GnuPG, the GNU Privacy Guard, is the open source equivalent to PGP, or Pretty Good Privacy, which has been available for Windows, DOS, and some other operating systems for many years. It has all the same features, based on the OpenPGP standard. The uses for GnuPG (or GPG) are varied: It can be used to encrypt email messages and files, or to digitally sign email messages and files. The first use is obvious, encrypting emails or files on your hard drive maintains the privacy and integrity of sensitive messages or documents. The latter is extremely useful to maintain the integrity of messages and files, especially when transmitting over insecure networks. It certifies that a) the email was sent by whomever claims to have sent it, and b) that a file has not been tampered with.
Using GPG is very easy and straightforward. It is a text-based command line tool, but there are frontends to GPG that make it even easier to use. The whole premise of GPG is PKI, or Public Key Infrastructure. What this means is that GPG is based upon a two-key system, a private key used to sign and decrypt, and a public key used to decrypt and verify.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.