"Public-key cryptography" is a method of exchanging encrypted messages based around the concept that each person generates a linked pair of keys, one public and one private. The public key is for encrypting messages, so you disseminate it far and wide. The private key is for decrypting messages, so you keep it private. You use other people's public keys to send them messages, and they use your public key to send you messages. And each person uses their own private key to decrypt incoming messages.
The first widely-used protocol and software for public-key cryptography was called "Pretty Good Privacy" or "PGP" for short. But that protocol and software were bought-out by Symantec and are now closed-source for-profit products. But Symantec itself no-longer exists, having been bought-out by Broadcom. For more information, visit https://broadcom.com/.
These days, most people use the open-source protocol "OpenPGP" for public-key cryptography:
The primary software for OpenPGP encryption these days is "GPG" ("Gnu Privacy Guard") and its variant for Windows, "GPG4win" ("Gnu Privacy Guard For Windows"):
So how do you use GPG? Simple! Just follow this procedure:
- Acquire GPG software for your OS (see links above) and install it.
- Using your GPG software, Make a private/public key pair and a "passphrase", which is is a text string, about 30-60 characters long, that acts as your secret password for decrypting messages. Use an actual phrase, preferably with both small and capital letters, spaces, numbers, and punctuation, such as "Darnby picked up 317 rough sticks.". Don't use single words or names, or common phrases; those are too easy for crackers to guess. Both memorize your passphrase (use it often enough that you don't forget it) and also write it on a piece of paper and put it where it won't get lost and where others can't access it (such as in a safe). If you forget your passphrase and you don't have it written anywhere, your key-pair will become useless, and you'll have to make another.
- Send your public key to anyone you want to be able to send encrypted messages to you. Include it at the bottom of your emails. Put it on your web site. Send it to key servers. Disseminate it far and wide. (Don't send your private key or your passphrase to anyone, though! Just your public key!)
- To send an encrypted message to someone, obtain their public key, copy-and-paste it (the whole thing, including the "BEGIN" and "END" lines and all lines in between) into a text file, and save that file on your computer. Import that file into your GPG keyring (see the "Help" in your GPG software for how to do this) and use it to encrypt messages to that person.
- To decrypt messages to you which people have encrypted using your public key, use your GPG software, your private key, and your secret passphrase.
That's all there is to it!
Here's my current PGP public key:
You can use that to encrypt messages to me, and I'll use my private key to decrypt them. And if you include your public key block in your message, I can use it to encrypt my reply to you, and you can use your private key to decrypt my message.