Windows PGP Guide (Gpg4win)

This guide will explain very briefly what PGP is, how it works, and how to begin encrypting/decrypting files and messages with GNU Privacy Assistant (GPA) from Gpg4win. The process explained below will be the same on Windows 7, 8, and 10.

PGP, short for Pretty Good Privacy, allows you to encrypt and decrypt data, like text or files.

PGP works using generated keys – a combination of a public key and a private key. Your public key is, as its name suggests, the key you share with people to allow them to send you encrypted messages. Your private key is, of course, private – it is kept only on your computer, and is used to decrypt messages sent to you using your public key.

Messages sent to a public key can only be decrypted using the recipient's associated private key. If John encrypts a message for Susie, he will use her public key to encrypt the message – Susie must then use her private key to decrypt the message she received.

In order to use PGP, you need software capable of generating these keys. We'll be using the free program Gpg4win. Head over to and download the software. If you're unsure which option to choose, go for the latest version (which comes with Gpg4win compendium and Kleopatra).

During installation, make sure GPA is selected. Although not used in this guide, it's also worth selecting Kleopatra as you might use it in the future.

Generating Keys

Once Gpg4win is installed, you'll need to create a PGP key pair. Run GPA.exe. Click Keys at the top, and then New Key.

When entering details for the key, you are told to enter your name. Whether you enter your real name or not is up to you, but anybody with your public key will see this name. It's recommended you instead use an alias or nickname. It can be gibberish if you'd like, but don't leave it blank. You're also asked for an email address; again, enter this only if you are comfortable sharing your email address with anybody you might give your public key. If you choose not to use a real address, enter one which is obviously nonexistent, for example [email protected] – people might try to send you emails without realising it's a fake address!

When asked, choose to make a backup of your key. This will be an .asc file. It can be saved anywhere on your computer, but try to save it to a location you'll remember, like Desktop or C:/Users/YourName. This .asc file contains your public and private PGP key, and can be viewed with any text editor (like Notepad or Notepad++). The public key, including the starting and ending dashes, is what you give to others to allow them to send you messages.

Only ever reveal your public key to someone – never send the entire file or disclose the entire file's contents, even to someone you trust.

At this stage, you should see your new key in GPA.

Importing Somebody's Public Key

Say you have somebody else's public key, or an .asc file containing their key. You want to import it. Easy:

Encrypting and Decrypting Messages

To encrypt a message either click Clipboard, or go to the Windows menu and select Clipboard. In the field, type the message you would like to encrypt. Press 'Encrypt', and then choose the key of your intended recipient (and the key you'd like to send the message from).

You will then see your message encrypted as a PGP block – this begins with "BEGIN PGP MESSAGE" and ends with... "END PGP MESSAGE". This is what you will send to your recipient, who then decrypts it with their own private key.

To decrypt a message you have received, simply enter it into the Clipboard and press 'Decrypt'.

You now know the basics of generating keys, encrypting and decrypting with Gpg4win! To learn more about Gpg4win, visit their website.