What is PGP and How is it Used?

PGP or (“Pretty Good Privacy”) is an encryption technology that was created by Phil Zimmermann PGP can be used to encrypt anything from files to emails. Recently some email providers have adopted the technology as a privacy feature.PGP works on all operating systems and functions similarly to PKI  the user makes their Public Key available to the public when someone wants to send them an encrypted message they encrypt the file with the public key. The receiver who has the private key is able to decrypt the message or decrypt the file. The receiver needs to take care to make sure the private key is stored in a safe place just as you would for SSL certificates private key.Around the web there are key servers that you can submit your public PGP key to and other users can look up your keyOne of these servers, for example, is launchpad.netthis server is operated by Ubuntu and acts as a directory for GPG keys now you don't have to even reveal your public key to everyone it can be revealed to just people you know. The key servers do make it easier to find the key though. Again you will only be revealing you public key an attacker would take a huge amount of time to crack your keys without the private key PGP can go up to 4096-bit encryption!I personally use  PGP  and the process to get a key is pretty simple however the use of PGP can be a bit of a pain in the neck for nontech savvy users however there are some plugins for Chrome that you can use to make it easier until PGP gets a bit more user-friendly for everyone.Below I will show you the process on how you can create a PGP key on an Ubuntu-based computer using the terminal there are also graphical ways you can do this as well. I will also show you the GUI method using the MAILVELOPE plugin for chrome.

Linux command line method

gpg –gen-key << This will tell PGP to generate a keygpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.gpg: directory `/home/sean/.gnupg’ createdgpg: new configuration file `/home/sean/.gnupg/gpg.conf’ createdgpg: WARNING: options in `/home/sean/.gnupg/gpg.conf’ are not yet active during this rungpg: keyring `/home/sean/.gnupg/secring.gpg’ createdgpg: keyring `/home/sean/.gnupg/pubring.gpg’ createdIn this step, PGP will ask you what algorithm you want to use to create the ket RSA is the default and a good choicePlease select what kind of key you want:(1) RSA and RSA (default)(2) DSA and Elgamal(3) DSA (sign only)(4) RSA (sign only)Your selection? 1As I said above PGP supports up to 4096-bit encryption make sure to check the laws in your country on encryptionRSA keys may be between 1024 and 4096 bits long.What keys do you want? (2048)Requested keysize is 2048 bits You can set a key expiry belowPlease specify how long the key should be valid.

0 = key does not expire<n> = key expires in n days<n>w = key expires in n weeks<n>m = key expires in n months<n>y = key expires in n yearsKey is valid for? (0)Key does not expire at allIs this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user IDfrom the Real Name, Comment and Email Address in this form:“Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>” Enter your personal details below along with a strong passphrase

Real name: bob smithEmail address: bob@bobsmith.comComment: 123You selected this USER-ID:“bob smith (123) <bob@bobsmith.com>”

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? oYou need a Passphrase to protect your secret key.We need to generate a lot of random bytes. It is a good idea to performsome other action (type on the keyboard, move the mouse, utilize thedisks) during the prime generation; this gives the random numbergenerator a better chance to gain enough entropy.Not enough random bytes available. Please do some other work to givethe OS a chance to collect more entropy! (Need 136 more bytes)Now the last step can be a bit tricky if you are not doing this on a desktop computer or you are doing this on a virtual machine I recently posted about entropy and the issues that virtual machine have with not enough randomness the above is an example of that. This PC is a virtual machine and when I am generating a large key there is not enough entropy so you may need to run some commands and move the mouse and keyboard etc to generate the randomness.After this step is complete you will receive your keyID   something like this ED87xxxxxonce that is done you can upload your newly generated key to the Ubuntu servers as followsgpg –keyserver keyserver.ubuntu.com –send-keys ED87xxxxx You will need to create a launchpad account on ubuntu to see your profile and confirm your key. You will receive an encrypted email from launchpad you will need to decrypt it and follow a link that is sent to you.If you want to decrypt a message you can copy and paste the message into a file and use gpg –decrypt message.txt.gpg  to decrypt the message as your private key is stored locally the computer will have what it needs to decrypt it.

Here is the GUI method using Mailvelope for Chrome

Install the Mailvelop plugin to your chrome browser following the instructions here.Once install  click optionsThen you will  click Generate keys Fill out the required  info similar to how we did in the command line methodOne complete you will see the below  output Now you have created your PGP key  I will say that there are some opinions on using such a plugin to generate a key as some feel that there is no way to guarantee that the plugin itself is not recording plaintext info and sending it to the creator.I personally don't use this GUI method to generate my keys I use the command line method so chose the best option that suits you.There are also  Android apps that you can use to store your keys and use itI believe PGP has some way to go to be completely user-friendly but I believe that PGP is a step in the proper direction although it has been around for a long while it's only recently really began to shine thanks to the adoption from the like of Google.If you are looking for my PGP public key to send me to secure messages or files you can find it on the about me page of my site (www.seanmancini.com).