Public Key vs Private Key
- Public Key is for others to encrypt messages to you and verify your signatures.
- Private Key should be kept secret. It decrypts messages sent to you and creates your digital signatures.
Quick Setup for GPG/PGP on Windows, macOS, and Linux
Windows: Download and install
Gpg4win.
After installation, open Command Prompt or PowerShell and verify by typing gpg --version.
macOS: Install GnuPG via Homebrew:
brew install gnupg, then check with gpg --version.
Alternatively, you can use
GPGTools.
Linux: Many distributions include GnuPG by default. If not, install from your package manager.
For example (Debian/Ubuntu):
sudo apt-get update && sudo apt-get install gnupg.
Create a Key Pair: Open a terminal/command prompt and run gpg --full-generate-key.
Follow the prompts to set your key type, size, and expiration. Choose a strong passphrase. Please do not set an expiration date, as your public key cannot be replaced on securemessages.app.
1. Generate a GPG/PGP Key Pair:
Use the steps above or consult the official
GnuPG documentation.
Safely store your private key.
2. Create an Account:
Sign up on securemessages.app using your chosen username, a secure password, and your public key.
3. Obtain the Recipient’s Public Key:
Look up the intended recipient’s public key within securemessages.app and import it into your local GPG keyring.
4. Encrypt Your Message:
On your device, use the recipient’s public key to encrypt your message. Keep your private key safe; it should never be shared.
5. Send the Encrypted Message:
Submit the encrypted text through securemessages.app. Only the recipient’s private key can decrypt it, ensuring end-to-end security.