top of page
  • Writer's pictureotw

Getting Started with PGP for email

Welcome back, my aspiring cyberwarriors!

Pretty Good Privacy or PGP has been around for over 30 years and has proven that it is pretty good! PGP is used in many different environments but most widely in email.

The most common use for PGP is to enable people to confidentially send messages and data to each other using a combination of their public and private keys (PKI). It is often used to encrypt and decrypt emails, files, text messages, and entire disk partitions, and to authenticate digital certificates.

PGP can also used to authenticate messages and check for integrity. It can detect whether a message has been altered after it was written and whether it was sent by the person who claims to have sent it. PGP creates a digital signature for private and public keys to prove that a sender is the rightful owner of the message.

PGP can also be used to confirm that a message reaches the intended recipient. A user’s public key can be distributed in an identity certificate, which is constructed to ensure that tampering is easily detected. PGP products can also confirm whether a certificate belongs to someone, also known as the web of trust concept.

In this tutorial, Aircorridor will show you how to use OpenPGP in a Tails OS environment to keep your emails pretty private.

What is OpenPGP?

OpenPGP (also known as Open-Source PGP) was created by one of the PGP’s inventors, Phil Zimmerman, to overcome the patent restrictions that were preventing PGP's wide use. First developed as freeware in 1991, PGP encryption later became proprietary software and is now owned by Symantec.

One of the interesting developments in the history of PGP was the NSA challenge to PGP. Soon after Zimmerman released PGP, the NSA demanded a backdoor. To his credit, Zimmerman refused (the NSA asks for backdoors to all encryption schemes and believes they are entitled to them). The case went all the way to the U.S. Supreme Court before the NSA dropped the case. Many have speculated on why they dropped case after many years, but people believe one or the other motivated them;

  1. The NSA developed their own backdoor and no longer needed Zimmerman to grant them one

  2. The NSA feared they would lose the case and would no longer be automatically granted backdoors to all encryption schemes.

Zimmermann shared the message format for PGP with the wider community. Based on this, the OpenPGP standard was created in 1997, enabling anyone to write implementations that are compatible with other software that uses OpenPGP.

How does PGP work?

PGP combines data compression, password hashing, symmetric-key cryptography, and public-key cryptography to keep sensitive data secure. Let's imagine a scenario where John wants to send a private message to his friend Dave. PGP generates a public key and a private key for Dave, known as a key pair. These public and private keys are strings of bytes representing numbers that are mathematically related.

Dave can share his public key with anyone he wants. This key is like a lock that can only be opened with his private key. So, anyone can use his public key to send secret messages, but only Dave can unlock and read them with his private key.

So when John writes to Dave:

1. John uses Dave’s public key to encrypt his message into ciphertext – seemingly random characters that can’t be read.

2. John sends the message. Anyone who tries to read it in transit, like email providers, spies, or hackers, will only see unreadable ciphertext.

3. Dave receives the message and uses his private key to decrypt the message into readable plaintext.

4. To reply, Dave repeats the process using John’s public key. Only John can read it by decrypting it with his private key.

How to use PGP on Tails OS

Step #1: Create a Pair of Keys

To receive messages, you have to create a pair of Public/Private keys. To do so, open Kleopatra from the application menu.

Switch to the “Create a personal OpenPGP key pair”.

You can choose any name and email address. To change key strength and other settings click “Advanced Settings”.

As you can see below, you can designate various encryption schemes or varying strength.

Next, choose who would sign this cipher and for whom to encrypt it and click “Sign/Encrypt Notepad”.

Step #2: Message a Friend

Get your friend’s public key, including the lines where it says "BEGIN PGP PUBLIC KEY BLOCK" and "END PGP PUBLIC KEY BLOCK" and save it with extension .asc.

Then import the file to Kleopatra.

Click in Kleopatra on Notepad and write a message.

Choose who would sign this cipher and for whom to encrypt it and click “Sign/Encrypt Notepad”

To give someone else your public key, just right-click on the certificates and use “Export” to export the public key and “Export Secret Keys” to the export private key.

When the recipient receives it, they need to enter a passphrase to decrypt the cipher (of course if they have the private key).


This article explores the use of Pretty Good Privacy (PGP) encryption in Tails OS. PGP is a powerful tool for securing your digital communications and data. It can help you protect your data, communications, and online identities, making it an indispensable tool for those seeking heightened security in an era of increasing digital threats and privacy concerns.

bottom of page