For a very basic look at very basic encryption, see the post: Encryption and Cryptography for Children
An Introduction to OpenPGP, PGP and GnuPG
From what I’ve seen, PGP, GnuPG/ GPG and OpenPGP are often bandied about together, frequently in the same paragraph (I just did it) and often interchangeably. It can be confusing, so I’m going to try to lay it out, simple like.
Pretty Good Privacy (aka PGP) and GNU Privacy Guard (aka GnuPG and GPG) are computer programs used to encrypt and decrypt data for security, namely personal privacy and personal / data authentication.
Both are compliant with, and use the OpenPGP standard (RFC 4880) when they encrypt and decrypt data.
PGP was first, then later sold (it’s now owned by Symantec). Because it was sold, patents became possible problems and OpenPGP became an official standard.
GnuPG was then created and is freely available to everyone under a GNU General Public License (GPL).
So while PGP and GnuPG aren’t exactly the same thing, they do pretty much the same things, and because they both use the OpenPGP standard, they can often work interchangeably.
What do GnuPG and PGP do?
Put simply, they help people protect their privacy and security.
The most common practical uses are:
- Encrypting and Decrypting Messages (text) - An encrypted PGP Message looks like a bit of random text that anyone can see, but only the person it was made for will be able to see what it actually says. You could even print out an encrypted version of that special poem you wrote for that special girl and put hundreds of copies of it on walls all around the city and no one would be able to read it but her.
- Encrypting and Decrypting Email - Same as the above but for the whole email, plus a lot more streamlined with the right software.
- Encrypting and Decrypting Internet Chat / Internet Messaging
- Signing Authentication - This is used to verify that it really was you (or for you to verify it was someone you know) who wrote a message, blog post, email, uploaded a file etc. It’s just like using a signature but digital and you can’t forge it by copying it upside-down.
Increasingly more common uses are:
- Encrypting computer files
- Encrypting disk and USB disks
- and more
So that’s what GnuPG and PGP do.
I’ll go into the specifics of how to use GnuPG in a near-future post.