PGP, OpenPGP, and GPG: What They Are and When to Use Them

If you’ve worked in technology or cybersecurity for any amount of time, you’ve probably heard of Pretty Good Privacy, or PGP. PGP is an encryption method used to secure data and achieve privacy during data transfers. Pretty straightforward, right? Only, PGP has three different acronyms associated with it—PGP, OpenPGP, and GPG—which can get confusing.

What do these various acronyms stand for, and in what situations should the encryption methods behind them be used?

#1. PGP

The first acronym, PGP, is your basic Pretty Good Privacy standard. PGP was released in 1991 by Phil Zimmermann & Associates and used to protect the files people posted on bulletin boards systems (pre-internet computer servers that allowed users to connect to each other) between 1991 and 1995. The PGP software was then sold several times before its final acquisition by Symantec in 2010.

PGP encryption combines password hashing, data compression, symmetric-key cryptography, and public key cryptography to keep sensitive information secure. You can use PGP to encrypt text files, emails, data files, directories, and even whole disk partitions.

#2. OpenPGP

OpenPGP stands for Open-source PGP. It was created by one of the original PGP developers, Phil Zimmermann, as a way to employ encryption algorithms without the accompanying patent issues PGP had. In 1997, Zimmermann submitted an Open-source PGP standards proposal to the IETF (Internet Engineering Task Force). The acceptance of this standard allowed companies and encryption vendors to provide solutions that were compatible with other OpenPGP software.

Zimmermann’s push for OpenPGP created a free and competitive environment for PGP encryption tools to thrive. OpenPGP can now be used to describe any program that supports, or is compliant with, the OpenPGP standard.

The introduction of OpenPGP also added some new encryption tools into the fold, including ensured delivery of files and sender verification using digital signing. Furthermore, OpenPGP is often used to encrypt data that’s placed on mobile devices, tablets, or in the cloud.

#3. GPG (GNU Privacy Guard)

GnuPGP, which stands for GNU Privacy Guard, was developed in 1999 as an alternative to PGP encryption. Based on the OpenPGP standard established by the IETF, it is free to download, use, modify, and distribute, and it allows users to decrypt any PGP or OpenPGP file.

GPG uses a graphic user interface that can be installed on Linux, Android, and Windows systems, among others. Some solutions use GPG coding for encryption, while others secure data using commands in a menu-based Perl script.

So, to recap: PGP is the original encryption solution that allowed pre-internet goers to protect their files on bulletin board systems. OpenPGP is the IETF-approved standard that allows technology companies to make and sell PGP-compatible solutions. Finally, GPG is a spin-off of PGP that follows OpenPGP standards to provide end users with free, easy-to-use file encryption.

Encryption is necessary in today’s society. As we anticipate data breaches and security becomes more and more critical, organizations will continue to develop powerful encryption software based on PGP, OpenPGP, and GPG.

Are you looking to solve your encryption needs with OpenPGP software? Try OpenPGP Studio. This completely free desktop tool from GoAnywhere makes it easy to store, transmit, and protect sensitive files using the OpenPGP encryption standard.

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase