Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
GNU Privacy Guard
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Overview == GnuPG is a [[Hybrid cryptosystem|hybrid-encryption]] software program because it uses a combination of conventional [[symmetric-key algorithm|symmetric-key cryptography]] for speed, and [[public-key cryptography]] for ease of secure key exchange, typically by using the recipient's public key to encrypt a [[session key]] which is used only once. This mode of operation is part of the OpenPGP standard and has been part of PGP from its first version. The GnuPG 1.x series uses an integrated cryptographic library, while the GnuPG 2.x series replaces this with [[Libgcrypt]]. GnuPG encrypts messages using [[public-key cryptography|asymmetric key pairs]] individually generated by GnuPG users. The resulting public keys may be exchanged with other users in a variety of ways, such as Internet [[key server (cryptographic)|key servers]]. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ "owner" identity correspondences. It is also possible to add a cryptographic [[digital signature]] to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted. GnuPG also supports [[Symmetric-key algorithm|symmetric encryption]] algorithms. By default, GnuPG uses the [[Advanced Encryption Standard|AES]] symmetrical algorithm since version 2.1,<ref name="2.1.0-beta864-announcement">{{cite web |url=https://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000357.html |title=<nowiki>[Announce] The maybe final Beta for GnuPG 2.1</nowiki> |access-date=2019-03-28 |archive-url=https://web.archive.org/web/20190502211129/https://lists.gnupg.org/pipermail/gnupg-announce/2014q4/000357.html |archive-date=2019-05-02 |url-status=live }}</ref> [[CAST-128|CAST5]] was used in earlier versions. GnuPG does not use patented or otherwise restricted software or algorithms. Instead, GnuPG uses a variety of other, non-patented algorithms.<ref>{{cite web|url=https://www.gnupg.org/features.en.html|title=GnuPG Features|access-date=October 1, 2009|archive-url=https://web.archive.org/web/20091004174134/http://www.gnupg.org/features.en.html|archive-date=October 4, 2009|url-status=live}}</ref> For a long time, it did not support the [[International Data Encryption Algorithm|IDEA]] encryption algorithm used in PGP. It was in fact possible to use IDEA in GnuPG by downloading a plugin for it, however, this might require a license for some uses in countries in which IDEA was patented. Starting with versions 1.4.13 and 2.0.20, GnuPG supports IDEA because the last patent of IDEA expired in 2012. Support of IDEA is intended "to get rid of all the questions from folks either trying to decrypt old data or migrating keys from PGP to GnuPG",<ref>{{cite mailing list |last=Koch |first=Werner |title=GnuPG 1.4.13 released |publisher=gnupg-users |date=2012-12-21 |url=http://lists.gnupg.org/pipermail/gnupg-users/2012-December/045844.html |access-date=2013-05-19 |archive-url=https://web.archive.org/web/20130212065951/http://lists.gnupg.org/pipermail/gnupg-users/2012-December/045844.html |archive-date=2013-02-12 |url-status=live }}</ref> and hence is not recommended for regular use. More recent releases of GnuPG 2.x ("modern" and the now deprecated "stable" series) expose most cryptographic functions and algorithms [[Libgcrypt]] (its cryptography library) provides, including support for [[elliptic-curve cryptography]] (ECDH, ECDSA and EdDSA)<ref name="gnupg-2.1.0-announcement" /> in the "modern" series (i.e. since GnuPG 2.1). === Algorithms === As of 2.3 or 2.2 versions, GnuPG supports the following algorithms: ; [[Public-key cryptography|Public key]]: [[RSA (cryptosystem)|RSA]], [[ElGamal encryption|ElGamal]], [[Digital Signature Algorithm|DSA]], [[Elliptic-curve Diffie–Hellman|ECDH]] ([[Curve25519|cv25519]], [[Curve448|cv448]],{{efn|name=only2.3|only available in 2.3}} [[NIST Curve|nistp256, nistp384, nistp521]], [[ECC Brainpool|brainpoolP256r1, brainpoolP384r1, brainpoolP512r1]], secp256k1), [[Elliptic Curve Digital Signature Algorithm|ECDSA]] (nistp256, nistp384, nistp521, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, secp256k1), [[EdDSA]] (ed25519, ed448{{efn|name=only2.3}}) ; [[Symmetric-key algorithm|Cipher]]: [[Triple DES|3DES]], [[International Data Encryption Algorithm|IDEA]] (for backward compatibility), [[CAST-128|CAST5]], [[Blowfish (cipher)|Blowfish]], [[Twofish]], [[Advanced Encryption Standard|AES-128, AES-192, AES-256]], [[Camellia (cipher)|Camellia-128, -192 and -256]] ; [[Cryptographic hash function|Hash]]: [[MD5]], [[SHA-1]], [[RIPEMD|RIPEMD-160]], [[SHA-2|SHA-256, SHA-384, SHA-512, SHA-224]] ; [[Data compression|Compression]]: Uncompressed, [[ZIP (file format)|ZIP]], [[zlib|ZLIB]], [[bzip2|BZIP2]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)