Learn

In-depth articles on PGP, encryption fundamentals, and operational security. Written for technical readers who want to understand what is actually happening, not just which buttons to press.

• 8 min read

  How PGP works — a plain-English explainer

  PGP combines asymmetric and symmetric encryption to send private messages without ever sharing a secret. Here is what actually happens under the hood.

• 6 min read

  Why client-side crypto matters

  Server-side "encrypted" services still see your plaintext. Client-side crypto removes the server from the trust boundary entirely. Here is why that distinction is the whole game.

• 7 min read

  Argon2id vs PBKDF2: which key derivation function should you use?

  Both stretch a password into an encryption key, but they cost attackers very different amounts of money. Argon2id is the modern default; PBKDF2 is the compatible fallback.

• 5 min read

  How to verify a PGP signature, and why you should

  A signature on a release file is only useful if you actually check it. Here is the 30-second workflow, and what each step is really proving.

• 4 min read

  Air-gap mode: what it does, and what it does not

  A toggle in the corner of the app blocks every outbound network request. Here is the threat model it covers and the one it does not.

• 9 min read

  Setting up PGP for journalists: a practical 30-minute guide

  Sources contact journalists through whatever channel feels safe. PGP is one of the few that survives a subpoena. Here is the minimum setup that actually works.

• 5 min read

  How to encrypt an email with PGP — a 5-minute tutorial

  Sending your first encrypted email is faster than most guides make it look. Here is the minimal flow with no software install — just your browser.

• 6 min read

  How to import and verify a public key

  Anyone can claim to publish a PGP public key. Verifying it before you encrypt prevents you from sending secrets to the wrong person. Here is the workflow.

• 7 min read

  OpenPGP key types explained: RSA vs Curve25519 vs P-384

  Modern OpenPGP supports three key families. Each has different speed, size, and compatibility tradeoffs. Here is how to pick.

• 7 min read

  Backing up PGP keys safely

  Lose your private key and your encrypted history is unrecoverable. Steal a careless backup and your encrypted history is exposed. Here is how to back up without compromising either side.

• 6 min read

  Getting started with Generate Keys — your first key pair, step by step

  You opened the Generate Keys tool and you are staring at four fields. Here is what each one does and what to pick if you are not sure.

• 5 min read

  Encrypt a PGP message to multiple recipients

  Send one encrypted message that several people can decrypt independently. Here is how OpenPGP handles multi-recipient envelopes and the practical workflow.

• 6 min read

  OpenPGP subkeys explained — separate keys for signing, encryption, and authentication

  Modern OpenPGP keys are not one key but a primary key plus subkeys. Here is what each subkey does, why the separation matters, and how to generate them.

• 6 min read

  Rotating a PGP key — when, why, and the migration workflow

  When should you rotate a PGP key, and how do you do it without losing access to old encrypted messages? Here is the practical playbook.

• 5 min read

  PGP and cryptography glossary

  99 terms covering OpenPGP, modern cryptography, key derivation, and operational privacy — each linked to authoritative references.