If you’ve worked in technology or cybersecurity for any amount of time, you’ve probably heard of Pretty Good Privacy, or PGP. PGP is an encryption method used to secure data and achieve privacy during data transfers. Pretty straightforward, right? Only, PGP has three different acronyms associated with it—PGP, OpenPGP, and GPG—which can get confusing.
What do these various acronyms stand for, and in what situations should the encryption methods behind them be used?
The first acronym, PGP, is your basic Pretty Good Privacy standard. PGP was released in 1991 by Phil Zimmermann & Associates and used to protect the files people posted on bulletin boards systems (pre-internet computer servers that allowed users to connect to each other) between 1991 and 1995. The PGP software was then sold several times before its final acquisition by Symantec in 2010.
PGP encryption combines password hashing, data compression, symmetric-key cryptography, and public key cryptography to keep sensitive information secure. You can use PGP to encrypt text files, emails, data files, directories, and even whole disk partitions.
OpenPGP stands for Open-source PGP. It was created by one of the original PGP developers, Phil Zimmermann, as a way to employ encryption algorithms without the accompanying patent issues PGP had. In 1997, Zimmermann submitted an Open-source PGP standards proposal to the IETF (Internet Engineering Task Force). The acceptance of this standard allowed companies and encryption vendors to provide solutions that were compatible with other OpenPGP software.
Zimmermann’s push for OpenPGP created a free and competitive environment for PGP encryption tools to thrive. OpenPGP can now be used to describe any program that supports, or is compliant with, the OpenPGP standard.
The introduction of OpenPGP also added some new encryption tools into the fold, including ensured delivery of files and sender verification using digital signing. Furthermore, OpenPGP is often used to encrypt data that’s placed on mobile devices, tablets, or in the cloud.
#3. GPG (GNU Privacy Guard)
GnuPGP, which stands for GNU Privacy Guard, was developed in 1999 as an alternative to PGP encryption. Based on the OpenPGP standard established by the IETF, it is free to download, use, modify, and distribute, and it allows users to decrypt any PGP or OpenPGP file.
GPG uses a graphic user interface that can be installed on Linux, Android, and Windows systems, among others. Some solutions use GPG coding for encryption, while others secure data using commands in a menu-based Perl script.
So, to recap: PGP is the original encryption solution that allowed pre-internet goers to protect their files on bulletin board systems. OpenPGP is the IETF-approved standard that allows technology companies to make and sell PGP-compatible solutions. Finally, GPG is a spin-off of PGP that follows OpenPGP standards to provide end users with free, easy-to-use file encryption.
Encryption is necessary in today’s society. As we anticipate data breaches and security becomes more and more critical, organizations will continue to develop powerful encryption software based on PGP, OpenPGP, and GPG.
Are you looking to solve your encryption needs with OpenPGP software? Try OpenPGP Studio. This completely free desktop tool from GoAnywhere makes it easy to store, transmit, and protect sensitive files using the OpenPGP encryption standard.