Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication
I fell in love with PGP at my first cryptography practical during my computer science studies. In fact, my first PGP root key was created during that practical in 2009.
PGP is notoriously unwieldy in day to day use. All the cryptographic principles are sound, but user experience of managing private keys, sub keys, expiry dates, identities and trust is awful, and bestow responsibilities on the user that require a substantial amount of knowledge and experience to be handled confidently.
The significance of strong, sovereign encrypted communication has been increasing in parallel with the rise of information systems and options of surveillance. End to end encryption is available on multiple platforms, but still require full trust in the (american) companies behind them. This is complicated even further because many of these companies have business incentives to profile the contents of your communications.
This is where PGP comes in. I like PGP for two things: 1) being able to encrypt files with my own keys without relying on any company, subscription or platform specific apps 2) creating cryptographic signatures to prove that content or messages I have created have actually been created by me.
encrypting per file
While there are many alternatives for 1) these solutions tend to work for large volumes, such as full disk encryption, full external hard drive encryption or volume encryption such as Mac containers or veracrypt volume files. That’s great and all, but once your volumes are mounted and active, they are easily readable by any malware or infostealer.
Encrypting sensitive files per file ensures files stay encrypted when you are not actively working with them, protecting them from malware and infostealers. Also, encryption volumes almost exclusively work with passphrases, which you have to enter each time you need them and guess what: people pick shorter, easier to remember passwords for those.
sign cryptographic signatures
Verifying the the integrity of a message with cryptographic signatures means that we can verify if a message was indeed created by the identity that claims to have sent the message. This might seem trivial at first, and has been trivial thanks to identiteit verification by companies such as Google and Meta and the trust we have/had put in the integrity of these companies.
In the era of social media, disinformation campaigns and rising use of generative AI to fabricate increasingly convincing text, images and videos, cryptographic signatures are one of the few ways we have to verify independently wether we can trust the origin of a specific message.
private keys on hardware devices
To further protect ourselves from malware and infostealers we can move our private (sub)keys onto portable hardware devices such as yubikeys to avoid exposing our private keys as plain text files on our filesystems. An added benefit is that we can then carry our keys with us in person, allowing us to sign and encrypt messages on any device or platform in our vicinity and increase the trust others can put into the authenticity of the key signatures.
recent insurrections of PGP
PGP caught my eye again when I received an email from a Proton account, that was automatically signed with a PGP key. After investigating, it turns out all proton emailaddresses are supplied with a PGP key to at least sign each message, and when the recipient is known also automatically encrypt with PGP messages. I thought this was really cool and a great step forward, save for the fact that the private keys have to be submitted to proton to use this feature in their websoftware, so no use of hardware devices yet
The second insurrection of PGP I witnessed was Delta Chat, a secure messaging application built on existing protocols such as email and PGP. Here, the use of keys is completely abstracted away, using autoencrypt protocol to discover public keys and encrypt all messages. I think it’s a neat solution to ensure E2E encryption.
on quantum safety
PGP’s suite of encyption ciphers do not include a quantum safe variant yet. There is an openPGP spec being written that implements the quantum safe ML-KEM cipher, which I’ll be keeping a close eye on and switch to these keys as soon as posssible to avoid harvest now decrypt later attacks.