You can’t say that you’ve configured comprehensive security if you don’t know how to work with PGP. This is a very important chapter, and the whole PGP section is one of the most important parts in the course.
PGP (Pretty Good Privacy) is one of the most reliable encryption tools that we will talk about. PGP technology will help you securely encrypt both email and any other text messages.
Nowadays there is no single way to hack data encrypted using PGP. The technology has not shown any serious vulnerabilities, its algorithm is not possible to be hacked roughly even by a modern supercomputer.
You could find in the media information about critical PGP vulnerabilities, but they are not related to encryption reliability, but only with the implementation of PGP for some email clients. We'll talk more about this in the email encryption chapter.
PGP technology not only has the highest cryptographic security, it has another advantage, meaning that it is completely free. Its creator, Philip Zimmerman, laid out the code in open access, many thanks to him for that.
To work with PGP encryption, it is necessary for the software to use PGP to be installed for both interlocutors, and therefore, if your friend / partner / colleague does not yet know about PGP, send them a link to this material.
PGP usage
Initially you will need to create a PGP key. The key is created with the help of a special program, the work with which we will teach you in this section.
I would not like to go into the theory of encryption, but one simple truth you need to remember is that PGP-key is a bunch of public and private keys. With the public key one can only encrypt information, and it can only be decrypted with a private key from the bundle.
Thus, using a public key, you cannot decrypt even what you have encrypted. Please reread the last two paragraphs again and remember this information.
You can extract your public key from the key manager to the hard drive and transfer it to your interlocutors, in addition, you can open it through any simple text editor and transfer it in text form.
Can I publish my public key, for example, in my blog or website? Yes, many people do, it does not pose any threat to the safety of communication, but in terms of anonymity there are some risks to be identified. Having intercepted an encrypted message and having your public key, malefactors will understand that this message is encrypted with your public key, which means it is addressed to you.
Therefore, if you need as much as possible anonymous communication, it is better to create a separate PGP key for this interlocutor and do not upload it anywhere. A similar step should be taken by your colleague. they will have to give you their public key, which you will add to your key manager.
In the future, we will use two basic concepts:
- key export, which is the process of saving your public key from the key manager to a hard drive or external media for further transmission to the interlocutor;
- key import, which is the process of adding the key received from the interlocutor to your key manager.
You can create individual keys for each interlocutor every day, simply by exchanging new public keys first.
Concluding the introductory part, I want to draw attention to one thing. Some users, especially beginners, have a misunderstanding, in our course, we mainly talk about the key in the form of a file, and they get or lay out the key in the form of text.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQENBFYj7p4BCADC6S3Rt/V3DZtplnRlrQxBF2uEzxeWoSaoD1WqOxEHmP7a4q6g
EZ74dTYVEt8ZeOVSJKmZBGJAK3HeE7bzDen8urtIFq4y8X43Ee9cycB/ff/AcsAq
4HTPf2XkElFVszzfOvrIehmOu/veNh8iVW/4Pq15dnfIU71t24SXzHGvVxnVZaNz
/e4mi4UvzWd5pHNNhF3LHir2ePOTneqMWi1EyG4Egs3cBdJafX6kOA6Pz9QXUQQO
KftFK7MW3AWbe76GFktKmF6bo9+RfVo+x27r2uA5l1w=
=g+64
-----END PGP PUBLIC KEY BLOCK-----
To turn a key in text form into a key file, simply paste it into any text editor and save it with the extension .pgp. This will be the key file.
In terms of the course, we will consider using PGP in Windows, macOS, Linux Mint, Tails, and Whonix operating systems.