SETTING UP GNUPG ON WINDOWS FOR USE WITH *ANY* MAIL CLIENT
Original version by Marco Di Folco (marco.difolco AT coresecure DOT com)
Latest revision 0.2 on 05/22/2006
Summary:
Install the software
Create your personal key pair
Import a public key
Encrypt a message
Export your public key
Install the software
We will be using Windows
Privacy Tools (WinPT), included in the gpg4win package.
gpg4win is an installer package for Windows (95/98/ME/2000/XP/2003) for email and file encryption. gpg4win and the software included with gpg4win are Free Software. Windows Privacy Tools (WinPT), included in the gpg4win package, is a collection of multilingual applications for digital encryption and signing of content. WinPT is GnuPG-based, compatible with OpenPGP compliant software (like PGP) and free for commercial and personal use under the GPL. WinPT Tray is a "Front end" which allows access to the Gnu Privacy Guard (GnuPG) encryption engine. WinPT Tray is a Windows® application which resides in the System Tray. WinPT Tray can be used as a universal plug-in for all email programs because it allows you to cut and paste from any email application, and encrypt the data while it resides in your clipboard. It has a built-in file browser for the encryption of files on your harddrive. WinPT will also handle all of your key-management and key-server access needs.
Download the latest stable release from the gpg4win web site: DOWNLOAD
The default installation settings are fine, you should not change anything:
Accept the "Licence Agreement" by clicking on the "Next" button.
Choose the components that you want to install, pay attention to choose WinPT component. We need only the WinPT tool, but you can select all the components in list.
Proceed by clicking on the "Next" button:
Leave install location and the other options as they are and press the "Next" button.
Once the installation is complete, click the "Finish" button.
Open WinPT clicking on Start -> Programs -> GnuPG For Windows -> WinPT and you should see the following screen:
Now it is time to let WinPT generate a public/private key pair for you.
Leave the first option selected and press the "OK" button.
You should see the following screen now:
Leave "Prefer RSA keys" option unchecked and enter your full name and email address, than press the "OK" button.
Pick a passphrase (password), it should be at least 8 chars long, keep it secret!
Press the "OK" button.
Now you should see the key pair generation window, it will take a few seconds to complete.
Move the mouse random in a random way in order to speed up the key generation process.
When the generation process is finished, you should see the following popup window:
Click the "OK" button, your key pair is generated.
Now it's time to import a public key someone sent you into your keyring. Then start the WinPT "Key Manager" tool, by right-clicking the WinPT tray icon and selecting "Key Manager".
You should see a screen like the following one:
Select "Key" in the menu, then "Import..."
Point it to the public key file, then press the "Open" button:
.
You will see a new window that shows the keys included in the file that you have selected, select the desired key from the list then press the "Import" button.
When the publick key import process is finished, you should see the key in the list, like shown in the following screen:
From the "Key Manager" menu, select "Key", then "Reload Key Cache" if you don't see the public key in list.
Once done, you should see the public key in the list, next to your public/private key.
Now you have to sign the public key you've just imported, check out the following screen:
Right click on the public key and select "Sign".
You will be presented a screen like this one:
Enter your passphrase then click the "OK" button, the following message will confirm the operation:
Now is time to "trust" the imported public key, checkout the following screen:
In the "Key Manager" window, select the public key, right click it, select "Properties", a new popup window will open:
Now, clicking on the "Change" button, you should see a screen like this one:
Select "I trust fully" and press the "OK" button.
The following message should be confirm the operation:
You are now all set and ready to decrypt/encrypt messages.
You can decrypt/encrypt any message in your Windows clipboard with WinPT.
I'll show you how to encrypt a message.
Create a simple text message (e.g. in Notepad) and copy it into your Windows clipboard.
Then right click the WinPT tray icon, you should see a window like this one:
Select "Clipboard" then "Encrypt", a popup window will appear listing all your keys, select the recipient key (e.g. "Marco Di Folco") and click the "OK" button.
After a few seconds, you will see a "GPG Status: Finished" message, it will disappear in a moment.
Your clipboard now holds the encrypted data, paste it into an email (plain text please!) and send it to the recipient.
The recipient should be able to decrypt the message using his private key.
Now it's time to share your public key with the entire world!
In the "Key Manager" window, select your key, like shown in the following screen:
From the menu, select "Key", then "Export", save your public key to a file and send it by email to the users you want to exchange encrypted emails with.
Once they get your public key, they will be able to send you encrypted messages.
An encrypted message looks like this:
-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.96rc1
hQIOAygrkq5ealDgEAgAvk9YKp1vrjDVCRWWwARcmAHAA430kpZdKFv3AkiYxBLC
BwBokcbenzFqZoi51BDCTE8+qTBCs/OCrvb6aNU5kKOIssNe+OK/eDSTxRrmxFFU
5zgxRy/fKDgyTdSeJ5PH2iY22Xj3ON3cz7FXNX536/cuPNXp95FdWNHrAuFf2RF8
yDKc/HYeWTWUJpHpNk7sdVA9edat3Z+i6ywlHPt8K3+qujp14WMfknHoqB3sBDQK
rD3EdVw3xJbBV5MfqDQGEke28IAw4nNKYsTGep0KlF7sI8gez+a1IRHcm1yG10NL
uHP70vUES5HuWeQ8Jz4WggTJmKOggrlmVgOVEB/e7AgAjjYLlYzEUrcAavipTGY0
H9li998ae2hThigphBllCWd83tQRCmkr+ScPdKegs/ACwL634nB+hJ53ih8OPLx1
RBGUVaNu0ey9upDJJ188XaSrjORzKXa0qKxNOCkFeN9lR6jCPo42eO219iq4j94T
Kovys2fN1/V7Upcb+rKG0ZXChDzYZndot6Hw/AsvLjgQIhtFTuRhpNPchXp1cBcJ
uf6H6H2T5jgsmEzyu08HK4XUb1bGbfQICMpsN/5zBkLP8MeBKXSkVtWuRwIUFR1b
XdEb9Wdnps4sQ+EqYt9TdFRxh+SzEgZ8JLpoyo0NLvuswJZZq/1tGoz1RmsehHIw
7tJtAaEX9SbZ6Rq8k9rsJesqK2CZQAWgxcsnwRpQm/x5BPLmSRL/uRP+ETdwtE9R
UccC6QyRrJ0DARm/PULTaZgAvef1Xu6E3FNUBoqvVqtZgX4NRR9BeQcqDenNypCc
O9TmwH5TpSghrnS1m+sgSQ==
=UURX
-----END PGP MESSAGE-----
When you get an encrypted message (e.g. by email or IM), select it all, copy it to the clipboard, then use WinPT to decrypt it, check out the following screen:
Right click the WinPT tray icon, select "Clipboard", then "Decrypt/Verify", WinPT will decrypt the message and copy the clear text message to your clipboard.
You can paste it into any application (e.g. Notepad) in order to read it.