Skip to content
🛠️ToolsShed

PGP Key Generator

Generate RSA or ECC OpenPGP key pairs for email encryption and digital signatures.

Note: Keys are generated using Web Crypto API in your browser. Keys are in PKCS8/SPKI PEM format. Use GPG to convert to OpenPGP format if needed.

About this tool

PGP (Pretty Good Privacy) is a cryptographic system that enables secure email encryption and digital signatures using public-key cryptography. Invented by Phil Zimmermann in 1991, it has become the standard for end-to-end encrypted communication across the internet. PGP is essential for journalists, activists, business professionals, and anyone who needs to protect sensitive information from interception. Unlike centralized security systems, PGP gives you complete control over your encryption keys, ensuring that only you and your intended recipients can read your messages.

To use this PGP key generator, choose your key type (RSA 2048/4096 or ECC Curve25519) and enter your name and email address. The tool generates a public key to share with others and a private key that you must keep secure and confidential. Once generated, you can import your keys into PGP-compatible software like GPG, Thunderbird with Enigmail, or Kleopatra, then use them to encrypt emails, sign documents, and authenticate digital communications. You can also upload your public key to a keyserver like keys.openpgp.org so others can easily find and use it to send you encrypted messages.

When generating your keys, protect your private key with a strong passphrase—this adds a critical second layer of security. ECC keys offer faster operations and smaller file sizes compared to RSA, making them ideal for modern systems, while RSA-4096 provides extra security margin if you're handling highly sensitive data. Remember that browser-based key generation, while convenient and secure for most users, has limitations; for maximum security in high-threat environments, consider generating keys offline with GPG. Whether you're just beginning with encrypted communication or managing enterprise-wide security, this tool simplifies the key generation process into a quick, straightforward workflow.

Frequently Asked Questions

Code Implementation

# pip install pgpy
import pgpy
from pgpy.constants import PubKeyAlgorithm, KeyFlags, HashAlgorithm, SymmetricKeyAlgorithm, CompressionAlgorithm

def generate_pgp_keypair(name: str, email: str, passphrase: str = None):
    """Generate an RSA PGP keypair."""
    key = pgpy.PGPKey.new(PubKeyAlgorithm.RSAEncryptOrSign, 4096)
    uid = pgpy.PGPUID.new(name, email=email)
    key.add_uid(
        uid,
        usage={KeyFlags.Sign, KeyFlags.EncryptCommunications},
        hashes=[HashAlgorithm.SHA512, HashAlgorithm.SHA256],
        ciphers=[SymmetricKeyAlgorithm.AES256],
        compression=[CompressionAlgorithm.ZLIB],
    )

    if passphrase:
        key.protect(passphrase, SymmetricKeyAlgorithm.AES256, HashAlgorithm.SHA256)

    public_key = str(key.pubkey)
    private_key = str(key)

    return public_key, private_key

# Generate a keypair
pub, priv = generate_pgp_keypair("Alice Smith", "alice@example.com", "strongpassphrase")
print("=== PUBLIC KEY ===")
print(pub[:100] + "...")
print("=== PRIVATE KEY ===")
print(priv[:100] + "...")

# Encrypt a message
def encrypt_message(public_key_str: str, message: str) -> str:
    pub_key, _ = pgpy.PGPKey.from_blob(public_key_str)
    pgp_msg = pgpy.PGPMessage.new(message)
    encrypted = pub_key.encrypt(pgp_msg)
    return str(encrypted)

Comments & Feedback

Comments are powered by Giscus. Sign in with GitHub to leave a comment.