PGP Encryption Explained: Complete Guide

PGP — Pretty Good Privacy — is a 1991 encryption standard that remains the backbone of secure communication on the dark web and in high-stakes journalism. It uses public-key cryptography: you publish a key anyone can use to encrypt a message to you, and hold a private key that only you can use to decrypt it. Thirty-three years after Phil Zimmermann wrote the first version, the underlying math has not been broken.

What PGP Is and How It Was Created

Phil Zimmermann released PGP as freeware in June 1991, making strong encryption available to ordinary people for the first time. The U.S. government immediately treated it as a problem: export control laws classified encryption software as munitions, and Zimmermann spent three years under federal criminal investigation before charges were dropped in 1996.

That legal battle turned PGP into a cause. The source code was published in book form — because books, unlike software, were protected by the First Amendment — and readers physically mailed pages across borders to reassemble the program abroad.

The OpenPGP standard was formalized in 1998 as RFC 4880 by the Internet Engineering Task Force (IETF), giving the protocol a vendor-neutral specification. The dominant open-source implementation today is GNU Privacy Guard (GPG), maintained by the GNU Project and funded in part by the German government. When people say "PGP" in practice, they almost always mean GPG.

How Public-Key Cryptography Works

PGP rests on asymmetric cryptography, which generates two mathematically linked keys: a public key you share freely, and a private key you never give to anyone.

Anything encrypted with your public key can only be decrypted with your private key. The relationship is a one-way trap door: trivial to go through in one direction, computationally infeasible to reverse without the private key. RSA encryption (the original PGP default) derives its security from the difficulty of factoring large primes. Elliptic-curve algorithms like Ed25519 achieve equivalent security with much shorter keys.

Signatures work in the opposite direction. You sign a message with your private key; anyone who has your public key can verify the signature is genuine. This proves the message came from you and has not been altered in transit.

Both operations happen in sequence for a fully secured message: your client encrypts the message with the recipient's public key, then signs the encrypted bundle with your private key. The recipient decrypts with their private key and verifies your signature.

PGP in Practice: Generating and Using Keys

The process below uses GPG, which ships by default on most Linux distributions and is available for macOS (via Homebrew or GPG Suite) and Windows (Gpg4win).

Step 1: Generate a key pair

Copygpg --full-generate-key

Choose RSA 4096-bit or Ed25519 when prompted. Set an expiry date — one to two years is standard practice, renewable before it lapses. Pick a strong passphrase that protects the private key on disk.

Step 2: Export and publish your public key

Copygpg --export --armor your@email.com > public.asc

Upload this file to a keyserver like keys.openpgp.org, or paste it into a forum profile, social bio, or website. Anyone who wants to encrypt a message for you imports this key.

Step 3: Import someone else's public key

Copygpg --import their-public-key.asc

Verify the key fingerprint matches what they've published somewhere you trust — over a different channel, in person, or via a signed Tweet. Key verification is the step most people skip and the one that matters most.

Step 4: Encrypt a message

Copygpg --encrypt --armor --recipient their@email.com message.txt

The --armor flag outputs ASCII text (PGP blocks starting with -----BEGIN PGP MESSAGE-----) rather than binary. Paste the output into any text field — email, forum post, market message.

Step 5: Decrypt a received message

Copygpg --decrypt message.asc

GPG prompts for your passphrase and outputs the plaintext. If the sender signed the message, GPG also reports whether the signature is valid.

Step 6: Revoke a compromised key

If your private key is ever exposed, generate and publish a revocation certificate immediately. Without it, the compromised key remains on keyservers indefinitely, and attackers may use it to impersonate you.

Copygpg --gen-revoke your@email.com > revoke.asc
gpg --import revoke.asc
gpg --send-keys your@email.com

PGP on Darknet Markets

PGP is not optional on serious darknet markets — it is the primary identity and security layer. Vendors publish their public keys on market profiles; buyers encrypt shipping addresses before sending them. An unencrypted address in a market message is readable by the platform administrators, law enforcement with a warrant, and anyone who compromises the market's database.

PGP-verified markets require vendors to sign their listings with the same key across sessions. This lets buyers confirm they are talking to the same vendor over time, even if the market goes down and the vendor moves. When a market exit-scams and relaunches on a new domain, a legitimate vendor will be able to prove continuity via their key; a scammer impersonating that vendor will not.

PGP 2FA adds another layer: the market encrypts a one-time code with your public key, and you must decrypt it to log in. Even if an attacker steals your password, they cannot authenticate without your private key.

Always verify a market's own PGP signature before trusting any URL claiming to be the official site. Phishing mirrors are common, and some explicitly imitate legitimate domains down to the design.

