Secure your communication with GnuPG

[mehulved]

With gmail enabling IMAP service, I decided to switch over to using a mail client for accessing my multiple gmail inboxes.
While reading a mails on local LUG lists, I came across a couple of mails which were signed using gpg. So, I decided to explore more on the topic and use gnupg for my communication, too.
Let us address the what's, why's and how's of gpg

1. What is gnupg
   

   GnuPG is the GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880 . GnuPG allows to encrypt and sign your data and communication, features a versatile key managment system as well as access modules for all kind of public key directories.

   *www.gnupg.org/(en)/
   
   
2. Why should I use gnupg?
   • To secure your communication with other users.
   • To protect your E-mail from unauthorised access and inspection. Read more about it on *en.wikipedia.org/wiki/E-mail_privacy
   
   
3. How does gnupg work?
   

   GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ 'owner' identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.
   
   GnuPG does not use patented or otherwise restricted software or algorithms, including the IDEA encryption algorithm which has been present in PGP almost from the beginning. Instead, it uses a variety of other, non-patented algorithms such as CAST5, Triple DES, AES, Blowfish and Twofish. It is still possible to use IDEA in GnuPG by downloading a plugin for it, however this may require getting a license for some uses in some countries in which IDEA is patented.
   
   GnuPG is a hybrid encryption software program in that it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient's public key to encrypt a session key which is only used once. This mode of operation is part of the OpenPGP standard and has been part of PGP from its first version.

   *en.wikipedia.org/wiki/GNU_Privacy_Guard#Process
   Also see *www.gnupg.org/gph/en/manual.html#CONCEPTS
   
   
   
   By now you should be convinced that using gnupg for securing your communication is a good idea. If yes, then let's get to the next step.
   
   
4. How to use gnupg
   Read the following 2 simple to follow articles on using gnupg.
   *www.gentoo.org/doc/en/gnupg-user.xml
   *www.gnupg.org/gph/en/manual.html#INTRO
   
   
5. Where to obtain gnupg from?
   It should be available as a readymade package in your *nix distribution. If not you can obtain it from *www.gnupg.org/(en)/download/index.html
   
   
6. More HowTo's on GnuPG
   *www.gnupg.org/(en)/download/index.html

Wish you a secure communication.

 

[QwertyManiac]

I got myself a key while signing the Code of Conduct on Launchpad.

 

[Gigacore]

Anway,, thanks for that mehul

 

[gary4gar]

hmmm.....Nice
i created my key, i liked how it grabs random bytes
cool