Home/Encyclopedia/PGP

PGP / GPG

Pretty Good Privacy

15 min read Updated 2024

What Is PGP?

PGP (Pretty Good Privacy) enables encrypted email and file encryption using public key cryptography. GPG (GNU Privacy Guard) is the free, open-source implementation of the OpenPGP standard.

How It Works

Sending Encrypted Email
1. Alice gets Bob's public key
2. Alice encrypts message with Bob's public key
3. Only Bob's private key can decrypt
4. Alice signs with her private key
5. Bob verifies signature with Alice's public key

Result: Confidential + Authenticated

Key Concepts

Key Pair

Public key (share) + Private key (protect)

Foundation

Fingerprint

Unique hash to verify key authenticity

Verification

Web of Trust

Decentralized key verification via signatures

Trust Model

Subkeys

Separate keys for signing/encryption

Best Practice

Basic GPG Commands

Terminal
$ gpg --gen-key # Generate key pair
$ gpg --export -a "Name" # Export public key
$ gpg --import key.asc # Import someone's key
$ gpg -e -r Bob file.txt # Encrypt for Bob
$ gpg -d file.txt.gpg # Decrypt
$ gpg --sign file.txt # Sign file

PGP Challenges

UsabilityComplex for average users
Metadata ExposureSubject, sender, recipient visible
No Forward SecrecyKey compromise exposes past messages