The GNU Privacy Guard
GnuPG is a complete and free implementation of the OpenPGP standard asdefined by RFC4880 (also known as PGP). GnuPG allows you to encrypt andsign your data and communications; it features a versatile key managementsystem, along with access modules for all kinds of public keydirectories. GnuPG, also known as GPG, is a command line tool withfeatures for easy integration with other applications. A wealth offrontend applications and libraries are available. GnuPG alsoprovides support for S/MIME and Secure Shell (ssh).
GPG Keychain Access. GPG Preferences. Step 2: Install and configure. Double-click on the Mac GnuPG file you downloaded to launch the installer. Launch the “GnuPG for Mac OS X 1.4.7” package (this was the version at the time of writing this article) and follow the instructions to install GnuPG on your computer. Nov 07, 2018 11 Best Free TFTP Servers for Windows, Linux and Mac February 28, 2019 / by Jon Watson 10 Best SFTP and FTPS Servers Reviewed for 2020 February 27, 2019 / by Jon Watson 12 Best NetFlow Analyzers & Collector Tools for 2020 January 23, 2019 / by John Kimball Best Bandwidth Monitoring Tools – Free Tools to Analyze Network Traffic Usage December. Enigmail is a security extension to Mozilla Thunderbird and SeaMonkey. GnuPG 2.2.x Distribution for Mac OS X Brought to you by: pbrunschwig. Summary Files Reviews Support Documentation Bugs Source. The latest version of GnuPG for OS X is 2.2.23 (released 2020/09/03): Download the DMG file (SHA-256. GnuPG is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions.
Since its introduction in 1997, GnuPG is Free Software (meaning thatit respects your freedom). It can be freely used, modified anddistributed under the terms of the GNU General Public License .
The current version of GnuPG is 2.2.23. See the downloadpage for other maintained versions.
Gpg4win is a Windows version of GnuPG featuring a context menu tool, acrypto manager, and an Outlook plugin to send and receive standardPGP/MIME mails. The current version of Gpg4win is 3.1.13.
Reconquer your privacy
Arguing that you don't care about the right to privacybecause you have nothing to hide is no different fromsaying you don't care about free speech because you havenothing to say. – Edward Snowden
Using encryption helps to protect your privacy and the privacy of thepeople you communicate with. Encryption makes life difficult for bulksurveillance systems. GnuPG is one of the tools that Snowden used touncover the secrets of the NSA.
Please visit the Email Self-Defense site to learn how and why youshould use GnuPG for your electronic communication.
News
The latest blog entries:
The latest release news:
(all news)
GnuPG 2.2.23 released (2020-09-03) important
GnuPG version 2.2.23 has been released today. This version fixes acritical security bug in 2.2.21 and 2.2.22 (CVE-2020-25125).
Please follow the instructions from the announcement mail and updateaffected installations. See also our bug entry #5050.
GnuPG 2.2.22 released (2020-08-27)
[Note: Do not use this release - use 2.2.23 instead.]
GnuPG version 2.2.22 has been released today. This is a maintenancerelease with a some minor changes. {more}
GnuPG 2.2.21 released (2020-07-09)
[Note: Do not use this release - use 2.2.23 instead.]
After the release of GnuPG 2.2.20 back in March it is now the time toget collected fixes from the last months out: GnuPG version 2.2.21 hasbeen released today. This is a maintenance release with a some minorchanges. {more}
Libgcrypt 1.8.6 released (2020-07-06)
Nearly a year passed since the last release and so the time is ripefor new maintenance release: Libgcrypt version 1.8.6 is nowavailable. {more}
Gpg4win fully approved for EU RESTRICTED.
After about a year of tweaking details of the approval, Gpg4win andGnuPG are now approved for EU RESTRICTED communication (VS-NfD). Thisapprovals covers the protocols S/MIME and OpenPGP (public-key andsymmetric-only) with hard- and soft-tokens. Our commercial branchGnuPG.com released a press notice (in German) today.
Gnupg Mac Gui
GnuPG 2.2.19 released (2019-12-07)
Gnupg Macbook
We are pleased to announce the availability of GnuPG version 2.2.19.This version fixes a regression introduced with the last release.{more}
GnuPG 2.2.18 released (2019-11-25)
We are pleased to announce the availability of GnuPG version 2.2.18.This is maintenance release to fix a couple of minor bugs and providea few feature updates. This release also retires the use of SHA-1 keysignatures created since this year. {more} (see also)
Libgcrypt 1.8.5 released (2019-08-29)
If you care about local site-channel attacks on ECDSA you may want toupdate to Libgcrypt version 1.8.5. CVE-CVE-2019-13627 {more}
Despite the appearance of a number of good privacy-focused webmail services, Pretty Good Privacy (PGP) remains the gold standard of email encryption. In this guide, we show you how to use PGP on Mac, explain how it works and how secure PGP really is.
PGP does have a number of issues (discussed below), but it is still the most widely used email encryption system, and therefore the most interoperable with others no matter which platform or email service they use.
It can also be used for signing and encrypting all sorts of other stuff but is mainly used to secure emails.
How does PGP work?
The details of how PGP works are, to be honest, rather complicated. The important thing to remember, however, is that PGP uses public-key cryptography.
