Pretty Good Privacy Explained
Pretty Good Privacy is an encryption software created back in 1991 by Phil Zimmerman. Although it is almost three decades old, PGP is still considered as the best encryption program around. It can find its use in encrypting text, video files, email messages or even entire hard drives. PGP is widely used and is considered an essential tool for online security and privacy. That’s why in this week’s Zlog, we’re going to talk about PGP, and how you can use it to make your internet activities more private.
Why Was Pretty Good Privacy Invented?
While inventing this encryption protocol, Phil Zimmerman had an idea of a safe and private internet without borders. He wanted to have the freedom of sending and receiving information securely and away from the government’s prying eyes. With that goal in mind, he created Pretty Good Privacy. PGP’s main use is to keep your information private and secure by ensuring the authenticity of communication between two parties. However, the PGP software does the exact opposite of keeping you anonymous, since it is used to digitally prove your identity. That’s why many privacy advocates recommending using PGP with some other internet privacy and anonymity tool, like Tor.
How Does Pretty Good Privacy Work?
Pretty Good Privacy is a simple and straightforward software to understand, though it is a complex privacy solution. Here’s how it works. For example, let’s say you’re sending an email. You, as the sender, posses the public key to lock/encrypt the email. The recipient has the private key, which he can use to unlock/decrypt the email. This way, anyone else who manages to get a hold of the message, wouldn’t be able to do anything with it. The recipient is the only person who can open it.
PGP Digital Signatures
Because Pretty Good Privacy uses complex math in its encryption process, it also allows its user to verify communication through a digital signature. This means you can use it for many things, from signing emails and online messages to just encrypting your computer files so that only you can access them. In order to make digital signatures, you will also have to download GPG, but that’s a whole entire story.
How to Download and Install Pretty Good Privacy?
To successfully run PGP on your device, you will need to download, install it and create your own PGP key. To download Pretty Good Privacy, you can go to the PGP homepage and download the appropriate version for your device. Click save and download the ZIP file. After this, the installation assistant will prompt you through the required steps until the process is finished.
Once you’ve installed PGP, you can share it with other people, so that they can send you private messages. From this point on, you have a world of possibilities at your hands. You can encrypt data, files and email, purchase online, and do many other things.
Using Pretty Good Privacy
The process of creating your own PGP key involves just a few steps. All that you need is a username and an email address. You can then choose the size of your key (the bigger the better) and set your password. Lastly, you have to set an expiration date and adjust some preferred settings. This is basically it. After this, you will have your PGP key! But, there are a couple of things you need to do before you can put it into action. They are a bit more complicated than just creating the key and involve:
Creating a Revocation Certificate
By creating a revocation certificate you will prevent confusion and possible cases of having two valid keys floating around. In the same breath, you would want to create a backup key, just in case. While you don’t necessarily need to keep your revocation certificate secure and private, the backup key needs to be secured behind a tight-sealed door.
After you’ve created the certificate and the backup key, you will need to receive the public key of all of the people you want to send encrypted files and messages to. In addition, you will have to share your own public key with them. You can upload your public key to a server, or even link it to someone via Twitter or Facebook.
Once you’ve managed to get a hold of the other person’s public key, you can finally send them encrypted data. To do this, you have to right click on your desired file, select a key, and the software will automatically create a .pgp or .gpg file which you can safely store or send over the internet.
Final Word on PGP
Over the years, Pretty Good Privacy-encrypted files have been intercepted and broken more than once. But, fortunately for its users, this was not due to the software’s fault, but because of the individual actions of its users. The PGP software is so reliable that even Edward Snowden used it to receive secret NSA documents. If he found it to be safe enough against the NSA, it should be good for regular internet users as well. Just remember to keep your privacy to yourself and remain vigilant about your PGP private encryption key, and you will be free of any privacy problems.