PGP for Journalists and Whistleblowers

SecureDrop, the open-source whistleblower submission platform maintained by the Freedom of the Press Foundation, uses PGP as its core content-encryption layer. A source submitting documents to a newsroom's SecureDrop instance encrypts those documents with the newsroom's PGP public key before they leave the source's machine. The journalist's private key — stored offline — is the only thing that can decrypt them.

Major newsrooms including The New York Times, The Guardian, and The Washington Post publish PGP public keys specifically for receiving sensitive tips. The Freedom of the Press Foundation's Key Directory lists verified newsroom keys.

On macOS, GPG Suite provides a system-integrated PGP interface with Mail.app support. On Windows, Gpg4win includes Kleopatra, a GUI for key management and encryption. On mobile, OpenKeychain (Android) integrates with K-9 Mail. None of these eliminate the need to understand the underlying model — but they lower the barrier significantly.

The most secure setup for a source is Tor Browser combined with Tails OS, submitting to SecureDrop entirely over the Tor network, with PGP-encrypted content. This protects anonymous email traffic at every layer.

PGP Key Management: Rotation, Revocation, and the Web of Trust

A PGP key pair without careful lifecycle management becomes a liability. Three practices separate secure users from those who create the illusion of security.

Key rotation: Keys should have an expiry date, typically 1–2 years. An expiry forces periodic review — if you lose access to your private key or it is compromised, the expiry prevents the orphaned public key from circulating indefinitely. Renew before expiry: gpg --edit-key your@email.com, then use expire to extend the validity period and save.

Key revocation: If your private key is ever exposed — hard drive seized, passphrase observed, keyfile stolen — generate and publish a revocation certificate immediately. This marks the key as invalid on all keyservers, preventing its continued use. Generate the revocation certificate when you first create the key pair (before anything happens to the key), store it offline, and only publish it if needed.

Web of Trust: PGP has no central certificate authority. Instead, users sign each other's keys to vouch for their authenticity. If Alice signs Bob's key, and you trust Alice's judgment, you can extend partial trust to Bob's key without meeting him. This decentralized model works well in established communities — GPG Keychain parties and journalist networks maintain active webs of trust — but breaks down for new users with no established connections.

For dark market use, the web of trust is less relevant: you are verifying a vendor's continuity (same key, session after session) rather than their real-world identity. On markets, key fingerprint consistency over time is the signal that matters.

Limitations of PGP

PGP encrypts content. It does not encrypt metadata. The email headers still reveal who sent a message to whom, at what time, and through which mail servers. For traffic analysis, this envelope is often more valuable than the content itself — a journalist who emails a known whistleblower's account is identifiable even if the message body is unreadable.

Key management is genuinely difficult. Users forget passphrases, lose private keys, fail to rotate expiring keys, or post their private key thinking it was the public key. Key verification — the step that prevents man-in-the-middle attacks — is skipped by most users most of the time, which undermines the security model significantly.

PGP offers no forward secrecy. If your private key is ever compromised, every past message encrypted to that key is retroactively decrypted. Signal and other modern protocols generate new encryption keys for each session, so a future compromise cannot unlock past conversations.

For most people exchanging sensitive messages day to day, Signal is the correct answer. PGP's role is specific: encrypting files and emails where the parties may not be online simultaneously, where persistent identity verification matters, and where integration with existing email infrastructure is required.

Good metadata hygiene matters alongside PGP. Knowing that a message was sent, even if the content is unreadable, can be enough to cause harm.

Frequently Asked Questions

What does PGP stand for?

PGP stands for Pretty Good Privacy. Phil Zimmermann chose the name as a deliberately modest description, referencing Ralph's Pretty Good Grocery from the radio program "A Prairie Home Companion."

Is PGP still secure in 2026?

Yes, for the algorithms in common use. RSA-4096 and Ed25519 key pairs remain cryptographically secure against known attacks, including those from classical computers. Quantum computing is a longer-term concern: RSA's factoring-based security is theoretically vulnerable to Shor's algorithm, which has not yet been implemented at a scale that threatens real-world key sizes. The IETF is working on post-quantum cryptography standards (NIST finalized FIPS 203/204/205 in 2024) that may eventually replace RSA in OpenPGP.

What is the difference between PGP and GPG?

PGP is the original standard and brand, now owned by Symantec. OpenPGP is the open protocol specification (RFC 4880). GPG (GNU Privacy Guard) is the dominant open-source implementation of that protocol. They are interoperable — a message encrypted with GPG can be decrypted with any OpenPGP-compliant tool, and vice versa.

How do I find someone's PGP public key?

Check the person's website, social media profile, or email signature. Search keyservers like keys.openpgp.org or keyserver.ubuntu.com by email address or key fingerprint. Always verify the fingerprint out-of-band — call them, check a second trusted source, or verify via a key-signing party. Never trust a key solely because a keyserver says it belongs to a particular email address.