PGP
PGP is the abbreviation for “Pretty Good Privacy” and a method for encrypting messages and files on the Internet. The first version was already used in 1991.
PGP for the encryption of messages
For the encryption of messages PGP uses an asymmetric encryption method. In this case, sender and receiver have a key pair consisting of a private and a public key. The public key enables encryption, but not decryption of a message. In order for a message to be decrypted, the private key is required.
Installing the PGP software
For private use, the encryption software is free of charge. The installation is very simple. The key pair is automatically generated during installation. By using a pass phrase, the private key is additionally secured from being used by people who have access to the respective computer. Before passing on the public key, it is absolutely necessary to make a backup copy of this key pair. The keys are managed via PGP keys. There you can see with whom keys have already been exchanged, whether they are still valid and what strength the keys have.
Encryption of messages
Before a message can be sent encrypted, the public key of the recipient is needed. Before sending the message only one click in the toolbar under “PGP” is necessary. If this is not available in the toolbar, it is necessary to activate the menu item “PGP – Encrypt when sending”. As soon as the message is sent, a default suggestion for the key to be used appears. The suggested key should always be the one that matches the recipient. If a message is addressed to multiple recipients, all keys should be displayed and the sender should also add his own public key by double-clicking on it. It is also possible to encrypt only the attachments of a message. To do this, right-click on the file to be encrypted and then select “PGP-Encrypt”, in the case of the German version “PGP-Verschlüsseln mit”. In the case of attachment encryption, no suggestion is made regarding the recipient key. Therefore, the sender must select the desired recipient key and his own key and then click “OK”. This is followed by encryption of the files, which are given the suffix “pgp”.
Security of encryption with PGP
PGP is considered to be particularly secure due to its asymmetric encryption method. Nevertheless, there are some important things to consider when encrypting. It is important to send messages continuously in encrypted form. It is possible to generate multiple private keys if PGP is used frequently. A specific key can be developed for each recipient. In addition, the keys should be replaced with newly generated ones at regular intervals.
