PGP is a computer program that uses asymmetric and symmetric key encryption in tandem to encrypt the content of emails, files, instant messages, and even entire storage disks such as harddrives. PGP stands for Pretty Good Privacy and was originally written by Phil Zimmerman. Many other programs have been written to help PGP work more easily with other programs. For this tutorial, we will use WinPT (Windows Privacy Tools) .
- Download WinPT. Go to http://winpt.sourceforge.net/en/download.php and download the Windows Privacy Tools complete package. The latest version as of the day this tutorial was written is 1.0rc2. Install the package.
- WARNING: Be sure to write down or remember your password. This password cannot be retrieved.
Configure WinPT. The first time you run WinPT, the program will warn you that no keyrings could be found. Select "Have WinPT generate a new keypair." During this step, you will create the public and private keys essential to asymmetric key encryption. Enter your name, email address, and password when you are prompted for this information. When you complete this step, you should notice a new icon on your taskbar.
- Obtain public keys. In order to send encrypted email, you must possess the recipient's public key. You can obtain a person's public key by simply asking them for it. They may send it by email, instant message, or digital media such as a CD or USB thumb drive. You can also search for public keys by email address on a public key server such as the one maintained by MIT . The following is an example of a public key.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.5 (MingW32) - WinPT 0.2.1
Comment: For info see http://www.gnupg.org
-----END PGP PUBLIC KEY BLOCK-----
- Import public keys from a keyserver. Using WinPT, you can search for and import keys automatically. Right click on the WinPT taskbar and choose "Key Manager." Click on the keyserver menu. A new dialog will appear. Select the keyserver you want (.us is a good choice for people located in the USA) and make it your default by clicking on the "default" button. Now you can search by email or key ID by entering text in the text box and clicking "Search." Select the key that you want to add and click "Receive." You are now ready to send emails to that person.
- Import keys you have obtained from others.You can also use the Key Manager if you want to import public keys that are not located on a key server. First, find the key wherever you have saved it. This may be in a text file or email. Copy the key as shown above including the -----BEGIN PGP PUBLIC KEY BLOCK----- and -----END PGP PUBLIC KEY BLOCK----- lines. Right click on the WinPT taskbar and choose "Key Manager." Under the "Edit" menu, click "Paste." A dialogue will appear. Confirm that the name and email listed belong to the owner of the key you have requested to be imported, and click "Import."
- NOTE: Remember, you must encrypt an email with only the public key belonging to the recipient. If you encrypt an email with a public key not belonging to the recipient, the recipient will not be able to decrypt the email and read your message.
Encrypt an email. Compose an email to someone whose public key you possess. When you have finished the email and are ready to encrypt it, press <CTRL> <SHFT> E at the same time. A dialogue will appear, asking you to select a key. Select only the public key of the person to whom this email will be delivered.
- Decrypt an email. When you receive an encrypted email, you must decrypt it before you can read it. To decrypt an encrypted email, just press <CTRL> <SHFT> D. If it was encrypted with your public key, WinPT will use your private key to decrypt it.