This document describes how to use the GPG program in a basic way. I will cover how to send and receive encrypted messages, and how to digitally sign messages as well as verify the signatures on messages. This document is intended to support my classes at Vermont State University. It is not intended to be a general treatment of GPG for the entire internet community. This document talks about how to use GPG on a Unix system. However, most of what is said here applies equally well to the Windows command line version of the program. This document does not discuss any graphical front-end tools (of which several are available).
Before anyone can send you encrypted mail, you will need to generate a public/private key pair for yourself. Do this with the command:
gpg --gen-key
You can accept the various default options presented to you, except you should set an expiration date on your key. If your key is lost, you will want it to eventually become invalid without any intervention on your part. I suggest using a key lifetime of five years (the offered default is fine). For the "User ID" use your full name together with your email address like this (you can leave the "Comment" field blank):
Peter Chapin <peter.chapin@vermontstate.edu>
This uniquely identifies you. When you refer to a User ID with GPG, you can normally just use any substring of the ID that is unique on your key ring. However, it is a good idea to be sure your full ID is quite specific. Since your key might be used in a professional context, it is best to avoid nicknames or partial names (i.e., just your first name). It is possible to change the ID associated with your key without also changing your key. This is useful if you change email addresses.
Your GPG key has two parts: a public part that you can give to anyone, and a private part that you should keep to yourself. These "keys" are large binary numbers—they are not words or phrases. However, your private key is kept in a file and encrypted using a passphrase that you provide when the key is generated. In order to use your private key, you will have to provide the passphrase. Thus, even if someone else finds your secret key ring file, that alone won't allow them to use your private key.
Never reveal your private key to anyone else!
Your public key is something you must give to others before they can send you encrypted mail. People will also need your public key to verify your digital signatures. Post your public key widely. It is public. I have mine on my website. To extract your public key from your key ring, use a command such as:
gpg --export -a user_ID > filename
Where user_ID is your User ID (or any substring contained in it) and filename is the name of the file where the key should go. This command will extract the key in ASCII format—plain text—so that you can send it to others more easily.
Download my public key into a file, say pchapin.asc. Then do this command:
gpg --import pchapin.asc
GPG will see that pchapin.asc is a public key and try to add it to your public key ring. You should now check the key fingerprint to verify that you have the correct key. If an attacker replaces my key on this website with a bogus one, you might actually be encrypting messages for the attacker to read!
To check the fingerprint do:
gpg --edit-key peter.chapin
This goes into a special key editing mode. Use the fpr command to have GPG display the key fingerprint. The correct fingerprint for my key is: 0B8E 97E2 82A0 CAAD 87CE 3B43 D60B AEA5 B4B0 68A3. Don't believe what you read here! An attacker who can replace my key on this site can also modify this page. In theory, you should obtain the correct fingerprint directly from me. Note that the key fingerprint is a secure hash of the key itself.
If you are sure you have the correct key, you can sign my key with your key using the sign command. Then, if you want, you can export my key and give it to your friends. If your friends are confident that you only sign keys you are sure about, they can take your signature as "proof" that they have a valid copy of my key. They do not need to check the fingerprint directly with me. In this way, GPG builds a web of trust that allows keys to be distributed in a reasonably secure manner without a central authority. In effect, all users are certificate authorities, and every user makes their own choices about whom to trust.
Once you have added my key to your key ring, you can view the contents of your key ring with the command:
gpg --list-keys
First, prepare your message in a file using an editor of your choice. To encrypt the file use a command such as:
gpg -sea -r peter.chapin file.txt
Where file.txt is the name of the file containing the message. The -sea options mean the following
The -r option specifies the recipient of the message. In other words it specifies which public key to use to make the encryption. The command above will create the file file.txt.asc. It will not overwrite the original file (at least not without warning you first).
To send me the file, enter your mail program and include the file into the body of a mail message to me or as an attachment. Notice that this is end-to-end encryption. Nobody other than me will be able to read the message, including whichever mail service(s) you use. The encryption algorithms used by GPG are state-of-the-art, so it is possible, perhaps likely, that not even the FBI or the NSA can read them.
Occasionally I will send you messages that have been "clear-signed" using GPG. A clear-signed message can be read without using GPG but still has a GPG signature at the bottom. If you want to verify that I actually sent one of these messages, you should export it out of your mail program (in pine use the "E" command while reading the message). Then leave your mail program and use the command:
gpg afile.txt
Here afile.txt is the file where you saved the message. GPG will find the "BEGIN PGP SIGNED MESSAGE" header in the file and know what to do. If you have my public key on your key ring, it will verify the signature and print an appropriate message. If you don't have my public key, you will be told that it can't verify the signature.
GPG uses highly secure encryption algorithms. However, mishandling can easily compromise the strength of GPG. You should be especially aware of the following points.
If you prepare "sensitive" messages in a file, be sure to delete the file promptly after you encrypt it. If your account is broken into, you might not want those files hanging around for someone to find. Keep in mind that when you delete a file, it really isn't deleted. If you are really worried about security, you would run special software that would erase the file's bits before "deleting" it from the system, or you would use GPG on your own computer and make sure you keep your system physically secure.
Keep in mind that you won't be able to read a message once you've encrypted it for someone else. If you need to keep a copy of a message, don't depend on the encrypted version of it. You can always encrypt a second copy for your own purposes if you need to keep a copy. Use the "-c" option on GPG to use "conventional" (i.e., symmetric) cryptography in such a case. You don't need to mess around with public and private keys to encrypt messages to yourself.
However, it is also possible to include multiple recipients when you encrypt a file using public keys (by providing multiple -r options). GPG actually generates a random session key for a symmetric algorithm (AES-128 by default) and encrypts the session key with the recipient's public key. If you specify multiple recipients, the session key is encrypted multiple times, once for each recipient. This allows you to prepare a message that more than one person can decrypt without having to duplicate the message.
If you run GPG on a remote host and access that host via telnet, you should keep in mind that your passphrase (and your account password) are being transmitted over the network unencrypted. Someone with a protocol analyzer will be able to see these passwords on the network, log in as you, and make use of your private key. This is a serious issue, and it means that you should only consider using GPG on a remote host via an encrypted terminal session (e.g., SSH or a TLS-protected Telnet session).
If you run GPG on a Unix system, you should also realize that there are security issues associated with running it in a multiuser environment. For example, if the root password on the Unix host is compromised (or if the system administrator is unethical), it would be possible for a trojan horse version of GPG to be placed in the system directories. The trojan horse version might send your private key unencrypted across the network to someone waiting for it. Note that merely compromising your account does not expose your private key because your private key is encrypted with your passphrase.
To be truly secure, you should use GPG on your own machine with excellent physical security and with no network connections.