Secure your communication with GnuPG

Status
Not open for further replies.

mehulved

18 Till I Die............
With gmail enabling IMAP service, I decided to switch over to using a mail client for accessing my multiple gmail inboxes.
While reading a mails on local LUG lists, I came across a couple of mails which were signed using gpg. So, I decided to explore more on the topic and use gnupg for my communication, too.
Let us address the what's, why's and how's of gpg
  1. What is gnupg
    GnuPG is the GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories.
    http://www.gnupg.org/(en)/

  2. Why should I use gnupg?
  3. How does gnupg work?
    GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ 'owner' identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.

    GnuPG does not use patented or otherwise restricted software or algorithms, including the IDEA encryption algorithm which has been present in PGP almost from the beginning. Instead, it uses a variety of other, non-patented algorithms such as CAST5, Triple DES, AES, Blowfish and Twofish. It is still possible to use IDEA in GnuPG by downloading a plugin for it, however this may require getting a license for some uses in some countries in which IDEA is patented.

    GnuPG is a hybrid encryption software program in that it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient's public key to encrypt a session key which is only used once. This mode of operation is part of the OpenPGP standard and has been part of PGP from its first version.
    http://en.wikipedia.org/wiki/GNU_Privacy_Guard#Process
    Also see http://www.gnupg.org/gph/en/manual.html#CONCEPTS



    By now you should be convinced that using gnupg for securing your communication is a good idea. If yes, then let's get to the next step.

  4. How to use gnupg
    Read the following 2 simple to follow articles on using gnupg.
    http://www.gentoo.org/doc/en/gnupg-user.xml
    http://www.gnupg.org/gph/en/manual.html#INTRO

  5. Where to obtain gnupg from?
    It should be available as a readymade package in your *nix distribution. If not you can obtain it from http://www.gnupg.org/(en)/download/index.html

  6. More HowTo's on GnuPG
    http://www.gnupg.org/(en)/download/index.html
Wish you a secure communication.
 
Status
Not open for further replies.
Top Bottom