PGP stands for Pretty Good Privacy – encryption software which uses a combination of hashing, symmetric-key and public-key cryptography for secure data communication. The first version of PGP was created in 1991 by Phil Zimmermann. Read more about PGP in Wikipedia.
How it works in simple words
PGP works by creating a key pair – public and private. Public key is shared among the senders and used to encrypt messages/files. Private key is used to decrypt emails and files encrypted with the public key. For example, Mike wants to receive an encrypted email from Joe. For this, Mike creates a key pair and shares his public key with Joe. Then Joe creates a message, encrypt it with Mike’s public key and sends it. Mike receives an encrypted message and decrypts it with his private key.
How encrypted email looks like?
On the Picture 1 below you can see how encrypted email sent to Gmail looks like. This email consist of two parts – one part is not encrypted and another part is encrypted. One cannot know the content of encrypted part without private key of the intended recipient.
Sending an encrypted email
Before one can send an encrypted email to you, you need to create a key pair – public and private key. The easiest way to do this is by using PGPTool. PGPTool is a java based desktop application which is capable of creating key pairs, encrypting and decrypting message and files.
Creating a key pair
- Download and install PGPTool from: https://pgptool.github.io/
- Create key pair like it shown on the Picture 2 and 3 by going to “Key Ring” > “Create PGP Key”
Enter your name, e-mail address and passphrase. Passphrase will be prompted to decrypted message with the private key.
Share Public Key with the senders
Navigate to “Key ring” in order to copy your public key – Picture 4.
Your Public Key will look something like this. We will use this public key to send encrypted email to our imaginary Bob Johnson.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: BCPG v1.63
-----END PGP PUBLIC KEY BLOCK-----
Public key CAN be shared. Simply send it to anybody who wants to send you an encrypted message or file. You can publish your public key in your blog or website, so that people do not need to ask you for the key every time.
Sending an encrypted message
Ok, let’s send our first encrypted email. We will use Public Key we have just created for Bob Johnson and imagine that we want to send an encrypted e-mail to Bob Johnson. First, we need to import public key of the recipient to the PGPTool.
- Copy public key to clipboard (Ctrl+C).
- Import public key into PGPTool – Picture 5 and 6.
3. Encrypt the message with public key
Now we can encrypt our message with Bob Johnson’s public key (Picture 7) and send it in a plain text via any email service provider. Once Bob receives it, he will use his private key to decrypt the message and read it. For encryption go to Text > Select Recipients > Enter message > Press “Encrypt” > Copy encrypted message to clipboard.
When Bob receives the email containing that weird message, he will know that it’s an encrypted and should be decrypted with his private key. The process is shown on Picture 8.
If the passphrase was entered correctly, the original message will show up in the “Decryption result” part of the window (Picture 9). Passphrase is important because it ensures that only authorized person has access to the private key. Otherwise anyone who has the private key can decrypt.
We have learned how to send and encrypted email. And you can use same software and technique to encrypt regular files as well (we describe it in this article). Let’s summarize sending/receiving of encrypted e-mail.
- Create key pair.
- Obtain public key of the recipient.
- Encrypt your message with the recipient’s public key.
- Attach your public key to the email so that recipient can reply back to you with the encrypted message.
- Send message.
- Decrypt reply with your private key.