General Encryption

Encryption is a cryptographic process that makes a document incomprehensible to unauthorized persons. Encrypting involves using mathematical algorithms with short data called “keys”, to encode other data. The two main types of encryption are symmetric encryption and asymmetric encryption:

1. Symmetric Encryption:

   • Uses the same key to encrypt and decrypt data.
   • Fast and efficient for encrypting large amounts of data.
   • Example: AES (Advanced Encryption Standard).

2. Asymmetric Encryption:

   • Uses a pair of keys: a public key to encrypt data and a private key to decrypt it.
   • More secure for key exchange and authentication.
   • Example: RSA (Rivest-Shamir-Adleman).

OpenPGP (Pretty Good Privacy)

OpenPGP is a set of specifications defined primarily by a dedicated working group within the IETF . These specifications combine symmetric and asymmetric encryption techniques to ensure the confidentiality, integrity, and authenticity of digital communications.

How OpenPGP Encryption Works:

1. Key Generation:

   • With pgpid , each user generates three pairs of keys: the public keys are shared at a minimum with correspondents. The private keys are kept secret and should never be on any connected system, other than security devices such as YubiKeys or NitroKeys.

2. Data Encryption:

   • The message is encrypted with a randomly generated symmetric session key.
   • The session key is then encrypted with the recipient’s dedicated public key.
   • The symmetrically encrypted message and the asymmetrically encrypted session key are sent to the recipient.

3. Data Decryption:

   • The recipient uses their security device (e.g., YubiKey) to decrypt the session key using their dedicated private key.
   • The session key is used by the application (e.g., email client) to decrypt the message.

Applications Using OpenPGP Encryption with security devices

Linux

• Claws Mail
• Evolution: Seahorse
• KMail: Kleopatra
• Mutt

Mac OS

• Apple Mail: GPGTools
• Mutt

Windows

• Claws Mail ⚠ untested ⚠
• Gpg4win ⚠ untested ⚠
• Postbox using Enigmail ⚠ untested ⚠

Android

• K-9 Mail: OpenKeychain
• FlowCrypt ⚠ untested ⚠

iOS

• FlowCrypt ⚠ untested ⚠

Applications that use and comply with OpenPGP specifications are powerful tools for securing communications and digital data in a world increasingly threatened by cyberattacks.