PGP Encryption is one of the most important and primary aspects of proper OPSEC, especially when navigating or using Darknet Markets. We have also received countless requests for a tutorial about using PGP so decided it was time to make a simple tutorial and video on how to properly setup PGP on your computer. For this tutorial, we will be using the popular PGP platform, GPG4WIN.
1.) For the first step, head over to the website, then download and install the GPG main software onto your machine. https://www.gpg4win.org/download.html
2.) When you begin to install GPG4WIN on your device you will be greeted with a popup window showing a few different options to include when installing GPG4WIN on your device. You will notice that by default GPA is not included. Since we plan on mainly using GPA make certain that you check the box before continuing with the installation. Once you check the GPA box you can go to the next step by clicking “Next”.
3.) If GPA does not automatically start after the installation is complete go to your start folder, or if you have it on your desktop, double-click the program so it starts.
4.) On GPA’s first run, it will notify you that you do not currently have a PGP key setup and asks if you would like to make one. Click the button “Generate New Key”.
5.) The GNU Privacy Assitant window will now open and ask you for you to enter your name. Since we want the best OPSEC possible, we suggest entering a fake name or an alias that you have never used for any accounts in the past. Enter your alias and click “Forward”.
6.) Now GNU will ask for your email address. As with the previous step, we don’t want to use any email account which can be easily traced back to us. Since we will not need a real email for using PGP we suggest entering a non-existent email account, making sure that the email domain also does not exist. Once that is filled out click “Forward”
7.) Your PGP key will begin generating and soon a new popup will appear requested a password for you PGP Key. Make sure you enter a good, strong password, and if it’s not something you can easily remember, make sure to write it down and store it in a safe place. If you lose your password you will not be able to decrypt messages or unlock accounts that have 2FA backed by this PGP key.
8.) GNU will now ask if you would like to make a backup key pair. We suggest you do this and select an easily accessible folder to export the keypair to so you can locate it on your device.
9.) Now go and find the keypair you just backed up. Once you located it open the file. By default, your computer may not know how to open the file as it is saved as a .asc extension. If that is the case you can right click on the file and select to open the file with a basic text editor of your choosing. For this tutorial, we are using Notepad++ as our text editor. You can find Notepad++ here if you would like to use it. https://notepad-plus-plus.org/download/v7.5.6.html
10.) Once you open the file you will find a large block of text. This is your PGP key. It’s the key you will add to your accounts, so people can use your key to encrypt the messages they send you. Any messages encrypted with your PGP key can only be decrypted and read by you.
How to Encrypt Messages with someone’s PGP Key
Now that we have properly set up our own person PGP key, how do we go about sending an encrypted message to another person using their PGP Key? This is a very easy process and only takes a few steps to complete.
1.) Find the PGP key of the person you want to contact and copy it. Create a text file and paste the person’s PGP key into that text file and save the file.
2.) Start GPA and click the keys tab in the main menu and click the button “Import Keys”.
3.) Locat the text file you just saved with the person’s PGP key and click “Open”
4.) If everything went smoothly you will see a popup window that shows that a PGP key was properly imported into your keyring.
5.) Now go to your keyring window and click the button that says “clipboard” in the main menu.
6.) GPA clipboard should open and you can now enter the message you would like to encrypt with the person’s PGP key. Go ahead and enter the message.
7.) Once you finish typing the message click the “encrypt” button in the main menu of the clipboard.
8.) Now you will see your keyring that contains all the PGP keys of people you have imported, including the one we just imported for this tutorial. Locate the PGP key of the person you wish the message and click “encrypt”.
9.) The message you typed in the GPA clipboard is now encrypted with the PGP key of the person you wish to contact. You can copy and paste the encrypted message into whichever platform you are messaging the person and only they will be able to decrypt the message using.
How to Decrypt a PGP Message Sent to Us?
Now let’s see how we can decrypt a message someone has sent us using our Public PGP key. These are also the same steps you will be following when you have set up 2FA protection on your Darknet Market accounts.
1.) Open GPA and click the GPA clipboard button on the main menu.
2.) Copy and paste the encrypted message into the GPA clipboard.
3.) Click the “Decrypt” button on the Clipboard’s main menu.
4.) If you use multiple keys, select the PGP key you know was used for encrypting your message and select “decrypt”
5.) Now a popup window will request the password for your PGP key. Enter your password and click OK.
6.) Soon the message will decrypt and you will see the decrypted, readable message in your GPA clipboard.
Now you know how to safely, and properly use PGP. You know how to create a PGP key, how to add a PGP key to your keyring, how to encrypt messages and how to decrypt messages sent to you. Now make sure to use PGP on all of your accounts, and be sure to setup 2FA with your PGP key as well. If you have any questions or requests for future tutorials, go ahead and let us know in the comment section below or message us using our contact us page.