Computer Science @ PENN

java 1.5 api | java 1.4.2 api | slashdot | webmail | wikipedia
upenn.edu | directories | portal | van pelt library
seas.upenn.edu | engineering library
computer graphics & game dev (SIGGRAPH) | dining philosophers (DP) | science & tech wing (STWING) | women in cs (WICS)
CETS Answers |

Installing and Using PGP (and a little about it)

PGP stands for Pretty Good Privacy, and is an encryption scheme which offers (pretty good, in the sense that it's good until quantum computes come out) secure communication. This guide intends only the use of its simples encryption scheme, which is encryping and decrypting with the same password; however, PGP offers much more (see links).

In this case, we will be installing GnuPG (or GPG), the GNU Privacy Guard, which is a free / open source implementation of PGP.

See also, if you like:

Installation

Windows

Download and install the Windows binary from the GnuPG Download page. The executable file you download is a graphical installer; double-click it to install.

GnuPG is now available as a command line tool in the install directory you chose; by default, C:\Program Files\GNU\GnuPG. You can add this directory to your path, or move to this directory to use GnuPG.

MacOS X

Download and install Mac GPG (scroll down to the Files section and download the appropriate version). If the disk image (.dmg) doesn't automatically open, open it; run the installer. After installing, you can 'eject' the disk image and throw it away (or archive it for posterity).

Linux

Your system may come with GPG, and there may be binaries available, or you can build GPG from source. The GnuPG Downloads page has links to binaries for Debian, as well as links to rpms. GPG may also be available using apt_get, pkg_add, yum, or other similar too. (For example, Fedora Core comes with GnuPG, and under OpenBSD 3.7 you can simply do, as root: pkg_add ftp.openbsd.org/pub/OpenBSD/3.7/packages/i386/gnupg-1.4.0p0.tgz .)

Encryption

To encrypt a file, use this command: gpg --armor --symmetric filename

This tells GPG to encrypt with a symmetric cipher, and will ascii-armor the result (not really necessary, but nice if you want to paste the result into an e-mail instead of attaching it, for example). The default output will be filename.asc.

Under MacOS X (and similarly for Unix/Linux), open Applications > Utilities > Terminal. Change your current directory to that of the file you want to encrypt by typing "cd " (with a space after it), dragging the folder (or its icon from the window's title bar) containing the file into the Terminal window, then hitting return. Now type in the GPG command.

Under Windows, open Start > Programs > Accessories > Command Prompt. If you didn't add GPG to your path, you will need to be in the GPG install directory for this to work, and then either need to use the full path to the file in question, or move it to the GPG install directory for encryption. For example, type cd "C:\Program Files\GNU\GnuPG", move your file to the same directory, and then type in the GPG command.

Decryption

To decrypt a file, use this command: gpg -d -o filename filename.asc

This tells GPG to decrypt a file, put the output in filename, and find the input in filename.asc

Again, change directory as appropriate so that the file (and gpg.exe under Windows) are accessible.

You will get a warning that the file was not integrity protected; this is okay, and simply means the file was not digitally signed.

Try it out

If you're looking for something to test your skills on, you can try decrypting this (ascii-armored, symmetric cipher). The password is "insecure". Note that if you don't specify an output file (with the -o flag), GPG will spit out the product of the decryption on stdout. (Likewise, you can supply the material to encrypt from stdin, terminated with an EOF, if you omit the input filename. You can also just put this in a new plaintext file and decrypt it from there.)

-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.1 (Darwin) jA0EAwMCOEY8LWZJIq5gyX8Q2Xm0nHJlwCleN3eFe8nMSlTus+svtntM6p/M72XF ymRNU5PUXukVxslHXOiESVW2qy1VtAmBfZ+xtHM1JH9jEZmvEHTt8Os9i+jE6fqD qjMqHNvamA6h4MLdqEC2uVl65g8uFITALPUIVeOxlsApDEPxcjnS+nd2iiUpkgGI =e9Hu - -----END PGP MESSAGE-----