GNU Privacy Guard ( GnuPG or GPG) is a free software replacement for Symantec's PGP cryptography software suite. GnuPG is compliant with RFC 4880, which is the IETF standards track specification of OpenPGP. Modern versions of PGP are Interoperability with GnuPG and other OpenPGP-compliant systems.
GnuPG is part of the GNU Project, and has received major funding from the German government.
The GnuPG 1.x series uses an integrated cryptographic library, while the GnuPG 2.x series replaces this with Libgcrypt.
GnuPG encrypts messages using asymmetric key pairs individually generated by GnuPG users. The resulting public keys may be exchanged with other users in a variety of ways, such as Internet key servers. They must always be exchanged carefully to prevent identity spoofing by corrupting public key ↔ "owner" identity correspondences. It is also possible to add a cryptographic digital signature to a message, so the message integrity and sender can be verified, if a particular correspondence relied upon has not been corrupted.
GnuPG also supports symmetric encryption algorithms. By default, GnuPG uses the CAST5 symmetrical algorithm. GnuPG does not use patented or otherwise restricted software or algorithms. Instead, GnuPG uses a variety of other, non-patented algorithms.
For a long time it did not support the IDEA encryption algorithm used in PGP. It was in fact possible to use IDEA in GnuPG by downloading a plugin for it, however this might require a license for some uses in countries in which IDEA was patented. Starting with versions 1.4.13 and 2.0.20, GnuPG supports IDEA because the last patent of IDEA expired in 2012. Support of IDEA is intended "to get rid of all the questions from folks either trying to decrypt old data or migrating keys from PGP to GnuPG", and hence is not recommended for regular use.
As of versions 2.0.26 and 1.4.18, GnuPG supports the following algorithms:
More recent releases of GnuPG 2.x ("modern" and the now deprecated "stable" series) expose most cryptographic functions and algorithms Libgcrypt (its cryptography library) provides, including support for elliptic curve cryptography (ECDSA, ECDH and EdDSA) in the "modern" series (i.e. since GnuPG 2.1).
GnuPG is a system compliant to the OpenPGP standard, thus the history of OpenPGP is of importance; it was designed to interoperate with PGP, the email encryption program initially designed and developed by Phil Zimmermann.
Different GnuPG 2.x versions (e.g. from the 2.2 and 2.0 branches) cannot be installed at the same time. However, it is possible to install a "classic" GnuPG version (i.e. from the 1.4 branch) along with any GnuPG 2.x version.
Before the release of GnuPG 2.2 ("modern"), the now deprecated "stable" branch (2.0) was recommended for general use, initially released on November 13, 2006. This branch reached its end-of-life on December 31, 2017; Its last version is 2.0.31, released on December 29, 2017.
Before the release of GnuPG 2.0, all stable releases originated from a single branch; i.e., before November 13, 2006 no multiple release branches were maintained in parallel. These former, sequentially succeeding (up to 1.4) release branches were:
Note that branches with an odd minor release number (e.g. 2.1, 1.9, 1.3) are development branches leading to a stable release branch with a "+ 0.1" higher version number (e.g. 2.2, 2.0, 1.4), hence branches 2.2 and 2.1 both belong to the "modern" series, 2.0 and 1.9 both to the "stable" series, while the branches 1.4 and 1.3 both belong to the "classic" series.
For macOS, the GPG Suite project provides a number of Aqua front-ends for OS integration of encryption and key management as well as GnuPG installations via Installer Package manager. Furthermore, the GPG Suite Installer installs all related OpenPGP applications (GPG Keychain Access), plugins (GPGMail) and dependencies (MacGPG) to use GnuPG based encryption.
Instant messaging applications such as Psi and Fire can automatically secure messages when GnuPG is installed and configured. Web-based software such as Horde also makes use of it. The cross-platform extension Enigmail provides GnuPG support for Mozilla Thunderbird and SeaMonkey. Similarly, Enigform provides GnuPG support for Firefox. FireGPG was discontinued June 7, 2010.
In 2005, g10 Code GmbH and Intevation GmbH released Gpg4win, a software suite that includes GnuPG for Windows, GNU Privacy Assistant, and GnuPG plug-ins for File Explorer and Outlook. These tools are wrapped in a standard Windows installer, making it easier for GnuPG to be installed and used on Windows systems.
In 2018, Sevenuc Consulting released an utility named Guard7 on Mac App Store that make the daily work with GnuPG easy and simple on macOS, it is a graphical frontend for GPG with some additional features, e.g. organise contacts into group, switch different keyrings. Guard7 smoothly integrated with the macOS' built-in Mail app, and can easily organise dozens of recipients for email message. Encrypt or decrypt file just require dragging the file from Finder into Guard7, it is very convenient and simple.
Since GnuPG 2.0, many of GnuPG's functions are available directly as C APIs in Libgcrypt.
Two further vulnerabilities were discovered in early 2006; the first being that scripted uses of GnuPG for signature verification may result in false positives, the second that non-MIME messages were vulnerable to the injection of data which while not covered by the digital signature, would be reported as being part of the signed message. In both cases updated versions of GnuPG were made available at the time of the announcement.
In June 2017, a vulnerability (CVE-2017-7526) was discovered within Libgcrypt by Bernstein, Breitner and others: a library used by GnuPG, which enabled a full key recovery for RSA-1024 and about more than 1/8th of RSA-2048 keys. This side-channel attack exploits the fact that Libgcrypt used a sliding windows method for exponentiation which leads to the leakage of exponent bits and to full key recovery. Again, an updated version of GnuPG was made available at the time of the announcement.
In October 2017, the ROCA vulnerability was announced that affects RSA keys generated on the YubiKey 4 tokens, often used with PGP/GPG. Many published PGP keys were found to be susceptible. The Return of Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli, Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec,Vashek Matyas, November 2017