What if we want to encrypt our own files, chat or email? For personal use, we can use an application called GPG (Gnu Privacy Guard). GPG is an implementation of the OpenPGP standard, which starts from the PGP application by Phil Zimmerman. Basically, GPG uses the principle of asymmetric encryption, which is encryption and decryption using two different keys.
We will have a ownership key (keypair), which is a private key and a public key. As the name implies, private keys must be kept secret, and public keys are usually distributed throughout the world. This public key and private key are created together and in pairs.
There are two main functions of the private key, namely:
• put a signature (digital signature) on the message / file that we send. Because this private key only belongs to us, if there is a signature created with the private key, the message / file can be ascertained from us.
• decrypt messages encrypted with their public key pairs. Everyone can get our public key, so everyone can encrypt the message he wants to send to us. Because only we have the private key, we can open the encrypted message.
Instead, there are two public key functions, namely:
• verify digital signatures. Everyone can get a public key, so we can make a message / announcement, then we sign using a private key, the community can ensure the message / announcement is actually received from us.
• encrypt messages / files intended for private key owners, only private key owners whose messages can be opened.
There are several things we usually do with keypair:
• Making (producing) keypair
• Save keypair in text form
• Keypair reserves
• Import keys into keyring
• Publish public keys
• ask for (revoke) keypair
Generate Key Pair
Before you can use GPG, you must first have a private and public key pair. We can make it using the following command
When the generate process is done, GPG will generate random numbers so that our keys are not easily guessed by people. The longer the key, the greater the random number needed (entropy). For this reason, during the key generation process, we are asked to do various activities that keep our computers busy. If the entropy is lacking, an error message will appear
Look at the contents of the keyring
We can see the contents of the keyring with the following command
Our keyring contains our own keypair, and can also be filled with other people’s public keys. Other people’s public keys will be useful if:
• We receive e-mails / messages / signature files. We need the sender’s public key to verify
• we want to send a secret message / file to that person. We need a public key to encrypt
Make a Revocation Certificate
For that, we create a revocation certificate (revocation) with the following command
gpg –gen-revoke -a [email protected] > trihesti.asc
This file needs to be maintained. If this file falls into the hands of pranksters, it can be used to cancel our public and private keys.
Export Public Key
The commands entered are:
gpg –export -a [email protected] > trihesti.asc
Use of Keypair
After we have the keypair, we can use it to:
• encryption / decryption and signatures on files
• encryption / decryption and signature on email
• backup encryption
GPG application on file
Following are the commands for file encryption
gpg -a –encrypt -r tri.hesti @ gmail.com ‘filename.txt The above command will create a file named filename.txt.asc To open encryption (decryption), follow the instructions
gpg –ecryptnamefile.txt.asc> result-decrypt.txt
GPG will ask for a password to open the private key. After that, the private key is used to decrypt the file. This desktop application can be configured to load private keys.
Initially, the most popular use of GPG was to sign the email. With a signature, the recipient can feel confident that the email was actually sent by a legitimate sender. In ancient times, people used to use mail client applications such as Thunderbird, Outlook, and the like.