Académique Documents
Professionnel Documents
Culture Documents
GNU Privacy Guard (GPG, also GnuPG), the GNU project's free alternative to PGP,
is encryption software that's compliant with the OpenPGP (RFC4880) standard.
Using GPG you can encrypt (and decrypt) files that contain sensitive data, such
as electronic protected health information (ePHI) regulated by the Health
Insurance Portability and Accountability Act (HIPAA) privacy and security rules.
GnuPG may be used by itself as a command-line application (i.e., to be run at a
Terminal prompt or a Windows command prompt), or integrated into popular
email clients. Its also used by some instant messaging clients, such as Psi.
GnuPG uses public-key cryptography so that users may communicate securely. In
a public-key system, each user has a pair of keys consisting of a private key and
a public key. A user's private key is kept secret; it need never be revealed. The
public key may be given to anyone with whom the user wants to communicate.
How It Works?
The basic requirement for encryption is that the user has a pair of
public/private key using which the data is encrypted/decrypted. The user
generates the key pair and distributes the public key to the general world.
The private key is retained by the user and is used to decrypt the data.
The public key is used by the rest of the world to encrypt and send data to
the user.
In brief, the steps involving encryption are below. Assume user B wants to
send a file to user A. The user B should encrypt the file with user As
public key. User A will receive the file in an encrypted form. The file can be
decrypted using only As private key. Since the file was exchanged in the
encrypted format, there is no way for an eavesdropper to read the
The only weakest link in the entire procedure is the possibility that user B
gets the wrong public key. It becomes Bs responsibility to confirm if the
public key belongs to user A or not. There are ways to do that too. In this
post, we will follow the basic encryption/decryption cycle from a
beginners perspective. The major steps we will focus on are below:
1. Generating key pair
2. Listing the keys
3. Sharing the public key
4. Importing the public key
5. Validating the public key
6. Encrypting the document
7. Decrypting the document
The following commands were executed on Linux.