/usr/share/doc/gnupg-doc/GNU_Privacy

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Encrypting and decrypting documents</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="The GNU Privacy Handbook"
HREF="book1.htm"><LINK
REL="UP"
TITLE="Getting Started"
HREF="c15.htm"><LINK
REL="PREVIOUS"
TITLE="Exchanging keys"
HREF="x57.htm"><LINK
REL="NEXT"
TITLE="Making and verifying signatures"
HREF="x136.htm"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>The GNU Privacy Handbook</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="x57.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 1. Getting Started</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="x136.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="AEN111"
>Encrypting and decrypting documents</A
></H1
><P
>A public and private key each have a specific role when
encrypting and decrypting documents.
A public key may be thought of as an open safe.
When a correspondent encrypts a document using a public
key, that document is put in the safe, the safe shut, and the
combination lock spun several times.
The corresponding private key is the combination that can 
reopen the safe and retrieve the document.
In other words, only the person who holds the private key
can recover a document encrypted using the associated public key.</P
><P
>The procedure for encrypting and decrypting documents is
straightforward with this mental model.
If you want to encrypt a message to Alice, you encrypt it
using Alice's public key, and she decrypts it with her private key.
If Alice wants to send you a message, she encrypts it using your
public key, and you decrypt it with your private key.</P
><P
>To encrypt a document the option 
<CODE
CLASS="OPTION"
>--encrypt</CODE
> is used.
You must have the public keys of the intended recipients.
The software expects the name of the document to encrypt as input; if
omitted, it reads standard input.
The encrypted result is placed on standard output or as specified using
the option <CODE
CLASS="OPTION"
>--output</CODE
>.
The document is compressed for additional security in addition to
encrypting it.

<PRE
CLASS="SCREEN"
><TT
CLASS="PROMPT"
>alice%</TT
> <KBD
CLASS="USERINPUT"
>gpg --output doc.gpg --encrypt --recipient blake@cyb.org doc</KBD
></PRE
>

The <CODE
CLASS="OPTION"
>--recipient</CODE
> option
is used once for each recipient and takes an extra argument specifying
the public key to which the document should be encrypted.
The encrypted document can only be decrypted by someone with a private
key that complements one of the recipients' public keys.
In particular, you cannot decrypt a document encrypted by you unless
you included your own public key in the recipient list.</P
><P
>To decrypt a message the option 
<CODE
CLASS="OPTION"
>--decrypt</CODE
> is used.
You need the private key to which the message was encrypted.
Similar to the encryption process, the document to decrypt is
input, and the decrypted result is output.</P
><PRE
CLASS="SCREEN"
><TT
CLASS="PROMPT"
>blake%</TT
> <KBD
CLASS="USERINPUT"
>gpg --output doc --decrypt doc.gpg</KBD
>

You need a passphrase to unlock the secret key for
user: "Blake (Executioner) &lt;blake@cyb.org&#62;"
1024-bit ELG-E key, ID 5C8CBD41, created 1999-06-04 (main key ID 9E98BC16)

Enter passphrase: </PRE
><P
>Documents may also be encrypted without using public-key cryptography.
Instead, you use a symmetric cipher to encrypt the document.
The key used to drive the symmetric cipher is derived from a passphrase
supplied when the document is encrypted, and for good security, it
should not be the same passphrase that you use to protect your private key.
Symmetric encryption is useful for securing documents when the
passphrase does not need to be communicated to others.
A document can be encrypted with a symmetric cipher by using the
<CODE
CLASS="OPTION"
>--symmetric</CODE
> option.</P
><PRE
CLASS="SCREEN"
><TT
CLASS="PROMPT"
>alice%</TT
> <KBD
CLASS="USERINPUT"
>gpg --output doc.gpg --symmetric doc</KBD
>
Enter passphrase: </PRE
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="x57.htm"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="book1.htm"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="x136.htm"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Exchanging keys</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="c15.htm"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Making and verifying signatures</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
gnupg-doc 2003.04.06+dak1-1ubuntu1 / usr / share / doc / gnupg-doc / GNU_Privacy_Handbook / html / x111.htm
