Navigation and service

BSI - Federal Office for Information Security (Link to homepage)

Gpg4win -- secure e-mail and file encryption

Logo Gpg4win

Why do we need to encrypt in the first place?

Computer technology has given us fantastic means to communicate and keep each other informed around the globe. However, the rights and freedoms that we have long taken for granted in other forms of communication now need to be secured in these new technologies. The Internet has taken over our lives so quickly and extensively that we have not fully kept up with protecting our rights.

When writing old-fashioned letters, we simply protected the contents of our messages inside an envelope. The envelope protects the messages from prying eyes, and it is easy to notice if the envelope has been tampered with. Only if what you are writing is not quite so important do you write it on an unprotected postcard that the postman or others can read.

It is up to you and no one else to decide whether the message is important, confidential or secret.

However, we are not free to decide this with e-mail. A normal e-mail is always open like a postcard, and the electronic "postman" -- and others -- can always read it. In fact, the reality is even worse: computer technology not only offers the means for carrying and distributing the many millions of e-mails each day, but also for controlling them, evaluating them or even altering them unnoticed.

No one would ever have seriously considered collecting all letters and postcards, evaluating their contents or logging senders and recipients. It would simply not have been feasible, or it would have taken too long. With modern computer technology however, this is technically possible with the absence of envelopes.

So what we are proposing here is an envelope for your electronic correspondence. It is entirely up to you whether you use it, when, for which recipients and how often. Software such as Gpg4win simply gives you back your freedom to choose. The choice of whether or not you personally consider a message to be important and worth protecting.

This is at the core of the right to privacy of correspondence, post and telecommunications set out in the German Basic Law, and Gpg4win software enables you to exercise this right. You don't have to use it -- just like you don't have to use an envelope. However, it is your right to do so.
How you value this security is completely up to you, because you alone determine the balance between convenience and maximum security when encrypting.

Scope of services

With Gpg4win, it is easy and free for anyone to encrypt and decrypt e-mails, files and file folders, as well as to secure and verify their integrity (unchanged) and origin (authenticity) by using digital signatures.

Gpg4win program components:

  • GnuPG: the central cryptography component with optional smartcard support
  • Kleopatra: the universal certificate manager for X.509 (S/MIME) and OpenPGP
  • GPA: the GNU Privacy Assistant, an alternative certificate manager
  • GpgOL: a plugin for Microsoft Outlook 2003/2007 as well as rudimentary for Outlook 2010/2013 and Outlook 2016 for secure e-mails according to the X.509 (S/MIME) and OpenPGP procedures
  • GpgEX: a plugin for Windows Explorer, that allows files and entire file folders to be signed, encrypted and checksums to be created (recursively) via a context menu.
  • The "Gpg4win Compendium", which explains in an understandable way the basics and details of how to install and use Gpg4win, as well as the background of the cryptography used.

Special features of Gpg4win:

  • Gpg4win enhances Outlook 2003, 2007, 2010, 2013 and 2016 by enabling them to process e-mails in line with the OpenPGP standard.
  • Full support of smartcards according to X.509 and the OpenPGP standard for all cryptographic functions: encryption and decryption, as well as signing and signature verification of e-mails, files and file folders (recursive).
  • Gpg4win enables Outlook 2007 from WindowsXP onwards, and Outlook 2003 in general, to decrypt and generate AES-encrypted S/MIME e-mails, as Gpg4win comes with its own crypto component, GnuPG, which is completely independent of Outlook and Windows. Only Outlook 2007 or later under Windows Vista or later versions can handle AES-encrypted S/MIME e-mails without Gpg4win.
  • All Gpg4win components are free software, so the source code is available to everyone, for example, to conduct an independent security analysis.

Prerequisites

Gpg4win is a package of programs providing secure e-mail and file encryption for Windows Vista, 7, 8 and 10 (both the 32 and 64 bit versions). Operation is user-friendly and can be carried out entirely in German; the detailed manual (Gpg4win Compendium) is also available in German.

The plugin, GpgOL, integrates the operation of the encryption software in Microsoft Outlook. GpgOL works with Outlook 2003, 2007, 2010, 2013 and 2016, and displays a warning if you try to use it with an older Outlook version. Please note that the e-mail editor should not be set to MS Word, but to Outlook's own editor, otherwise the icons for encrypting and signing cannot be displayed in the editor window.

Costs / terms of use

All Gpg4win components are free software and also licence-free. This means that everyone has the right to use Gpg4win commercially or privately as they see fit. Also, anyone is free to examine the source code, i.e. the actual programming of the Gpg4win components, to make changes to it themselves, and to pass on modified as well as unmodified versions under the same licence conditions.

Help / support

On the Gpg4win project website you have the opportunity to discuss questions and problems with Gpg4win users and developers via mailing lists and web forums ("community support"). You can also enter tested, reproducible errors that occur in a Gpg4win component in a bug tracker to report them.

Please note that frequently asked questions are answered in the Gpg4win compendium. Therefore, please always consult the compendium first to try and find answers to your questions.

You can also find professional, commercial support from the companies involved in the development of Gpg4win on the website.

Technical support for the installation and operation of Gpg4win by or via the Federal Office for Information Security (BSI) is generally not provided.

History

Gpg4win (GNU Privacy Guard for Windows) is a cryptography tool package originally commissioned by the German Federal Office for Information Security (BSI) for encrypting and signing in Windows, including in MS Outlook and Windows Explorer. Gpg4win 1.0 was developed through this initial commission in 2006 as a complete revision and update of GnuPP.

Since then, Gpg4win has been further developed through the support and commitment of many private individuals and companies, for example through comprehensible (i.e. easy to understand language and technically reproducible) error reports in the bug tracker, donations, improvements and extensions to the "Gpg4win Compendium" manual, program dialogues or the program source code, as well as the ordering of new functions.

Download / sources

The Gpg4wininstallation package can be downloaded from the project page: http://www.gpg4win.de/

"Sustainable free software" study

As part of the Gpg4win project, a study was conducted to examine the sustainable further development of commercially driven free software initiatives, using Gpg4win as an example.

References

  1. Gpg4win -- GnuPG for Windows
  2. GnuPG -- GNU Privacy Guard
  3. Gpg4win compendium (documentation for beginners and advanced users)
  4. Gpg4win community support: mailing lists and web forums
  5. Professional support for Gpg4win
  6. Intevation GmbH
  7. g10 Code GmbH
  8. Short study "Sustainable free software using Gpg4win as an example"
  9. GnuPP -- GNU Privacy Project
  10. Gpg4win report errors

  11. Gpg4win - Donations and new functions

Similar topics

Back to Free software