PGP
Definition
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for securing emails, files, and directories by encrypting them, ensuring that only authorized parties can access the content. It employs a combination of symmetric-key cryptography for speed and public-key cryptography for secure key exchange, making it a robust tool for protecting sensitive information.
Secure Settings Example
# Generate a new PGP key pair with a strong encryption algorithm
gpg --full-generate-key
# Use RSA with a key size of 4096 bits
# Set an expiration date for the key to enforce key rotation
# Use a strong passphrase for additional security
Insecure Settings Example
# Generate a PGP key pair with weak encryption settings
gpg --quick-generate-key "user@example.com" default default 0
# Using default settings may result in weaker encryption algorithms
# Not setting an expiration date can lead to prolonged use of compromised keys
# Not using a passphrase leaves the private key vulnerable if accessed