PGP

In other languages: English | Afrikaans | Albanian | Arabic | Brazilian | Bulgarian | Catalan | Chinese | Croatian | Czech | Danish | Dutch | Esperanto | Estonian | Filipino | Finnish | Flemish | French | German | Greek | Hebrew | Hindi | Hungarian | Indonesian | Italian | Japanese | Latvian | Lithuanian | Macedonian | Malay | Malayalam | Norwegian (Bokmål) | Norwegian (Nynorsk) | Persian | Polish | Portuguese | Romanian | Russian | Serbian | Slovak | Slovenian | Spanish | Swedish | Turkish | Ukrainian | Urdu

This Feature Is Prohibited

If you attempt to use this on SHellium you will be banned.

GPG is allowed, but PGP is not.

Overview

PGP stands for Pretty Good Privacy. It was originally written back in 1991 for human rights purposes. The creator of PGP was actually under investigation of the US government for breaking export regulations at one time. This is a very secure piece of software, and it is now the email encryption standard for the most point. (OpenPGP) - GNU has a product named GnuPG that works via command line. Basically, you generate keys for yourself.

Keys in a Nutshell

There are two components of private/public key authentication. Private keys, and public keys. Private keys are the section of the key you generate that remains on your computer, and should not be transferred anywhere else. This private key is encrypted by a passphrase, which should also be secure. The public part is the part you share. (via a communication channel or keyserver) Once everyone has each other's public keys, you can communicate by designating which key can decrypt the email, or text.

The Software

Two freeware programs exist. One is multi-platform and is very popular for command based key management. The toolkit is available at http://gnupg.org - be sure to use 256 bit AES encryption, as it is the current standard for TOP-SECRET classified information as defined in the document here: http://www.nsa.gov/ia/Industry/crypto_suite_b.cfm

The other freeware program is a popular GUI for windows known as PGP, by the PGP corporation. (http://pgp.com) The free version does encrypted email, text, and encrypted zip files. The enterprise versions of the program do fancy stuff such as chat encryption, net sharing, whole disk encryption, virtual mounting, and more.

Generating Keys

When you generate keys for business use, be sure to use real information. You may want to get a certificate signed by a popular CA such as Verisign to confirm that this key belongs to you. Use encryption standards as listed above when generating the key. PGP also offers recovery questions that can be added to the key in the event of a lost passphrase. (While talking about passphrases...they should be at least 10 characters long with a mix of random letters of both cases, numbers, and symbols) You can then upload the public key to a keyserver, which is accessible to anyone with an internet connection.

Tutorial - Encrypting Text - With PGP on Windows

1. First, generate a key using the instructions above.
2. Next, highlight the text/email you wish to encrypt and right click on the PGP icon in the taskbar.
3. Click on Current Window -> Encrypt & Sign - Specify the key you wish to encrypt with and the public keys that the message can be decrypted by. (You need to have these imported) You can also specify to make the message extra secure with the secure viewer (Enterprise Version Only?) Now enter your passphrase for the private key, and you will get the encrypted output to send.
4. The recipient can now follow the same procedure to decrypt the text.

Source Code

The source code for GnuPG is under the GNU Public License. The source code for PGP Desktop can be downloaded for noncommercial use only (peer review).