DEV Community

Cover image for PGP - Create a Public/Private Key Pair(Part 2)
Humberto Arroyo
Humberto Arroyo

Posted on

PGP - Create a Public/Private Key Pair(Part 2)

As we mention in the previous post PGP is a popular solution for encrypting, decrypting, signing, and verifying messages and files, often found in email communications and package repository identity verification (because security matters).

In this post we'are gonna create Public/Private key pair to to encrypt and decrypt data.

Summary

  • Private key is a secret key that allows you to decrypt the messages.
  • Public key encrypts data for a specific receiver.
  • Install gnupg.
  • Generate Public/Private key pair.

Secret key cryptography is effective for communication over insecure channels as the piece of information or parameter used helps the information to encrypt and decrypt messages.

Private key is a secret key that allows you to decrypt the messages sent to you based on a public key. The private key can also be used to generate message and file signatures.

Public key converts to encrypt data and it's uses asymmetric algorithms. A person who has a public key can encrypt the message intended for a specific receiver. The receiver with the private key can only decode the message, which is encrypted by the public key. The public key is free to use.

If Ana and John want to exchange a secret message, Ana (the sender) will encrypt the message using John's (the recipient) public key. When John receives the message, he will decrypt the message with his private key. No other parties can decrypt the message unless they have John's private key.

How we can create GPG key pair keys?

  1. Install gnupg as our GPG client
brew install gnupg
Enter fullscreen mode Exit fullscreen mode
  1. Generate a GPG key pair
gpg --full-generate-key
Enter fullscreen mode Exit fullscreen mode

Generate key pair GPG

  1. At the prompt, specify the RSA(Rivest-Shamir-Adleman) key(option 1) and press Enter.

  2. At the prompt, specify the key size you want, or press Enter to accept the default.

  3. Enter the length of time the key should be valid. Press Enter to specify the default selection.

  4. Enter your user ID information.

  5. Paste the text below, substituting in the GPG key ID you'd like to use. In this example, the GPG key ID

  6. Get Private key, signer(sender of encrypt file) should be an email example: foo@foo.com

gpg --output private_key.pgp --armor --export-secret-key foo@foo.com
Enter fullscreen mode Exit fullscreen mode
  1. Get Public key:
gpg --output public_key.pgp --armor --export foo@foo.com

Enter fullscreen mode Exit fullscreen mode
  1. Optional: You can encode in base64 your key pherhaps to save in local environment. Run following command to get the private key encoded in base64
base64 private_key.pgp
//Output example: LS0tLS1CRUdJTiBQR1AgUFJJVkFURSBLRVkgQkxPQ0stLS0tLQoKbFFjWUJHTWphV0VC...
Enter fullscreen mode Exit fullscreen mode

Top comments (0)