“This is the 28th day of my participation in the November Gwen Challenge. See details of the event: The Last Gwen Challenge 2021”.
Learning goals
- Master the installation method of PGP software;
- Master the methods of generating, backing up, and managing public and private keys;
- Master using PGP encryption information;
- Master the use of PGPDisk.
Study materials and equipment
Computer, LAN, PGP4win software.
Learning content and steps
See links to kleopatra/ GPG4win software use
Install the PGP4win software
- Double-click the PGP setup program and follow the installation wizard to install.
- In the User Type dialog box, select a value based on the actual situation. If you have used PGP before, click Yes, I already have Keyrings to import the key. To apply for a key when using PGP for the first time, click No, I am a new user.
- Click the “Next” button, the installation program will ask you which software support components to install, you can choose as required (
You are advised to select all options, as shown in the following figure) and click the Next button to complete the installation.
Generate and manage public and private key pairs
Generating a key pair
Before using PGP, you must create a public-private key pair. Among them, the public key can be distributed to people who need to communicate with it, so that they can use the public key to encrypt the message or verify the digital signature of the receiving message; The private key is kept by the user and can be used to unlock encrypted messages or sign messages sent. Double-click the Kleopatra icon on the desktop to go to the PGP start page. Click on the menuFile, the choice ofNew Certificate 
Create a personal OpenPGP key pair 
Authentication. The default public key algorithm is RSA, and the key length is 2048 bytes. You can select other encryption algorithms and key lengths.
Create Key.
PassphraseIn the corresponding text box, set a password of no less than 8 characters, and then inConfirmationEnter the password in the corresponding text box to check whether the password is correct.Passphrase QualityIndicates the quality of the password set by the user. The longer the green bar, the better the quality of the password set, as shown in the figure.
kleopatraThe generated certificate is displayed on the main screen.
Export key
Right-click on the generated key and selectExportExported with the extension ASC"Zhangsan. Asc"The public key file is shown in the following figure. The public key can be distributed by mail or through other secure channels to those who need to communicate with it.Note: Both communication partners must import and export keys.
Import the key
If you need to read a signed email or send an encrypted email to another person, you must have the public key of the other person. Assume that the communicators are Zhangsan and Lisi respectively. Lisi receives Zhangsan’s public keyzhangsan.ascAnd download it to your own computer. Click Import Certificate on the menu bar.
Next modify the credit level of the Zhangsan certificate, right click on the certificate and select Change Owner Trust, as shown in the figure below. I believe checks are very accute. In this case, Zhangsan’s Certificate is displayed as Trusted Certificate on the main page.
Encryption and decryption
For the file you want to encrypt, right click Sign and Encrypt as shown below. Zhangsan encrypts the file with lisi’s public key, and LISI decrypts the file with its own private key.
Signature and Verification
For the file you want to sign, right click Sign and Encrypt, then select Sign. Zhangsan uses its own private key to sign, lisi uses Zhangsan’s public key to verify the signature file.
Analysis and thinking
1) How do A and B operate when A sends A file to B for encrypted transmission? 2) How do A and B do to implement signature and authentication when A sends A file to B?