PGP, cryptographic privacy and authentication

Pretty Good Privacy, PGP

PGP provides cryptographic privacy and authentication when communicating or transferring data over the Internet. How does it do so? By using public-key cryptography, symmetric-key cryptography and digital signatures.

We share a lot of data in our daily lives, both professionally and personally, and privacy is a top priority. On this matter, PGP is one the most widely used encryption systems worldwide. Let’s see what PGP is and how it can help improve data protection and privacy on the Internet.

What is PGP encryption?

PGP or Pretty Good Privacy is an encryption software combining data compression, hashing, symmetric-key cryptography and public-key cryptography. PGP was developed and published by Philip Zimmermann, a North American computer scientist and cryptographer, in 1991. It was initially made available for download via public FTP, before going international via the Internet.

PGP provides cryptographic authentication and privacy for data communication and transfer. It also supports digital signatures; message authentication — to verify the sender — and integrity checking — to verify that the message has not been altered.

Symmetric-key and public-key encryption

In symmetric-key encryption, both the sender and the recipient have the same key. However, when sending the encryption key between them, the symmetric key must be encrypted using an asymmetric or public-key cryptography system.

Using PGP, data is encrypted so that it can only be decrypted using a public key, which is associated with a username or email address. When PGP compresses the data, a random private key is automatically generated. This public-private key pair keeps data safe, as data can only be decrypted using the private key matching the public key. Although it might seem complex, many current email applications offering PGP make the encryption and decryption process simpler for users.

If you are interested in public-key authentication, our guide to set up SSH keys on Linux might also be helpful.

What is PGP encryption used for?

PGP encryption is used for:

  • Signing, encrypting and decrypting texts, emails, files, directories, etc.
  • Increasing security in email communications.
  • Digitally signing messages as a way of verifying its authenticity.
  • Generating website security certificates.

Due to the importance of PGP encryption, in 1997, the Internet Engineering Task Force (IETF) started a working group to create the OpenPGP standard.

OpenPGP: email encryption standard

OpenPGP is a non-proprietary format for authenticating and encrypting data, and an open email encryption standard, based on the PGP software. It combines symmetric-key cryptography and public-key cryptography to provide security services for communications and data storage.

OpenPGP is available for all major platforms — GNU/Linux, Windows, Mac OS, Android and iOS. It is used for:

  • Email communications and messages encryption.
  • Identity verification using digital signatures.
  • Passwords management.

OpenPGP formats and uses are specified in diverse Proposed Standards: RFC 4880, RFC 3156, RFC 6091, etc.

GPG or GNU Privacy Guard

GPG, GnuPG or GNU Privacy Guard is a free-software encryption program. It is a complete implementation of the OpenPGP standard, compliant with the RFC 4880 standard. As OpenPGP, GNU Privacy Guard combines symmetric-key cryptography and public-key cryptography. GnuPG is part of the GNU Project and available under the GNU General Public License. It was originally developed by Werner Koch, a German free-software developer.

Versions of GNU Privacy Guard

GnuPG 1.0September 1999
GnuPG 1.2September 2002
GnuPG 1.4December 2004
GnuPG 2.0November 2006
GnuPG 2.2November 2014
GnuPG 2.2.21July 2020
GnuPG 2.2.22August 2020
GnuPG 2.2.23September 2020
GnuPG 2.2.24November 2020
GnuPG 2.2.25November 2020
GnuPG 2.2.26December 2020
GnuPG 2.2.27January 2021
GnuPG 2.2.33November 2021
GnuPG 2.3.0April 2021
GnuPG 2.3.1April 2021
GnuPG 2.3.2August 2021
GnuPG 2.3.3October 2021
GnuPG 2.3.4December 2021
GnuPG 2.3.5April 2022
GnuPG 2.3.6April 2022
GnuPG 2.3.7July 2022
GnuPG 2.3.8October 2022
GnuPG 2.4.0December 2022
GnuPG 2.4.1April 2023
GnuPG 2.4.2May 2023
GnuPG 2.4.3July 2023

Share it on Social Media!