The Zen of PGP
A Pragmatic Approach
I am here to liberate you from PGP!
Over the years Pretty Good Privacy (PGP) has remained constantly frustratingly difficult to use correctly, but remarkably effectively when done so. It is a Swiss army knife encryption tool with more options and contraptions than seems necessary (seriously, just see gpg-zip — encrypted archive handling.) To add to the confusion, PGP has some sort of mystique, an aura of being The Encryption Tool of Serious Computer People. PGP was developed 20+ years ago as a toy to safely email viruses between researchers. It has been a pain in the ass ever since.
To help maintain this nerd street cred, pretty much every PGP guide on the Internet (and there are a lot of PGP guides on the Internet) has loads of arcane obscure weird commands to run. How to set up sub keys. Which USB drive to use for master key storage. Locking a drive in a safe, and using a sub key for signing only other keys used for …who gives a fuck?!
Just do the simplest thing that works.
The important parts of PGP for email are:
- Keys — create new keys regularly and destroy old ones
- Key Storage — Use a YubiKey (or any OpenPGP hardware smartcard)
- Operational use — Keep the
Subjectline clean (it isn’t encrypted), and delete encrypted emails immediately (or periodically.) If necessary, store plaintext emails in an encrypted backup.
Use a hardware smartcard to protect your PGP key. Don’t expose anything in the
Subject line, rotate keys regularly, and clean up as soon as possible. Other than that it doesn’t matter that much how you configure your PGP environment. And of course, whenever possible, use something safer than PGP such as Signal, Wire, Threema, XMPP+OTR, XMPP+OMEMO, WhatsApp, Ricochet, etc. etc.
- Just use a YubiKey
- Try to avoid PGP for more secure protocols instead (e.g. Signal, WhatsApp, even XMPP+OTR)
Stressing about how to protect and setup a working PGP environment is mostly a waste of time, in my opinion. All those detailed PGP guides with their dozens of arcane command line minutiae and strict rules about where to put which sub key or what type in which safe… waste of effort. Either your laptop will be compromised by malware, or it won’t be. If it is compromised, then if the key is on the laptop it will be stolen. If it is not compromised, then it doesn’t really matter because PGP is safe enough on the wire (generally speaking).
So use a YubiKey. This will protect your key even if your laptop is compromised by malware. This is because the key is stored off the laptop on the Yubikey hardware. (Any OpenPGP compatible smartcard is fine, of course, some other options: FLOSS, CryptoShop, etc.) A Yubikey will be easy for most people to buy and setup. Yubikeys with NFC can even be used with Android via K-9 email application and the OpenKeychain application. Use one of those guides to figure out how to setup and use the YubiKey, but don’t stress about it too much.
The main problem with the YubiKey is that they tend to go missing, in which case you’ll lose access to all your emails. If that is a problem (and it is damn annoying), then you’ll need to figure out something else. For example just living with your PGP key on your laptop. Alternatively, backup your emails in plaintext to encrypted storage. (Personally, I delete all encrypted emails on a routine basis, either as soon as I’m done with them or periodically.)
That brings me to another point. In general, a laptop is significantly less secure than an iOS device. Even a Pixel Android device (kept patched) is more secure than a laptop. PGP is a horrible protocol for message exchange, requiring far too much heavy lifting from the user. Wherever possible, try to use modern chat applications based on the Signal Protocol. This will give you a much higher level of security (generally speaking) with far fewer chances to make a mistake than using PGP.
Remember that the more copies of the key you have, on more devices, the more likely you are to lose control of that key (have it compromised). Simple matter of the law of large numbers… PGP fails catastrophically when a key is lost — all existing encrypted messages can be decrypted. This is why it is better to not use PGP and use a more secure protocol if at all possible (see: Signal, WhatsApp, Threema, Wire, even *shudder* Telegram).
Again, just use a YubiKey and try to use instead Signal/WhatsApp whenever possible.
The good news about what he’s saying is that he’s liberating you from caring about all PGP nerdery. No subkeys, no weird commands. Just do the simplest thing with PGP that can possibly work. Basically, there are two reasonably safe things to do with PGP:
Use it in “conventional” mode, with -c or whatever, to encrypt individual files on your own computer, so they’re secure when you’re not using them. You do this because individual file encryption is much safer than full disk encryption.
Use it for messages with personal PGP keys you change very regularly. Don’t try to do lots of work on different projects with a single key. Apply PGP topically, as needed. Your PGP application will encrypt your keys for you. It’s not great, but it’s the best you’re going to do on a laptop.
Even though full disk encryption sucks, you should make sure full disk encryption is enabled on your laptop, so that you must enter a password when it wakes from sleep.
When you archive old messages, do it to an encrypted backup, and back up and delete your old PGP keys at the same time. — ptacek