GPG Lab: Public Key Encryption


In this lab you will use a cryptosystem called PGP (Pretty Good Privacy) that is designed to keep your communications private. PGP uses asymmetric key encryption to provide confidentiality by keeping an attacker from reading the message, integrity by preventing an attacker from alerting the message, authentication by making it possible for the receiver to be sure of the sender and nonrepudiation by making it impossible for the sender to deny the message. That's pretty good!

Windows Installation

Download and install the GPG4Win program. It's friendly.

Mac OSX Installation

Download and install GPGTools for Mac

Linux Installation

On Linux GnuPG is installed using the package manager. In case you are without it simply run the command that matches your distribution:

$ sudo apt-get install gnupg 


$ sudo yum install gnupg 


You will start by generating a key pair. A public key that you will give to me with the assignment and a private key that you will keep safe and never share. Then you'll download a copy of my public key (that's attached to this page). Once you have my public key you can make a signed, private message to me by:

  1. Signing the message with your private key
  2. Encrypting the signed message with my public key.

How will I know you've done the project correctly? Remember: What you do with one key you undo with the other. I have your public key and my private key so I will:

  1. Decrypt what you send me with my private key.
  2. Un-sign the message with your public key (which you must turn in with the assignment)

Generating a Key Pair

When you have GnuPG installed on your system the first thing to do is generate a key pair. The process is somewhat different for Mac, Windows and Linux. You should generate a strong key using the RSA cipher with a key length of 4096 bits. When you generate a key GnuPG will ask you for your name and email address. Please at least fill your name out correctly so that I know who you are! On Windows the WinGPG installs a program called Kelopatra. The main screen looks like this:

Select File→New Certificate to bring up the new key dialog:

Generate a new Personal OpenPGP key pair. In the screen where you type in your name and email address there's an advanced settings button. Select it and change the key type to RSA + RSA 4096 bit. An optional passphrase can be used to secure your private key. If you intend to keep using your key pair be sure to enter a secure passpharse.

Install My Public Key

Download my public key that's attached at the bottom of this page. You can import it into WinGPG using the “Import Certificates” button. Once imported WinGPG will give you the option to send me an encrypted and signed message. WinGPG is meant to integrate with email, but can encrypt files too. Once you have my public key installed create a signed and encrypted message. Turn it in for credit

Turn In

Export your public key and upload it to Canvas. Without your public key I will not be able to read your message!

  • message.txt.gpg - The signed and encrypted message.
  • - Your public key


  • 10 points for your PUBLIC key
    • You will loose all 10 if you give me your private key!!!
  • 10 points for a signed message that I can decrypt