How To Encrypt And Decrypt Data Using PGP – Working

Message Encryption Decryption
Message Encryption Decryption

Have you ever thought the importance to maintain privacy without intervention of outer world? To solve this problem we can use an encryption technique, Pretty Good Privacy Encryption is one of those technique.

You can check the Tutorial Video at the end of the Article

First Read Pretty Good Privacy (PGP) – A Program That Provides Data Encryption And Decryption

This technique is used for data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.

PGP is a popular solution for encrypting, decrypting, signing, and verifying messages and files, often found in email communications and package repository identity verification (because security matters).

PGP usability depends on the public/private keys pair encryption representation. A public key is the key which is known to everyone and can be used to encrypt a message. A private key just the opposite of public key in which it is known to the individual only.

PGP encryption uses a serial combination of hashing, data compression, symmetric-key cryptography, and finally public-key cryptography, each step uses one of several supported algorithms. Each public key is bound to a username or an e-mail address.

The first version of this system was generally known as a web of trust to contrast with the X.509 system, which uses a hierarchical approach based on certificate authority and which was added to PGP implementations later. Current versions of PGP encryption include both options through an automated key management server.

What is RSA?

RSA (Rivest, Shamir, and Adleman) is one of the best public key cryptographic algorithms in use today that ensures secure communication over networks. It is an asymmetric cryptography algorithm which means it uses two different keys i.e. Public key and Private key.

Let’s Start Working

Requirements

  • gpg4win
  • Notepad ++ (You can use simple Notepad too)

For windows we will use gpg4win.

  • Download and install gpg4win/Kleopatra from gpg4win.org
  • Open Kleopatra

  • Click on file -> New key pair

  • Click on Create a personal open key pair.

  • Provide your name and email details.
  • Go to Advanced settings – Select RSA settings then press ok and next

  • Confirm your settings and enter your passphrase then finish
  • Once created right click on the key and Export public key

  • To open the Public key with notepad ++

  • Then right click and Export Secret/Private Key

  • You can open them both with notepad ++

 

  • You can send or post your public key so that it is accessible to people who want to send you information.

SENDERS PERSPECTIVE

  • Copy the public key 
  • In your task bar, right click on the Kleopatra icon, go to ‘Clipboard’, then click ‘Certificate Import’.

ENCRYPTING A MESSAGE

  • Copy the message or text you want to encrypt
  • Go to kleopatra > Tools > Clipboard and click on Encrypt

  • Select Add Recipent
  • Select your Certificate > Ok
  • Done, you can now send the message paste it into notepad

DECRYPTING A MESSAGE

  • First copy the PGP (encrypted) message.
  • Open Kleopatra > Tools> Clipboard> and Decrypt/Verify

 

  • Enter passphrase and the message will be copied to your clipboard automatically just paste into notepad ++

PGP also has attack vectors based on CIA triad threats (confidentiality, Integrity and availability).  PGP is ideal for the sheer fact that so many people use email and it is one of the best solutions available, despite not being perfect. For instant messaging, it may even be better to use XMPP with OTR(Off the Record) encryption.

PGP can be used for encrypting, decrypting and signing messages and files. We can use command flags and carefully craft our messages to mitigate unnecessary information sharing. Less information is better; we should do what we can to limit the accessibility of our keys and identity on a need-to-know basis.

Watch Video Tutorial

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Subhashini Rai

Weevely – Post Exploitation Suite For Penetration Testing

Weevely is a web shell designed for post-exploitation purposes that can be...
Read More

Leave a Reply