A. Getting to know Gpg4win
- About Gpg4win
- Gpg4win Components
- System Requirements
- The aim of the Gpg4win Initiative
B. Gpg4win Tutorial
- How to Download Gpg4win Application
- How to Install Gpg4win Application
- How to Use Gpg4win
A.1. About Gpg4win
Gpg4win (GNU Privacy Guard for Windows) is encryption software for files and email.
Gpg4win allows users to secure emails and files by encrypting and locking them with a digital signature. Encryption serves to protect the contents of letters and files from unwanted readers, while the digital signature is used as the validity of the sender of the letter.
Gpg4win supports both relevant cryptographic standards, such as OpenPGP and S/MIME (X.509), and is the official GnuPG distribution for Windows. It is maintained by the GnuPG developers. Gpg4win and the software included with Gpg4win are Free Software (Open Source; among other things free for all commercial and non-commercial purposes).
The creation of Gpg4win was supported by the German Federal Office for Information Security (BSI).
A.2. Gpg4win Components
- Gpg4win is an installer for Windows and contains several Free Software components: - GnuPG is the Core of the actual encryption tool.
- Kleopatra is a Certificate manager for OpenPGP and X.509 (S/MIME) and a general crypto dialog.
- GPA is an alternative certificate manager for OpenPGP and X.509 (S/MIME).
- GpgOL is a plugin for Microsoft Outlook 2003/2007/2010/2013 (email encryption).
- GpgEX is a plugin for Microsoft Explorer (file encryption).
- Claws Mail is a complete email app with crypto support.
- Gpg4win Compendium is a Documentation (for beginners and advanced users), available in English and German.
A.3. System Requirements
Gpg4win runs on Windows XP, Vista, 7 and 8. Both 32bit and 64bit systems. GpgOL Outlook Plugin is compatible with Microsoft Outlook 2003, 2007, 2010 and 2013 (32bit only!). GpgOL only supports MS Exchange Server in Outlook 2010 and 2013 only.
A.4. Objectives of the Gpg4win Initiative
- The Gpg4win Initiative aims to provide a Gpg4win installation package for Windows including the GnuPG encryption tools and associated applications. Documentation ("Gpg4win Compendium") is still maintained as part of the effort.
- Both OpenPGP and S/MIME should be supported in an integrated manner.
- Gpg4win is an international effort. Since the Initiative's origins are entirely in German, additional translators are welcome!
- A major achievement of Gpg4win is its focus on development, which allows for periodic updates. The best development runs on GNU/Linux systems. Almost all software components are automatically cross-compiled for integration into the installer. So Gpg4win does not depend on one person manually creating the installer.
B.1. How to Download Gpg4win Application
- Visit the Official Gpg4win Web at http://gpg4win.org
- Open the download page on the menu bar, then select the full version installer package;
[
B.2. How to Install Gpg4win Application
1. Run Gpg4win installer,
2. Language selection, please select English or a language you can understand,
3. Welcome to Gpg4win Installation
Gpg4win is an installer package that runs on the Windows operating system and functions to encrypt emails and files using the core components of GnuPG for Windows. Supported by two relevant cryptographic standards such as OpenGpg and s/mime. Gpg4win and the accompanying software are free software. (click next)
4. License Agreement
License Agreement
This software is under the terms of the GPL General Public License (GPL). (click next)
5. Gpg4win components are optional. The description of each component is reviewed in point A.2. in this paper. (select all components and click next)
6. Determine the Installation Location. Leave the Destination Folder as the default setting or in the Program File directory on the system C:/
7. Start Links Options. Place the Gpg4win start links on your PC desktop, to make it easier and faster to reach. (select desktop then next)
8. Wait until the installation process is completed, (then select next >> Finish)
B.3. How to Use Gpg4win
1. Run Kleopatra, which is the start link that we previously placed on the desktop,
2. You will see the main screen of Kleopatra - administrative certificate:
At first, this image will look empty, because you haven't created or imported any certificates yet.
3. Click File! >> New Certificate. The next dialog provides you with two certificate formats; OpenPGP (PGP/MIME) or X.509 (S/MIME).
In the Certificate Options dialog, click [ Create personal OpenPGP key pair ]. Then enter your email address and your name, the contact will be visible to the public, you can also provide comments on the key pair (public and private), but in general this comment field is left blank. For example, you can see the image below:
Advanced settings are required in exceptional cases. For more information, see the Kleopatra handbook (via Help!Kleopatra handbook).
3. Click [ Next ]. You will see a list of key entries and settings for review purposes. If everything is correct, click [Create key].
Now for the most important part: entering your passphrase! To create a key pair, you will need to enter your personal password:
Please note that this window may have been opened in the background and not visible initially, so if the passphrase is not secure enough because it is indicated as too short (less than 8 characters) or does not contain a combination of numbers or special characters, the system will notify you. To ensure that you have not made any input errors, the system will ask you to enter the passphrase 2x. Press [OK] to confirm the key entry.
Now your OpenPGP pair is being created, this may take a few minutes.
Once a key pair has been successfully created, you will see the following dialog:
The 40-digit "fingerprint" of your OpenPGP certificate has just been generated, visible in the text field. This "fingerprint" is unique and no one else in the world has it.
4. Distribution of Public Certificates (Public Keys). Everyone can and should have a public certificate, because;
To exchange emails more securely, both partners must have each other's Recipient's public certificate. So if you want to send an encrypted email to someone, then you must have their public certificate, in order to encrypt your email. And in turn someone (the recipient) if they want to encrypt the email, then they must use their private certificate.
Various distribution methods:
- Directly via email to the desired correspondence partner
- Upload to OpenPGP certificate server
- Through your own site
- Via storage media such as USB
- Through social media, etc.
5. Export the public certificate by clicking File! >> Export certificates... then type the name of your public certificate file >> Export, then you will get a public certificate with the extension *.asc. This is the file that you will need to publish to your correspondence partners.
You can also share your public certificate in the form of its encrypted ID to be included in the email body, here's how; Right-click the .asc file >> Open with Notepad >> Select All >> Copy -- Paste. It will look like the example in the image below;
6. Email Encryption
Now it's even more interesting, because I'll show you how to send encrypted email; You need Outlook (or another email application that supports cryptography). After the Gpg4win installation is complete, the S/MIME function is enabled in GpgOL, if you want to disable S/MIME (with GnuPG), for example you want to manually use it in Outlook, then you just need to disable the S/MIME option in the GpgOL options dialog below;
7. Sending an Encrypted Message
- First, create a new message to send to someone.
- Second, select the extra product item Gpg4win, namely OpgOL >> Click Encrypt. as seen in the example below;
- When the Encrypt Icon is active >> Send Message
8. Opening an Encrypted Message
- First, Sign in using a private certificate
- Second, verify the message using Verify on the Extra GpgOL menu.
- Decrypt Message