 | |
| Developer(s) | The Gpg4win initiative |
|---|---|
| Initial release | April 6, 2006 |
| Stable release | 4.2.0 (with GnuPG 2.4.3) (July 14, 2023 [1] ) [±] |
| Repository | dev |
| Operating system | Windows |
| Type | Encryption software |
| License | GPLv2 |
| Website | gpg4win |
Gpg4win is an email and file encryption package for most versions of Microsoft Windows and Microsoft Outlook, which utilises the GnuPG framework for symmetric and public-key cryptography, such as data encryption, digital signatures, hash calculations etc.
The original creation of Gpg4win was initiated and funded by Germany's Federal Office for Information Security (BSI) in 2005, [2] [3] resulting in the release of Gpg4win 1.0.0 on 6 April 2006; [4] however Gpg4win and all included tools are free and open source software, and it is typically the non-proprietary option for privacy recommended [5] [6] to Windows users.
As Gpg4win v1 was a much overhauled derivate of GnuPP, [7] both were using GnuPG v1 for cryptographic operations and thus only supported OpenPGP as cryptography standard.
Hence in 2007 the development of a fundamentally enhanced version was started, also with support from the German BSI (Federal Office for Information Security); this effort culminated in the release of Gpg4win 2.0.0 on 7 August 2009 after a protracted beta testing phase, [8] which was based on GnuPG 2.0, included S/MIME support, Kleopatra as a new certificate manager, the Explorer plug-in GpgEX for cryptography operations on files, basic support of smart cards, a full set of German dialogue texts in addition to the English ones, new manuals in English and German, plus many other enhancements. [9]
In contrast to Gpg4win v2, which focused on new features and software components, the development of Gpg4win v3 focused on usability, plus consolidation of code and features: [10] This resulted in the release of Gpg4win 3.0.0 on 19 September 2017 with proper support for Elliptic Curve Cryptography (ECC) by utilising GnuPG 2.2 (instead of 2.0), broadened, stabilised and enhanced smart card support, a fundamentally overhauled Outlook plug-in GpgOL for Outlook 2010 and newer, support of 64-bit versions of Outlook 2010 and newer, supporting dialogues in all languages which KDE supports etc. [11] It is also distributed as GnuPG VS-Desktop with commercial support and approval for handling NATO RESTRICTED, RESTREINT UE/EU RESTRICTED and German VS-NfD documents, which in turn has become the major source of revenue for maintaining and further developing the GnuPG framework and Gpg4win. [12]
Gpg4win 4.0.0, released on 21 December 2021, [13] switched to using GnuPG 2.3 (from 2.2) and continued to refine and enhance the feature set of Gpg4win v3. [14]
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.
GNU Privacy Guard is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable with GnuPG and other OpenPGP-compliant systems.
Sylpheed is an open-source e-mail client and news client licensed under GNU GPL-2.0-or-later with the library part LibSylph under GNU LGPL-2.1-or-later. It provides easy configuration and an abundance of features. It stores mail in the MH Message Handling System. Sylpheed runs on Unix-like systems such as Linux or BSD, and it is also usable on Windows. It uses GTK+.
In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the centralized trust model of a public key infrastructure (PKI), which relies exclusively on a certificate authority. As with computer networks, there are many independent webs of trust, and any user can be a part of, and a link between, multiple webs.
Werner Koch is a German free software developer. He is best known as the principal author of the GNU Privacy Guard. He was also Head of Office and German Vice-Chancellor of the Free Software Foundation Europe. He is the winner of Award for the Advancement of Free Software in 2015 for founding GnuPG.
Enigmail is a data encryption and decryption extension for Mozilla Thunderbird and the Postbox that provides OpenPGP public key e-mail encryption and signing. Enigmail works under Microsoft Windows, Unix-like, and Mac OS X operating systems. Enigmail can operate with other mail clients compatible with PGP/MIME and inline PGP such as: Microsoft Outlook with Gpg4win package installed, Gnome Evolution, KMail, Claws Mail, Gnus, Mutt. Its cryptographic functionality is handled by GNU Privacy Guard.
