OpenPGP encryption is a system to send data such as email messages securely. Businesses should ensure that they use such a system to encrypt and decrypt email messages.
Challenges with Email Security
The use of email is ubiquitous throughout the business world. In this environment, the issue of how to send and store emails securely is something that requires constant attention. Failure to do so can have catastrophic results.
Without encryption, email messages intended to be private may be intercepted and modified. This can leave the business open to malicious attacks and affect productivity. It is also necessary for businesses to be able to prove the senders and recipients of emails in various legal situations.
For these reasons, it is necessary for businesses to ensure that recipients can trust the sender, that no-one apart from the recipient can read the email, and that the message cannot be modified.
Pretty Good Privacy (PGP)
PGP stands for Pretty Good Privacy and is a computer program that encrypts and decrypts various forms of electronic data, including emails. PGP ensures several things: that the email can only be read by the intended recipient; that the recipient can trust the sender’s identity; that the message has not been modified; and that the sender’s identity is recorded. Open Source versions are know as GPG or GnuPG. The standard is named OpenPGP.
How PGP Works
To encrypt messages, PGP (like GPG, GnuPG or other OpenPGP implementations) uses two forms of encryption. The first, symmetric key cryptography, is a form of encryption where both sender and recipient are in possession of a secret key. The second form of encryption, public key cryptography, is also known as asymmetric cryptography because it utilises two different, but related, keys. One key is private while one is public. The public key is available to anyone wanting to send a secure message to someone in possession of the corresponding private key. The recipient then uses both the public and private keys to unlock the message.
gpg4o follows the OpenPGP standard, based on PGP, for encrypting emails. It is a secure system utilising asymmetric encryption with the combination of public and private keys.