Each user has a private key which they keep secret and use to decrypt emails sent to them using their public key. They also have a public key, which they freely so that other people can use it to send them encrypted emails.
- Private key – kept secret and used to decrypt own mail
- Public key – distributed so that others can use it to encrypt mail for sending to you
For this tutorial, we’ll stick to how to use PGP for encrypting emails, but PGP keypairs are also very useful for signing and verifying digital signatures.
PGP vs OpenPGP
When discussing PGP these days we almost always mean OpenPGP. This is an open-source 100% compatible clone of the original PGP, which is now closed-source software owned by Symantec.
Issues with PGP
When PGP is used to secure emails, the metadata - such as email addresses of both the sender and recipient, date and time of sending, and e-mail’s subject line - is not encrypted. Just the body text and any attachments.
Another problem with PGP is that it does not use Perfect Forward Secrecy (PFS). So once keys for one encrypted email are broken, all other emails encrypted using the same keys will also be compromised.
Arguably the biggest problem with PGP, though, is that it's just not very easy to use, with the result being that most people simply don’t. To combat this, we will show you the two easiest ways to use PGP on your Mac:
Method 1: Malivelope
Mailvelope is a free and open-source browser extension for Chrome and Firefox that makes using PGP on your Mac about as easy as PGP is ever likely to get. Please check out our full Mailvelope How-to guide for a detailed look at how it works.
Method 2: GPGTools with GPG Mail
The most common implementation of OpenPGP is Privacy Guard (also known as GnuPG or just GPG). GPG on its own is a basic command-line tool, but GPGTools for macOS provides a GUI interface and advanced features.
It is worth noting that in 2018 GPGTools make headlines due its vulnerability to the EFAIL attack which affected all versions of PGP at the time. Since GPGTools 2018.2, however, this vulnerability has been patched.
GPGTools is free, but the GPG Mail plugin for Apple Mail is designed to help fund the open-source project and costs $22. This is a one-off fee, but you do need to pay again for new versions as they are released.
Download and install the GPG Suite.
Do please make sure to verify the download before installing it. During installation, stick with all the default settings.
Create a new keypair
.Open the GPG Keychain app, select New (the + sign) and fill in the relevant details. You can leave the Advanced options alone or play with them as you please.
Upload your public key to a keyserver.
This will allow others to find it using your email address so that they can send you secure PGP-encrypted emails.
Do please be aware, though, that once a public key is uploaded to a keyserver it cannot be deleted. The keyserver will send you an email asking you to confirm the upload.
You will see your newly created key in the GPG Keychain.
If you already have a keypair then you can import it by clicking the Import button. You can then right-click on it -> Send Public Key to Keyserver.
Send an encrypted email.
In order to send a PGP-encrypted email, you will need the recipient's public key. If they have already sent it to you (as an email attachment, for example) then you can import it using GPG Keychain.
If you already have it, then you can search by email address for public keys that have been uploaded to a key server. Once you have found the key you want, simply import it into your GPG Keychain.
Open the Apple Mail app. If you're using an up-to-date version of macOS (10.14 Mojave+), you will need to enable GPG in Mail. To do this, Go to Preferences -> General -> Manage Plug-ins and enable the GPGMailLoader.mailbundle plug-in.
Then simply compose an email as normal, ensuring that OpenPGP is selected in the new green drop-down button to the top right of the compose screen.
When you have finished writing your message you can sign and/or encrypt it using the two buttons to the right of the Subject line:
A) Sign - this verifies that the email was sent by yourself. When GPG Mail is installed, all messages are signed by default (button is blue). Click on the button to turn signing off.
B) Encrypt - encrypts the content of the message plus any attachments. It does not encrypt the subject line or hide any other metadata. Click the lock icon (turning it blue) to encrypt your email.
Hit Send, and you will be asked for the password to your PGP key. If you are worried that an adversary may gain physical access to your Mac, then you should untick “Save in Keychain.”
Receive encrypted messages
When you receive PGP email that has been encrypted and/or signed with your public key, GPG Mail will automatically decrypt it and/or verify the signature using your private key.
Verify and sign keys
For maximum security, you should verify and sign keys. You verify a key by comparing the fingerprint you have of the key with the fingerprint owned by the sender to ensure they are identical. Ideally, this is done face-to-face, but a secure communication channel such as Signal Messenger will suffice.
Each imported key’s fingerprint is prominently displayed in GPG Keychain.
Once you are satisfied with the authenticity of a key, you can sign-it to confirm that you consider it valid. PGP works on a chain of trust, so you can opt to publish your signature in order to help others decide if the key is authentic.
And that’s the basic outline of how to use GPGTools to send and receive PGP emails in macOS. GPGTools has more tricks up its sleeve, however, which we may explore in future articles.
ProPrivacy only uses basic cookies to monitor traffic to the site. Is that okay?
Find out how to manage cookies and view our policy here
ProPrivacy does not use marketing cookies
Gnupg/macgpg2
- Fastest VPN we test
- Servers in 94 countries
- Unblocks Netflix, iPlayer and more
Gnupg For Mac Installer
30-Day Money-Back Guaranteewasn't right for you?
Download Gpg
We recommend you check out one of these alternatives: