GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories.
Steps for getting started with GPG
Installing GPG software
Install the software for the OS where you will be exchanging secure email. Webmail (Google apps, gmail, yahoo, etc) users should use the "Web Browser" plugin Mailvelope.
Generating a Key
Each GPG user has a unique cryptographic key pair, which includes a public version and a private version.
- When a message is encrypted using a user's public key, only the person with a copy of the private key can decrypt that message. This ensures that an encrypted message cannot be read by someone else.
- When a message is encrypted with a user's private key, other people can verify that sender had the private key by decrypting the message with the public key. this is called "signing" a message.
To send and receive secure messages using GPG, you must generate your key pair. Software specific documentation:
Publishing your Key
Most GPG implementations allow you to easily publish your public key on a key server. This will allow people who know your email address to find your key and send you encrypted email. The most popular key server at EdX is pgp.mit.edu, but there are many others.
Sending Encrypted messages
Decrypting Encrypted messages