Question

2

PGP Key Version, does it matter?

rated 0 times [ 2] [ 0] / answers: 1 / hits: 1175 / 2 Years ago, sat, may 21, 2022, 5:16:23

After reading about Google's attempt for end-to-end encryption with PGP keys, I noticed in their FAQ a section about exporting a key generated by their extension for use elsewhere. They say it's possible but that it requires GnuPG 2.1+ wherever you use it.

I had been running 12.04 LTS at the time I generated mine and so my version of gpg was 1.4.x, does that mean I can't import my key into a tool that uses 2.x?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

ncharm

Add To Favorites

Follow

Total Points: 255

Total Questions: 105

Total Answers: 118

Location: Virgin Islands (U.S.)

Member since Sat, May 6, 2023

1 Year ago

answered 2 Years ago disdry · Accepted Answer

Google's end-to-end encryption plugin makes use of elliptic curve encryption, which is not supported but from GnuPG version 2.1 (and this is still a development version).

But you can go the other way round, and locally create a "normal" RSA key which you can then import to Google's plugin.

Anyway: as the key stays in the plugin, you're at least not giving the private key to Google, but they still can use it for arbitrary operations without you knowing it. What runs inside a web browser is under control of the web site owner, not yours. Better use a mail client (eg. Thunderbird) with a GnuPG addon (eg. Enigmail) and configure it to use your Gmail account – more comfort, more security, better privacy.

Just for the wording: the OpenPGP key version is in both cases v4, but elliptic curves are a rather new encryption algorithm not supported yet by stable GnuPG versions.