In cryptography, Camellia is a symmetric key block cipher with a block size of 128 bits and key sizes of 128, 192 and 256 bits. It was jointly developed by Mitsubishi Electric and NTT of Japan. The cipher has been approved for use by the ISO/IEC, the European Union's NESSIE project and the Japanese CRYPTREC project. The cipher has security levels and processing abilities comparable to the Advanced Encryption Standard.
S/MIME is a standard for public-key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security, and the original specification used the IETF MIME specification with the de facto industry standard PKCS #7 secure message format. Change control to S/MIME has since been vested in the IETF, and the specification is now layered on Cryptographic Message Syntax (CMS), an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them. Since it is built on CMS, MIME can also hold an advanced digital signature.
In computer security, a key server is a computer that receives and then serves existing cryptographic keys to users or other programs. The users' programs can be running on the same network as the key server or on another networked computer.
GnuTLS is a free software implementation of the TLS, SSL and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over the network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures.
The following tables compare general and technical features of notable email client programs.
WinPT or Windows Privacy Tray is frontend to the Gnu Privacy Guard (GnuPG) for the Windows platform. Released under GPL, it is compatible with OpenPGP compliant software.
Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.
KDE Wallet Manager (KWallet) is free and open-source password management software written in C++ for UNIX-style operating systems. KDE Wallet Manager runs on a Linux-based OS and Its main feature is storing encrypted passwords in KDE Wallets. The main feature of KDE wallet manager (KWallet) is to collect user's credentials such as passwords or IDs and encrypt them through Blowfish symmetric block cipher algorithm or GNU Privacy Guard encryption.
In cryptography, the OpenPGP card is an ISO/IEC 7816-4, -8 compatible smart card that is integrated with many OpenPGP functions. Using this smart card, various cryptographic tasks can be performed. It allows secure storage of secret key material; all versions of the protocol state, "Private keys and passwords cannot be read from the card with any command or function." However, new key pairs may be loaded onto the card at any time, overwriting the existing ones.
The CryptoRights Foundation, Inc. (CRF) is a 501(c)(3) non-profit organization based in San Francisco. The CryptoRights Foundation helps human rights groups and other NGOs use encryption to protect their online communications. It has contributed to encryption standards such as OpenPGP, IPsec and GnuPG. The organization was founded on 26 February 1998 during a total solar eclipse on a boat chartered by attendees of the International Financial Cryptography Association conference on Anguilla by Dave Del Torto and a group of fellow "cypherpunk" cryptology experts.
GPG Mail is a commercial extension for Apple Mail which comes as part of GPG Suite, a software collection that provides easy access to a collection of tools designed to secure your communications and encrypt files. GPG Mail provides public key email encryption and signing. It integrates with the default email client Apple Mail under macOS and the actual cryptographic functionality is handled by GNU Privacy Guard.
DNS-based Authentication of Named Entities (DANE) is an Internet security protocol to allow X.509 digital certificates, commonly used for Transport Layer Security (TLS), to be bound to domain names using Domain Name System Security Extensions (DNSSEC).
pretty Easy privacy is a pluggable data encryption and verification system, which provides automatic cryptographic key management through a set of libraries for written digital communications. Its main goal is to make end-to-end encryption the default in written digital communications for all users in the easiest way possible and on the channels they already make use of, including e-mails, SMS, or other types of messages.
Mailvelope is free software for end-to-end encryption of email traffic inside of a web browser that integrates itself into existing webmail applications. It can be used to encrypt and sign electronic messages, including attached files, without the use of a separate, native email client using the OpenPGP standard.
Germany's Federal Office for Information Security (BSI)…in 2006…funded the development of GPG4win
Timestamp of installer file `gpg4win-1.0.0.exe`: 06 April 2006
Press release: Gpg4win 2.0.0 is ready, it does S/MIME and secure attachments
