PGP question

Discussion in 'Security, Privacy & Anonymity' started by deepsouthiron, Sep 20, 2015.

  1. deepsouthiron

    deepsouthiron Member Supporter

    okay. So I get the basics of how to do PGP encryption and that you need to share your public key with the recipient.

    My question is if you simply email the public key to them does that defeat the purpose of the encryption since anyone that may see that email now has the public key? Or does it not work that way?

    I guess another question to piggyback this one would be what is a better way to get someone the key?
  2. Bender83

    Bender83 Member

    doesn't really matter who has the public key. All that key is used for is to encrypt a message to its owner (you in this case). The private key is the one that you don't want ANYONE other than you to have access to.

    Just email it to them, you'll be ok.
  3. deepsouthiron

    deepsouthiron Member Supporter

    Maybe I don't get it then. I'm using mailvelope. I've created a key. I get that it creates a public key and a private key.

    I know how to create the message and encrypt it. I know how to export my public key. And your saying it's safe for anyone to have. So when I send the message how does the other party decrypt my message? I thought it was because I had sent them my public key. And if that's the cAse and anyone has it can anyone not see the message. Sure I'm missing something.
  4. Bender83

    Bender83 Member

    Public keys are used to encrypt messages that can only be decrypted by their matching private key. So for you to encrypt a message that only I can decrypt, you need to have MY public key and encrypt a email to me using that key. Likewise if I wanted to encrypt an email that only YOU can decrypt, I need to encrypt that email with YOUR public key.

    There are a few ways to give someone your key:

    1: Export it to the desktop (or wherever you want actually, it doesn't matter), it will create a .asc file with whatever name you associated with your key. Copy/send that file to whoever you need/want to have your public key.
    2: Export your public key to your desktop. Open that file in notepad, it'll look similar to this:

    Highlight and copy that entire text, you have to copy the whole thing EXACTLY , including the -----begin pgp key----- and -----end pgp key----- Paste that into the body of the email that you are sending.
    3: Upload your public key somewhere and include a download link in an email/pm

    All three accomplish the same thing.
    Nutpuncher, Seven and deepsouthiron like this.
  5. deepsouthiron

    deepsouthiron Member Supporter

    Dude. Perfect answer. That's what I was missing. I thought I encrypted with my public key which wouldn't make sense. I encrypt with your key and you encrypt with mine. That's why they can be shared because the private key that's paired unlocks it.

    Feel like an idiot but thanks for the reply.
  6. Bender83

    Bender83 Member

    No problem my man, glad it helped!