This very brief tutorial is for beginners who have
not used encryption tools before.
There are two types of encryption methods:
symmetric and asymmetric.
1) Symmetric Password Based Encryption -
This is the simplest form of encryption. It is a symmetrical
encryption method. The same password is used to encrypt and decrypt
the data (or the file). This method is useful to encrypt sensitive
information for yourself, or for family, or for a few trusted
friends or coworkers.
2) Symmetric Secret Key Based Encryption
This is the simplest form of key based
encryption. It is a symmetrical encryption method. The same secret
key file is used to encrypt and decrypt the data (or the file).
This is not a very commonly used technique.
3) Assymetric public/private Key Based
A public key file is used to encrypt the
data. The corresponding private key file is used to decrypt the
data. Only you should have access to your private key. You can
distribute your public key to anyone who needs to send you data.
This is the technique that is most commonly used in corporations.
This is the most popular encryption
method. Many corporations employ OpenPGP encryption to exchange or
store sensitive data.
To get started you would need to create an
OpenPGP Key pair. The private key should be stored carefully. The
public key should be distributed to your friends, collegues,
customers or clients etc..
Encrypting and Decrypting files
Your customers or clients can use your
public key to encrypt a file.. Then email the encrypted file to
you. The encrypted file can only be decrypted by your private key.
If the email is intercepted, no one will be able to decrypt the file
since they do not have your private key. Similarly if you need to
send a file to a client, you should use the clients public key to
encrypt the file. Only your client has his private key to decrypt
Signing and Verifying files
To confirm that you have sent the file,
you should use your private key to sign the file. Your clients can
then use your public key to verify that the file was sent by you.
Encrypt & Sign
OpenPGP software normally support one step
encrypt and sign. This allows you to encrypt a file using the
recipients public key. At the same time, this also signs the file
with your private key. When the recipient receives this file, he
can use his private key to decrypt the file, and use your public
key to verify that it was indeed sent by you.