We live in a post-Snowden world. For many, that means assuming none of your digital assets are safe from surveillance.
There are ways, however, to use the internet and insane mathematics in your favor to ensure that no one can see whatever it is that you're sending to someone else.
It's called PGP, which stands for "pretty good privacy," and it's a way to encrypt your messages. Encryption, at its most basic form, is a way to cypher a message so that if anyone that sees the data in transit they have no way to know what the message says. OpenPGP is the most popular standard for digital encryption.
In fact, Edward Snowden first contacted journalist Laura Poitras to inform her of his trove of documents using PGP.
So let's take a look at what PGP is and how easy it is to use.
So what is encryption?
Encryption is basically a way of jumbling digital data so that no one can see what it really says while it's being sent. For the purposes of this explainer, we're going to focus on what's called "public key encryption". This uses a multitude of cryptographic techniques to cipher every message using two factors that are constant to every person using PGP: a public key and a private key.
A public key is the information that is needed to encrypt a message. People wishing to receive encrypted messages make their public key readily available, as it's the only way for sources to begin the process of sending secure messages.
How it works
There are gui apps to do this process simpler and easier, but here we are using the Command Line to achieve the same.
First, you'll want to generate a key for yourself:
You'll be asked to enter a few details. Don't forget these details.
To list your public keys:
To list your private keys:
Now, let's say your name is John Doe, and you want to send a message to Jane Doe. This is how you would do it (note that all names used must be the names you see when listing the keys).
First, export your public key:
gpg --export --armor firstname.lastname@example.org > publickey.asc
Example: gpg --export --armor email@example.com > mypublickey.asc
gpg --export --armor yourname > publickey.asc
Example: gpg --export --armor John Doe > mypublickey.asc
Send this file to Jane Doe. Get her to do the same.
To import someone else's public key:
gpg --import publickey.asc
Now that you've imported Jane Doe's key, let's send her an encrypted message.
To encrypt a file to send to Jane Doe:
gpg --encrypt --recipient receiversname filename.txt
Example: gpg --encrypt --recipient Jane Doe secretmessage.txt
or, if the previous command doesn't work:
gpg -e -u "sender's name (you)" -r "name of the receiver's key" filename.txt
Example: gpg -e -u "John Doe" -r "Jane Doe" secretmessage.txt
This will create a file called secretmessage.txt.pgp. Send this to Jane Doe.
Now Jane has received your file. This is how she decrypts it:
To decrypt to command line (meaning that you'll only see the message in the command line, and it won't be saved decrypted to your hard drive):
gpg --decrypt filename.txt.gpg
To decrypt to disk: