GPG or GNU Privacy Guard

GPG, GnuPG or GNU Privacy Guard is a free-software encryption program. It is a complete implementation of the OpenPGP standard, compliant with the RFC 4880 standard. As OpenPGP, GNU Privacy Guard combines symmetric-key cryptography and public-key cryptography. GnuPG is part of the GNU Project and available under the GNU General Public License. It was originally developed by Werner Koch, a German free-software developer.

Versions of GNU Privacy Guard

Version Date
GnuPG 1.0 September 1999
GnuPG 1.2 September 2002
GnuPG 1.4 December 2004
GnuPG 2.0 November 2006
GnuPG 2.2 November 2014
GnuPG 2.2.21 July 2020
GnuPG 2.2.22 August 2020
GnuPG 2.2.23 September 2020
GnuPG 2.2.24 November 2020
GnuPG 2.2.25 November 2020
GnuPG 2.2.26 December 2020
GnuPG 2.2.27 January 2021
GnuPG 2.2.33 November 2021
GnuPG 2.3.0 April 2021
GnuPG 2.3.1 April 2021
GnuPG 2.3.2 August 2021
GnuPG 2.3.3 October 2021
GnuPG 2.3.4 December 2021
GnuPG 2.3.5 April 2022
GnuPG 2.3.6 April 2022
GnuPG 2.3.7 July 2022
GnuPG 2.3.8 October 2022
GnuPG 2.4.0 December 2022
GnuPG 2.4.1 April 2023
GnuPG 2.4.2 May 2023
GnuPG 2.4.3 July 2023

Similar Posts