What is pgp
Last updated: April 1, 2026
Key Facts
- PGP was created in 1991 by Phil Zimmermann as a tool for secure communication
- It uses both symmetric and asymmetric encryption algorithms for maximum security
- PGP creates a pair of keys—a public key to encrypt and a private key to decrypt messages
- The technology has become a standard for secure email communication and file protection
- PGP is based on the OpenPGP standard, which is now an open standard for encryption
What is PGP?
PGP, short for Pretty Good Privacy, is a powerful encryption software and standard developed to protect sensitive communications and data. Created in 1991 by Phil Zimmermann, PGP has become one of the most widely-used encryption tools for securing emails, files, and other digital communications. It combines several encryption technologies to provide military-grade security for personal and business use.
How PGP Works
PGP operates using a two-tier encryption system that combines symmetric and asymmetric encryption. When you send a message using PGP, the software first compresses the message and encrypts it using a symmetric cipher. The symmetric key is then encrypted using the recipient's public key (asymmetric encryption). This hybrid approach balances security with processing efficiency, allowing fast encryption of large files while maintaining strong security.
Public and Private Keys
PGP uses a pair of mathematically linked keys: a public key and a private key. The public key is shared openly and used to encrypt messages intended for you. The private key remains secret and is used to decrypt messages encrypted with your public key. Users can also digitally sign messages using their private key, proving the message came from them and hasn't been altered. Recipients can verify the signature using the sender's public key.
Key Ring and Trust
PGP users maintain a keyring—a database of public keys from contacts and trusted parties. PGP employs a web of trust model where users can sign each other's keys to verify authenticity. This decentralized trust system doesn't rely on a central authority, making it resistant to tampering and censorship. Users decide which keys they trust and at what level.
Modern Applications
Today, PGP technology is implemented in various email clients, messaging apps, and file encryption tools. Many organizations use PGP-based systems to protect sensitive documents, customer data, and communications. The OpenPGP standard, established in 1997 and maintained by the IETF, ensures compatibility across different PGP implementations and tools, making it a universal encryption standard.
Related Questions
How do I create a PGP key pair?
You can generate a PGP key pair using tools like GPG (GNU Privacy Guard), Thunderbird with the Enigmail extension, or dedicated PGP software. The process involves creating a public key to share and a private key to keep secure, protected by a passphrase.
Is PGP still secure today?
Yes, PGP remains secure when implemented correctly with modern encryption algorithms. However, security also depends on protecting your private key and passphrase. Using contemporary implementations and keeping software updated ensures continued protection.
What's the difference between PGP and GPG?
GPG (GNU Privacy Guard) is free software that implements the OpenPGP standard, while PGP is the original encryption software and commercial product. Both use the same encryption principles, but GPG is open-source and widely used as the standard tool.
More What Is in Daily Life
Also in Daily Life
More "What Is" Questions
Trending on WhatAnswers
Browse by Topic
Browse by Question Type
Sources
- Wikipedia - Pretty Good PrivacyCC-BY-SA-4.0
- IETF - OpenPGP Message FormatCC-BY-SA-4.0