The GNU Privacy Guard

From LinuxReviews
Jump to navigationJump to search

The GNU Privacy Guard is a open-source public/private key encryption GPL replacement for PGP. It complies to the IETF PGP standard OpenPGP, which means that Linux GnuPG users are able to communicate with Windows OpenPGP users. IETF PGP is todays defacto standard for secure e-mail as well as electronic signatures.

Why you want GnuPG

In bullet summary, we know:

  • E-mail messages are plaintext being passed through a huge amount of routers as well as normally at least two e-mail servers between sender and recipient.
  • E-mail messages give you the same security as a traditional postcard.

GnuPG encryption allows you to put your postcard in a envelope. This envelope is highly secure and even though it's highly likely the good folks at NSA are able to decrypt it given enough time, it does provide a much better security solution than say.. plaintext.

GnuPG can also be used to sign messages giving them your unique signature. This signature can only be created by the holder of that key, which means that recipients of the plaintext-readble signed messages can be sure you're the actual sender.

GnuPG is included in all modern Linux distributions (and is easy to download [1] and install if you haven't got it installed already - but if you're using Linux you highly likely have it already).

Application support

It must be mentioned that all common Linux e-mail applications now support GnuPG. Thus; it's almost redicilous not to use GnuPG if you are a Linux user!

KDE includes the handly tray-application kgpg which allows you to create a key-pair (a public key used for encryption which you give to friends and loved ones and a private key used for decryption which you keep for yourself). Kgpg also allows you to export your key to the public keyservers and fetch other peoples key's.

There is also a nice GnuPG frontend for Gnome called Seahorse[2]

Mozilla Thunderbird users can easily use GnuPG using an extention called Enigmail. [3]

Instant messaging

GnuPG can also be used to encrypt instant messages.

IM programs who support using your GnuPG key for encryption includes:

  • Jabber

Links and references