Linux World: How to install GnuPG

[ Thanks to proclus for this link. ]

"Traditional cryptographic schemes use secret keys. This is called symmetric-key cryptography since both the encoding and decoding use the same key. One problem with secret-key cryptography is that everyone must have access to the same key. Not only are there logistical problems getting the secret key to all concerned, but there is always the chance that it will be compromised. A relatively new type of encryption, based on public keys, largely avoids those pitfalls.

PGP and its clones (like GnuPG) use public key cryptography. Actually, they use both public and private keys to handle the encryption and decryption of messages. If you want to send an encrypted message to someone, all you need is his public key. Messages encrypted with a public key can only be decrypted with the private key associated with it. Public keys can appear anywhere, and in fact there are a number of public "keyring" servers that make them available for the asking. Private keys are kept private, and they are further protected by the requirement that a password (or pass phrase) be provided each time it is used to decrypt or sign a message.

Another popular use of encryption technology like PGP is to "sign" data. This adds a cryptographically secure signature block to a message or file. The signature represents a hash total of the data being signed and your public key. Thus others knowing your public key can verify that the message or data came from you, and that it has not been altered since you signed it."

Complete Story

Related Stories:

• Linux Journal: GPG: the Best Free Crypto You Aren't Using, Part I of II (Sep 09, 2001)
• LinuxSecurity.com: Using GnuPG with Pine(Apr 14, 2001)
• email.about.com: Using PGP with K Mail(Feb 11, 2001)
• Linux Gazette: Cryptography, PGP and Pine(Nov 25, 2000)
• Security Portal: An Introduction to Key Management(Oct 10, 2000)
• LinuxNewbie.org: Getting and Installing Command Line PGP(Aug 23, 2000)