IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [pgp]

PGP is short for "Pretty Good Privacy". It is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security of e-mail communications.

PGP is short for "Pretty Good Privacy". It is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication. PGP is often used for signing, encrypting and decrypting texts, E-mails, files, directories and whole disk partitions to increase the security of e-mail communications.

713 questions
33
votes
5 answers

Can I get a public key from PGP signature?

I have a PGP signature of a known message. However, I am not sure who signed it. Can I get the public key - or, at least, the fingerprint/other way of searching for it on a public keyserver - just from the message and a signature? Example: I have…
Karel Bílek
  • 766
  • 1
  • 8
  • 18
32
votes
2 answers

What information is leaked from an OpenPGP encrypted file?

If an attacker obtains a file that has been encrypted using an OpenPGP public key, what information can the attacker deduce? For example, to what degree of certainty can the attacker deduce the identity of the intended recipient?
Flimm
  • 1,280
  • 3
  • 13
  • 23
23
votes
2 answers

Lost my PGP private key, what's next?

I have created a PGP key using GPGTools, and published it a while ago. Things are: I have no longer access to my secret key. Indeed, I unfortunately formatted the wrong drive (encryption was and is enabled). And because I'm that kind of guy, I have…
CallMeStupid
  • 231
  • 1
  • 2
  • 3
16
votes
2 answers

Why are my gpg public key on my machine and on the key server different?

When I generated my PGP key using GnuPG, I had saved the public key as an ASCII version and uploaded that to the server. Now I can see the key on the keyserver but they are different blocks of data. I have a local copy of the above key obtained…
hiteshradia
  • 261
  • 1
  • 5
10
votes
3 answers

How can PGP and openPGP be compatible?

PGP and openPGP use different encryption algorithms. As I understand, PGP uses IDEA to encrypt a message, then RSA to encrypt the IDEA key. If openPGP doesn't use IDEA, how can it read PGP-encrypted messages?
user420
  • 101
  • 1
  • 3
10
votes
2 answers

Recipient non-repudiation in secure e-mail transport

PGP works well to provide many key aspects of information security; message confidentiality and integrity, sender and recipient authenticity, and sender non-repudiation (the sender, who has digitally signed the message using their own private key,…
KeithS
  • 6,768
  • 1
  • 24
  • 40
10
votes
2 answers

What's the chance of two PGP keys being exactly identical?

In the real world, millions of PGP keys are created every day, what is the probability (chance) of creating two identical keys? In different places, by different people?
coinalty
  • 103
  • 4
9
votes
4 answers

Can a PGP private key be deduced if the email text is known?

Suppose I send a PGP-encrypted email to person A, and the same email (same subject line, same message text) unencrypted to person B. Suppose a secret service intercepts both messages. The secret service rightly assumes from the identical subject…
Ydobemos
  • 93
  • 1
  • 4
8
votes
1 answer

What to do with a PGP/GPG key to which I've lost the private key?

I created a private key with an Android app I'm no longer using. I had uploaded the public key to the keyservers without setting an expiry date. I later deinstalled that app, and deinstalling apparently deleted the private key, or else I can't find…
Turion
  • 243
  • 1
  • 6
8
votes
2 answers

gpg --perfect-code

By default gpg use CAST5 with SHA1 (not so good) as it had AES256 and hash512! Now I want to use the perfect code to encrypt my files for both symmetric & asymmetric For symmetric encryption I use this code: gpg -c --s2k-cipher-algo AES256…
user195971
  • 81
  • 1
  • 2
7
votes
3 answers

Is it possible to verify a PGP-signed and encrypted message without decrypting it?

Let's assume I have a PGP message and I want to know who sent it, is it possible to do it if I have the RSA encrypted message, two possible senders (and their public keys that they signed and encrypted with) but I don't have the private keys? It…
ter345
  • 71
  • 1
  • 2
7
votes
2 answers

How to verify PGP signature with signing key

I have to download a program with a PGP signature and a signing key (Public Key) How do I check the program with signing key?
567hz
  • 73
  • 1
  • 1
  • 6
6
votes
1 answer

OpenPGP keyserver URLs: what are typical or meaningful use-cases?

i'm getting re-acquainted with OpenPGP and noticed that GnuPG allows me to store a "preferred keyserver" URL in my keys: reuben@localhost:~$ gpg2 --edit-key 'Reuben NP Garrett ' gpg> help .. keyserver set the…
RubyTuesdayDONO
  • 163
  • 1
  • 5
6
votes
3 answers

Sharing PGP keys

We're trying to create a secure communication channel for our company security team, and having a public displayed PGP public key on our website is a nice to have (as Apple and AWS do). The problem is, the key will need to be shared with the entire…
greenboxal
  • 163
  • 1
  • 4
5
votes
2 answers

PGP question decrypting my own message from 2 days ago

I have recently started using pgp and am still in the infancy stages with knowledge. i sent a friend an encrypted message using pgp4usb. a few days later they responded, with relevant info, being able to read and decrypt my message. by this point i…
user68573
  • 51
  • 1
  • 2
1
2 3 4