PGP (Pretty Good Privacy) Keys
Coviant Software: Technology Tips & Useful Guides
How to Use PGP Keys
OpenPGP keys, often referred to as “PGP” keys, are used to encrypt and sign outbound files and to decrypt and verify inbound files.
PGP encryption protects the contents of a file. PGP signatures verify the authenticity of the file’s sender and provides non-repudiation, which prevents the sender from claiming that he or she did not actually send the file.
OpenPGP keys are created as private key pairs, which must be kept secret and never distributed. The public portion of an OpenPGP key pair can be exported to a file to be sent to trading partners. When you establish a relationship with a trading partner, you send each other only OpenPGP public keys.
You can create OpenPGP key pairs and export OpenPGP public keys to send to your trading partner using Diplomat OpenPGP Community Edition, a free PGP automation tool.
PGP vs. OpenPGP: Encryption & Automation Solutions
OpenPGP is a standard that defines formats for encryption keys and messages.
PGP™ is a trademarked term used by Symantec Corporation for their OpenPGP-compliant products, such as Symantec PGP Command Line.
Many commercial products like McAfee E-Business Server and free products like Diplomat OpenPGP Community Edition comply with the OpenPGP standard.
OpenPGP-compliant products are compatible such that:
- Keys created by an OpenPGP-compliant application can be imported and used by other OpenPGP-compliant applications. More on how to use PGP keys »
- Files encrypted or signed by an OpenPGP-compliant application can be decrypted or verified by other OpenPGP-compliant applications.
- Additional file transformations covered by the OpenPGP standard, such as ASCII-armoring, canonicalization, and compression, are also compatible between OpenPGP-compliant applications.
PGP™ is a standard for encrypting data. Because Coviant Software uses PGP to encrypt the files it sends and receives, we get a lot of questions about it. Here are the most frequently asked questions we get about PGP and their corresponding answers. For more on PGP Encryption, please visit our dedicated page by clicking here>>
FAQs & Explanations
How do you automate PGP encryption and decryption?
PGP encryption is often handled by complex command line applications, which can be confusing and hard to remember, resulting in complex and fragile scripted solutions. As a part of the secure managed file transfer process, Diplomat MFT serves as a simple PGP encryption solution that enables automated no-code encryption, decryption, signing, and verification with an intuitive interface.
Open-source PGP encryption tools like GnuPG (GPG) can be effective, but the reliance upon scripting–and the individuals who build and maintain those scripts–introduces fragility that weakens security and increases a company’s risk profile.
What is the difference between PGP and GPG?
GPG is short for “GnuPG,” an open source implementation of the PGP protocol that provides a command line interface to perform PGP encryption, decryption, signing, verifying, and key management operations.
What can I use instead of PGP?
Because OpenPGP is an open, standard format for data encryption, there are many tools out there which can be used to do required PGP operations. Tools like Diplomat MFT make using PGP point-and-click easy, so there’s no need to use more complicated encryption processes.
Can I decrypt PGP with GPG?
GPG can be used to decrypt PGP files because it conforms to the OpenPGP standard. Any message that is encrypted in the OpenPGP format can be decrypted by GPG or any other standard conforming tool, like Diplomat MFT, which automates the use of proper command line syntax for the various operations like encrypting, decrypting, signing, and verifying.
What algorithm does PGP use?
The OpenPGP standard lists multiple algorithms for public key algorithms, including RSA, Elgamal, and DSA.
The OpenPGP standard lists multiple algorithms for symmetric data encryption, including 3DES, IDEA, CAST5, BlowFish, TwoFish, AES (128,192, and 256-bit), and Camellia (128, 192, and 256-bit).
The OpenPGP standard lists multiple algorithms for hashes on the data (which are used for integrity checking and signatures), including MD5, SHA-1, RIPE-MD/160, and SHA2 (224, 256, 384, and 512-bit).
The OpenPGP standard lists multiple algorithms for data compression, including ZIP, ZLIP, and BZIP2.
It is important to note that only a few of these algorithms–DSA and Elgamal; 3DES; and SHA-1–are required to be implemented by the OpenPGP Standard. However, this minimal requirement is regarded as insecure because algorithms like 3DES and SHA-1 are considered “broken.” Fortunately, many PGP implementations, such as Diplomat MFT, support all the algorithms of the OpenPGP standard public key algorithms (and a few additional ones, like Elliptic Curve). Diplomat MFT is one such software that supports modern, secure algorithms in its PGP library.