You can skip right to the installation for Windows or macOS. GnuPG is included in all major Linux distributions.
Introduction
GnuPG or “GNU Privacy Guard” is a free and open source implementation of the OpenPGP standard. GnuPG was first released in 1997, and has been actively developed and updated ever since. It is primarily used to secure communications between two or more people, however, you can encrypt any file for personal storage as well. Encryption can be done with the latest secure methods either by public key cryptography via RSA or ECC, or symmetric cryptography via AES or other ciphers.
Public Key Cryptography
Public key cryptography, also known as asymmetric cryptography, works by using someone else’s public key to encrypt information that they can decrypt with their private key. The idea is that only that person has possession and control of their private key, therefore you can be sure that they are the only person that can access the data. However, you should be sure that the public key you are using actually belongs to the intended recipient.
As a side note, you can use your private key to sign data so that the recipient knows that you sent it and that it hasn’t changed since you signed it.
Symmetric Key Cryptography
Symmetric key cryptography works by setting a password, and using that password in some cipher to encrypt data. The recipient would then use that password to decrypt the data. The issue here is that the recipient must first know the password. The other concern is that the recipient may not be the only one who knows the password, also the password could be brute-forced. As of this writing, GnuPG uses the AES256 cipher, so you know your data is secured, as long as the password isn’t compromised.
Installation on Windows
GnuPG can be installed on Windows through the official installer or via Gpg4Win. We’ll covering the official installer, as that is all that is needed for basic functionality. If you would like a graphical interface, you can use Gpg4Win if you choose.
- Visit https://gnupg.org/ftp/gcrypt/binary/ in your browser and select the most recent version.
- As of this writing the lastest installer is
gnupg-w32-2.3.3_20211012.exe
- As of this writing the lastest installer is
- Run the installer. You may need to provide administrator access.
- Open a terminal or powershell window.
- Type in
gpg --version- You should get something similar to:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
PS C:\Users\User> gpg --version
gpg (GnuPG) 2.3.3
libgcrypt 1.9.4
Copyright (C) 2021 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: C:\Users\User\AppData\Roaming\gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
AEAD: EAX, OCB
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
Installation on macOS
GnuPG can be installed on macOS through Homebrew, via GPGSuite or gpgOSX. I’ll be covering the Homebrew method, as that is all that is needed for basic functionality. If you would like a graphical interface, you can use GPGSuite if you choose.
- If Homebrew is not installed, follow the instructions at https://brew.sh
- Once Homebrew is installed run
brew install gnupgin a Terminal window. - Now that GnuPG is installed, run
gpg --versionin the terminal.- You should get something similar to:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
~/ > gpg --version
gpg (GnuPG) 2.3.3
libgcrypt 1.9.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /Users/User/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
AEAD: EAX, OCB
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2