Blog | Cellular Automaton | Links | Making Music | Photos | Scientific Work

Articles: TeX/LaTeX | GnuPG | Cellular Automata

GnuPG

"It's personal. It's private. And it's no one's business but yours." - Philip Zimmermann

Introduction

GnuPG, or GNU Privacy Guard (http://www.gnupg.org), is the open-source equivalent of Philip Zimmermann's PGP (Pretty Good Privacy) encryption/authentication software release under GPL. It allows private and secure communications between individuals over a digital medium (mostly e-mail).
GnuPG is based on an asymmetric cryptosystem (RSA-algorithm). You have got two keys, a public-key and a private-key. If somebody wants to write you an encrypted message he uses your public-key. To read this message you need the appropriate private-key. On the other hand you are able to sign a message with your private-key. Then the receiver can check the authenticity of the message with your public-key.

For encrypted communication one needs to exchange public-keys. Therefore you can upload your public-key to an international key-server. So everybody can find your public-key easily.
One of the fundamental aspects of using public-key cryptology with GnuPG/PGP is the ability for users to "sign" other users keys. By having others sign your key, they are helping you establish what has become known as a "web of trust". Having several signatures on your key helps assure others receiving your key of its authenticity, especially if the key receiver also knows one or more of the others that has signed your key.

(I will list here only some basic information. It should be a starting point. For more detailed information I recommend you to follow the links that are listed at the bottom of this document.)

Why Encryption

The common mail gets slowly replaced by the e-mail. E-mails are sent over the internet as plain-text messages, everybody who is listening to the internet-traffic can read it. An e-mail is comparable to a postcard. But e-mail content can be personal, so it ist private and it needs an envelope. GnuPG is even better than an envelope, it can not get teared open.

You may ask: "Who wants to read my e-mails?", well:

  • The intelligence of your government who is looking for terrorists, what is only a pretence for a super surveillance of all citizens (After 09/11 intelligence authorities increased a lot, specially in the U.S. , Echelon ->cryptome, etc...)
  • Your business rival who is interested in your latest developments
  • A bored system administrator, who reads e-mails as an entertainment
  • I could think of many more examples, but I stop here, due not to seem paranoid...

Tools

To use GnuPG on a windows system I recommend you the following three tools:

  • GNU Privacy Guard: The command-line based encryption tool itself. ->download here
  • GPA: The GNU Privacy Assistant (GPA) is a graphical user interface for the GnuPG (GNU Privacy Guard). ->download here
  • WinPT: WinPT (Windows Privacy Tray) is a taskbar utility for doing data en- or decryption. ->download here

Or you can download the bundle of all three tools from the GnuPP-Project.

More Information


 Contact | last modified: January 03 2005 13:03:42