How to use PGP Encryption
If your concerned about the security of your messages you may have heard of PGP encryption, but what is it and how do you use it? Encryption is used to convert your normal text into unreadable gibberish through the use of an algorithm, in cryptography this is known as ciphertext. The original message is still contained within the cipher but becomes unreadable to anyone without the means to convert it back, a process known as decryption.
If this is starting to sound complex, don’t worry!
You certainly don’t need to be an expert in cryptography or understand the complexities of the algorithm at hand in order to encrypt your communications, you just need to understand the process involved – that’s where this guide comes in!
So how can you start encrypting your messages? That’s where PGP Comes in.
PGP stands for Pretty Good Privacy and is the most widely used software for encrypting communications being used around the world for whistleblowers, drug purchases, privacy advocates and those simply wanting to ensure their own privacy when messaging family and friends. As the name goes it is only ‘Pretty Good’ privacy so I wouldn’t trust the technology with your life as it’s certainly been around for a long time.
PGP uses a key-based form of encryption where there are 2 keys, a public and a private. You use a public key to encrypt messages while a private key can only decrypt the messages sent to the corresponding public key, therefore you need to keep the private one secret to prevent anyone from reading your messages, and encryption becoming pointless.
If you’re new to this it may sound complex and strange however it should start to make sense as we set it up.
To use PGP you need to install GNU Privacy Guard (Sometimes simply GnuPG) which is free open-source software available on Windows, Mac and Linux for you to download and start encrypting.
This guide will focus on getting set up on Windows (Even though I’d reccomend you use a different system that actually places value on your security and privacy) however its what most readers are probably using so it’s what this post will focus on. I may publish other editions for different operating systems such as Linux in the future though.
How to use PGP on Windows
To get started you need to first download Gpg4win, It is the Windows version of GNU Privacy Guard.
Once you’ve downloaded the file and clicked through the user agreement you’ll be greeted with this screen. The software comes with various components that you can choose whether to install as part of your installation. It is important that before clicking next make sure to GPA is ticked, which is often not selected by default – which is what we’ll use for this tutorial!
After you’ve correctly selected all the components simply continue with finishing the installation. Once it’s completed you’ll then need to launch the GPA application (It has a key chain icon).
You then need to set up your private key, you’ll be prompted to generate once, click to do so.
The private key needs to contain details about the holder, for this you will be asked to enter a name followed by an email address.
It is important to note these do not have to be correct, nor does the email address need to be valid. If you’re wanting to communicate anonymously, obviously don’t put in your real name! Instead use a new online identity, and not one you’re already well known by such as your gamertag (As explained in the Deep Web Security Guide) as well as using a made-up email too.
You’ll then be asked if you want to back up your key, I recommend doing so before continuing. Make sure to store it somewhere secure, remember if somebody gets their hands on you’re private key, your encryption is useless.
Next enter a passphrase, I suggest you use a secure passphrase of at least 20 characters, aka don’t be that guy who just uses 1234.
Hurray, you now installed the software! But dow the hell do you use it?
Presuming everything is going successfully you should then see a screen something like this
By right-clicking on your key you can then copy your public key and then paste into a notepad to view it
This is what other people will use to send messages to you, so if you want to be contacted you need to make sure you place this where people can see it. You can upload it to a key directory to help people find you as well as making your job easier by simply directing people to a URL rather than having to paste the entire key block yourself every time.
To start encrypting messages simply click the clipboard icon, a pop-up will then appear where you can begin typing
When you’re done, simply click to encrypt it, then select your key from the list, and there you go, your encrypted message.
This is great, but all we just did was encrypt using our own key! If we want to send encrypted messages to others we need to use their key instead. To do this you need to copy and paste their key, and then save it to a notepad file a bit like we did earlier when we created our own.
You’ll then need to click import key, and select the file you just saved using notepad.
If everything went correctly, you’ll get a pop-up like this:
Now follow the steps as above, but instead of selecting your own key from the list, choose the one you just imported.
Make sure to include your own public key as part of the message so they can reply!