Have if another individual gets your private key. Key is one of the weakest points in GnuPG (and other public-keyĮncryption systems as well) since it is the only protection you There is no limit on the length of a passphrase, and it should beįrom the perspective of security, the passphrase to unlock the private You need a Passphrase to protect your private key. Private keys that you keep in your possession. GnuPG needs a passphrase to protect the primary and subordinate More contexts, e.g., as an employee at work and a political activistĪ user ID should be created carefully since it cannot be edited after To create additional user IDs if you want to use the key in two or Only one user ID is created when a key is created, but it is possible
You need a User-ID to identify your key the software constructs the user idįrom Real Name, Comment and Email Address in this form: The user ID is used to associate the key being created with a real You must provide a user ID in addition to the key parameters. Is created, it may be difficult to communicate a change Since although it is possible to change the expiration date after the key The expiration time should be chosen with care, however, Please specify how long the key should be valid.įor most users a key that does not expire is adequate. If Option 1 was chosen, the expiration date will be used for both the Once selected, the keysize can never be changed.įinally, you must choose an expiration date. Key size is increased, and a larger keysize may affect signature length. It would be cheaper to circumvent the encryption than try to break it.Īlso, encryption and decryption will be slower as the The longer the key the more secure it is against brute-force attacks,īut for almost all purposes the default keysize is adequate since Therefore, if Option 1 was chosen and you choose a keysize larger thanġ024 bits, the ElGamal key will have the requested size, but the DSA GnuPG, however, requires that keys be no smaller than 768 bits. The size of a DSA key must be between 5 bits, and an ElGamal In all cases it is possible to later add additional subkeys for encryptionįor most users the default option is fine. Keypair usable for both making signatures and performing encryption. Option 2 is similar but creates only a DSA keypair. Key must be capable of making signatures.Ī DSA keypair is the primary keypair usable only for making signatures.Īn ElGamal subordinate keypair is also created for encryption. GnuPG is able to create several different types of keypairs, but a primary
This is free software, and you are welcome to redistribute it This program comes with ABSOLUTELY NO WARRANTY. Gpg (GnuPG) 0.9.4 Copyright (C) 1999 Free Software Foundation, Inc. Management and the bundle can often be considered simply as one keypair. The primary and subordinate keypairs are bundled to facilitate key GnuPG uses a somewhat more sophisticated scheme in which a user hasĪ primary keypair and then zero or more additional subordinate keypairs. The public key may be given to anyone with whom the user wants to In a public-key system, each user has a pair of keys consisting ofĪ user's private key is kept secret it need never be revealed. GnuPG uses public-key cryptography so that users may communicate securely.
It also does not explain how to use GnuPG wisely. It does not explain in detail the concepts behind public-key cryptography, This includes keypair creation, exchanging and verifying keys, encryptingĪnd decrypting documents, and authenticating documents with digital This chapter is a quick-start guide that covers the core functionality GnuPG is a tool for secure communication.
FUTURE REVISIONS OF THIS LICENSE How to use this License for your documents Daily use of GnuPG Defining your security needs Choosing a key size Protecting your private key Selecting expiration dates and using subkeys Managing your web of trust Building your web of trust Using GnuPG legally 5. Key Management Managing your own keypair Key integrity Adding and deleting key components Revoking key components Updating a key's expiration time Validating other keys on your public keyring Trust in a key's owner Using trust to validate keys Distributing keys 4. Concepts Symmetric ciphers Public-key ciphers Hybrid ciphers Digital signatures 3. Getting Started Generating a new keypair Generating a revocation certificate Exchanging keys Exporting a public key Importing a public key Encrypting and decrypting documents Making and verifying signatures Clearsigned documents Detached signatures 2.