What is GPG ?

GNU Privacy Guard (GPG, also GnuPG), the GNU project's free alternative to PGP, is encryption software that's compliant with the OpenPGP (RFC4880) standard. Using GPG you can encrypt (and decrypt) files that contain sensitive data, such as electronic protected health information (ePHI) regulated by the Health Insurance Portability and Accountability Act (HIPAA) privacy and security rules.

GnuPG may be used by itself as a command-line application (i.e., to be run at a Terminal prompt or a Windows command prompt), or integrated into popular email clients. It’s also used by some instant messaging clients, such as Psi.

GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system, each user has a pair of keys consisting of a private key and a public key. A user's private key is kept secret; it need never be revealed. The public key may be given to anyone with whom the user wants to communicate.

GnuPG, GPG, PGP and OpenPGPThe terms "OpenPGP", "PGP", and "GnuPG / GPG" are often used interchangeably. This is a common mistake, since they are distinctly different.

OpenPGP is technically a proposed standard, although it is widely used. OpenPGP is not a program, and shouldn't be referred to as such.

o PGP and GnuPG are computer programs that implement the OpenPGP standard.

PGP is an acronym for Pretty Good Privacy, a computer program which provides cryptographic privacy and authentication.

GnuPG is an acronym for Gnu Privacy Guard, another computer program which provides cryptographic privacy and authentication.

How It Works?

The basic requirement for encryption is that the user has a pair of public/private key using which the data is encrypted/decrypted. The user generates the key pair and distributes the public key to the general world. The private key is retained by the user and is used to decrypt the data. The public key is used by the rest of the world to encrypt and send data to the user.

In brief, the steps involving encryption are below. Assume user B wants to send a file to user A. The user B should encrypt the file with user A’s public key. User A will receive the file in an encrypted form. The file can be decrypted using only A’s private key. Since the file was exchanged in the encrypted format, there is no way for an eavesdropper to read the contents of the file. It is A’s responsibility to publish the public key for everyone to see and to secure the private key from being misused. The strength of this encryption lies in the

keys. Hence the bigger the keys, more secure is the encryption. The steps can be summarized as follows:

User A publishes the public key User B encrypts the file using A’s public key

The file is shared

User A decrypts the file using the private key

User A now has the file (and its contents)

The only weakest link in the entire procedure is the possibility that user B gets the wrong public key. It becomes B’s responsibility to confirm if the public key belongs to user A or not. There are ways to do that too. In this post, we will follow the basic encryption/decryption cycle from a beginner’s perspective. The major steps we will focus on are below:

1. Generating key pair2. Listing the keys

3. Sharing the public key

4. Importing the public key

5. Validating the public key

6. Encrypting the document

7. Decrypting the document

The following commands were executed on Linux.