What is Open PGP?
PGP is the backbone of Open PGP. It is an open source standard that allows PGP to be used in software that is typically free to the public. The term "Open PGP" is often applied to tools, features, or solutions that support open source PGP Encryption technology. It is Internet Engineering Task Force (IETF) approved.
Open PGP file encryption techniques enables you to store sensitive information or transmit information across non-secure networks, such as the internet or email, so that it cannot be read by anyone except the intended recipient.
Although essentially the same thing, Open PGP and PGP differ. Open PGP differs from PGP because Open PGP is a standard that defines formats for encryption keys and messages, while PGP itself is a trademarked term and proprietary solution owned by Symantec.
More Terms to Know – GoAnywhere Glossary
What is PGP?
PGP, or Pretty Good Privacy, is one of the most popular encryption methods used today. It is used by banks, financial institutions, healthcare organizations, and other highly regulated industries to safeguard their most sensitive files with a heightened level of data loss protection.
PGP was created in the 1990s and is currently owned by security software company Symantec. Over the years, PGP has been improved and updated, making it the standard option for file encryption today and a fitting solution for modern cybersecurity needs. It is considered one of the safest cryptographic technologies for signing, encrypting, and decrypting sensitive data.
Related Reading: PGP vs. GPG: What's the Difference?
What is PGP Encryption?
PGP encryption is a data encryption methodology used for encrypting, decrypting, and authenticating digital files and online communication. It uses a combination of encryption methodologies such as hashing, data compression, symmetric private-key cryptography, and asymmetric public-key cryptography to keep data secure. PGP encryption can be used to secure text files, emails, data files, directories, and disk partitions.
How Does PGP Encryption Work?
PGP encryption provides the essential privacy missing from online communication by transforming plain, readable text into a complex code of characters that are unreadable. The outlet of communication (email, file, etc.) travels to the destination of recipient in this cyphered form. The recipient then uses PGP to decrypt the message back into readable form. PGP encryption is done via software applications.
In this system, each user has an encryption key that is publicly known and can be provided to the recipient, as well as a private key that is known only to each user and should be kept secret. The public key encrypts the message or file, while the private key decrypts.
For sending files, more specifically, the sender will need to have access to the recipient’s public key first before they can send their files. Once the file is compressed, PGP will efficiently encrypt the plaintext with private key cryptography, turning the message into ciphertext. The session key is then encrypted using the sender’s public key. Once the recipient has received the encrypted file, they can decrypt it using their private key.
This encryption standard addresses the issues of data authentication and non-repudiation through the ability to "sign" files via embedded digital signatures. Digital signatures use public-key cryptography to authenticate that data is coming from the source it claims to be from and has not been tampered with. Digital signatures are sent alongside the message body and work by using an algorithm to combine the sender’s private key with the data they are authenticating. The process makes digital signatures essentially impossible to forge unless the private key has been compromised.
What is GPG?
GPG, or GnuPG (GNU Privacy Guard), is a different implementation of the Open PGP standard and is a strong alternative to Symantec’s official PGP software. GPG was developed by Werner Koch and released in 1999 as an alternative to Symantec’s software suite and encryption tools. It’s available as a free software download and is based on the Open PGP encryption standards established by the IETF.
GPG is defined by RFC 4880 (the official name for the Open PGP standard). GPG can open and decrypt files encrypted by PGP or Open PGP, meaning it works well with other products. It provides an interface for users to easily encrypt their files.
Learn More: OpenPGP, PGP, and GPG: What's the Difference?
How does GoAnywhere MFT use Open PGP Encryption?
GoAnywhere Managed File Transfer (MFT) is compliant with the Open PGP encryption standard and addresses the privacy and integrity of the data you exchange with external trading partners, customers, clients, vendors, and internal users.
GoAnywhere MFT can PGP encrypt and decrypt tasks for any kind of file. This includes encryption/decryption for CSV files. GoAnywhere can translate files to a variety of formats as well, like EDI X12, XML, Excel, Delimited Text, Fixed-Width Text, and JSON, as well as handle volumes exceeding thousands of files a day.
GoAnywhere allows users to work with both public and private keys. From within a Key Vault, you can create PGP keys, view key information, and export or import keys. These keys can be utilized within GoAnywhere for automating Open PGP file encryption and decryption processes.
GoAnywhere MFT provides robust support for PGP. It not only allows users to encrypt, decrypt, and sign files, they can automate workflows, verify digital signatures, and integrate with existing applications, programs, and scripts. It also:
GoAnywhere can be installed on a variety of platforms to perform Open PGP encryption and decryption processes including Windows, Linux, Mac OS, and more. A comprehensive Open PGP Key Management System (KMS) is also provided in GoAnywhere MFT. This allows users to access an intuitive-based interface and manage PGP public and private keys, as well as certificates. They can create role-based permissions and import, export, modify, and share PGP keys.
If you need to automate your encryption/decryption process and exchanging of files, GoAnywhere is a superb secure option. However, if you need to manually encrypt/decrypt a low number of files, our free file software utility Open PGP Studio is a great resource.
PGP is "Pretty Good," but Open PGP Studio is Better
Give our software a try by downloading our free solution.