The GNU Privacy Guard (GnuPG or GPG) is a free software replacement for the PGP suite of cryptographic software, released under the GNU General Public License. It is a part of the Free Software Foundation's GNU software project. GPG is completely compliant with the IETF standard for OpenPGP, and is supported by the German government. Current versions of PGP (and Veridis' Filecrypt) are interoperable with GPG and other OpenPGP-compliant systems. Although some older versions of PGP are also interoperable, not all features of newer software are supported by the older software. It is necessary for users to understand those incompatibilities and work around them.

History

GPG was initially developed by Werner Koch. Version 1.0.0 was released on September 7th, 1999. The German Federal Ministry of Economics and Technology has funded the documentation and the port to Microsoft Windows in 2000.

Because GPG is an OpenPGP standard compliant system, the history of OpenPGP is of importance. See both PGP and OpenPGP for more information.

Version 1.4.0 was released on 16 December 2004.

Users of GnuPG

GPG is stable, production-quality software. It is frequently included in free operating systems, such as FreeBSD, OpenBSD, and NetBSD and nearly all distributions of GNU/Linux.

Although the basic GPG program has a command line interface, there exist various front-ends that provide it with a graphical user interface; for example, it has been integrated into KMail and Evolution, the graphical email clients found in the most popular Linux desktops KDE and GNOME. A plugin known as Enigmail allows GPG to be integrated with Mozilla and Thunderbird, which works on Microsoft Windows as well as Linux and other operating systems. Note that, because the plugin mechanism is not part of GPG itself and not specified by the Open PGP standard, and because neither the GPG nor Open PGP developers were involved in their development, it is possible that GPG's security benefits could be compromised or even lost as a result of using such auxiliaries.

GPG can also be compiled for other platforms like Mac OS X and Windows. For Mac OS X, there is a free port called MacGPG which has been adapted to use the OS X user interface and its native class definitions. Cross compilation is not a trivial exercise, at least in part because security provisions vary with operating system and adapting to them is often tricky, but high quality compilers should routinely produce executables which will interoperate correctly with other GPG implementations.

How GPG works

GPG encrypts messages using asymmetric keypairs individually generated by GPG users. The resulting public keys can be exchanged with other users in a variety of ways, such as Internet keyservers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ 'owner' identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.

GPG does not use patented or otherwise restricted software or algorithms, including the IDEA encryption algorithm which has been present in PGP almost from the beginning. Instead, it uses a variety of other, non-patented algorithms such as ElGamal, CAST5, Triple DES (3DES), AES and Blowfish. It is still possible to use IDEA in GPG by downloading a plugin for it, however this may require getting a license for some uses in some countries in which IDEA is patented.

GPG is a hybrid encryption software program in that it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient's public key to encrypt a session key which is only used once. This mode of operation is part of the Open PGP standard and has been part of PGP from its first version.

Problems

The OpenPGP standard specifies several methods of digitally signing messages. Due to an error in a change to GPG intended to make one of those methods more efficient, a security vulnerability was introduced (Nguyen (http://www.di.ens.fr/~pnguyen), 2004). It affects only one method of digitally signing messages, only for some releases of GPG, and there were less than 1000 such keys listed on the key servers [1] (http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000160.html). Most people did not use this method, and were in any case discouraged from doing so, so the damage caused (if any, and none has been publicly reported) would appear to have been minimal. Support for this method has been removed from GPG versions released after this discovery. The episode illustrates the difficulty of correctly implementing cryptographic algorithms and protocols and including them in a cryptosystem.

See also

• PGP
• OpenPGP
• Asymmetric key algorithm
• Cryptosystem

References

• Phong Q. Nguyen (http://www.di.ens.fr/~pnguyen) "Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3." EUROCRYPT 2004: 555–570 (http://www.di.ens.fr/~pnguyen/pub.html#Ng04)

External links

• GNU Privacy Guard homepage (http://www.gnupg.org/)
• MacGPG homepage (http://macgpg.sf.net/)
• GnuPG's ElGamal signing keys compromised (http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000160.html)
• GPG tutorial for Linux and BSD (http://www.aei.ca/~pmatulis/pub/gpg.html)
• Graphical tutorial for Windows, Linux and others (http://dudu.dyn.2-h.org/gpg-enigmail-howto)
  • Email-oriented tutorial, using Enigmail, and Mozilla or Mozilla Thunderbird email clients.
  • Short two page tutorial on en/decryping files using public keys (http://www.somacon.com/blog/page7.php)