PGP Introduction
PGP means: Pretty Good Privacy. It's an asymetric-encryption program, for encrypting or signing data made by Phil Zimmermann. When you're using PGP, you have a public-key and a private-key.
The public-key is like a mail address but cryptographically made you can share to anyone, people can encrypt data to your public-key or verify signed data to know it's authenticity.
Step 1 - Find a PGP manager
- Kleopatra (Linux)
- GPG4Win (Windows)
- GPGTools (MacOS)
- OpenKeychain (Android)
Step 2 - Make your keypair
Find a generate a new keypair function in your manager. It'll asks you a name and a mail (it's optionnal).
2.1 Selecting what asymmetric cryptography protocol to use
You can you with what protocol you use for your keypairs, for example: RSA, ECC, ed25519.
2.2 Adding a passphrase
The manager will ask you a passphrase (an additionnal private-key protection) you should not loose or you loose the access of the private-key.
Step 3 - Export your public-key
Click on your keypair, and find a share or export public-key function. The manager will display or export in a text-file your public-key (long string of data starting with ---BEGIN PGP PUBLIC KEY---). You can share this key to anyone.
Step 4 - Export/Backup your private-key
4.1 Exportation
Click on your keypair, and find a backup or export private-key function. The manager will display or export in a text-file your private-key (long string of data starting with ---BEGIN PGP PRIVATE KEY---). DO NOT SHARE THIS KEY.
4.2 Restore the private key
Find a "import" function and import the private-key file. You also can go in the notepad function (of your manager ONLY) and paste it the private-key. Put the passphrase when it's prompted, you'll again have the full access to your keypair.
Step 5 - Import a public-key
Ask a public-key (or generate an other one if you don't have friends like me lol), open the notepad and paste it the public-key. Click on import, and verify the fingerprint is the good one (someone can make a public-key with your name to impersonate you, impersonator's key will not have the same fingerprint than yours) before certifying the key.
- Here's my fingerprint for example: EDD9 6775 F105 E467 3DF9 F32F 0D2E F07A BD7E 18BD
Step 6 - Sign/Verify data
To sign, find a sign function in your manager, select the file you want to sign select your key to sign, you'll have a .sig file. For signing text, go to the notepad, put text and select the key for signing, you'll have a string of data starting by -----BEGIN PGP SIGNED MESSAGE-----