Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
What is GPG and why is it used in the password manager "pass"

I was just asked what is GPG and why is it used in pass password manager ( I will try to briefly explain everything starting from public-key cryptography. So:

Besides the usual way of encryption, symmetrical encryption, which goes like, you have a password and to encrypt you need that password and to decrypt you need that password, there is also another way, the way of public-key cryptography, assymetrical encryption.

In it, you have two keys, related in a way such that you can hardly guess one from the other, but if you encrypt something with the first of them (called the public key, since the public is free to give any data) it will be only decryptable with the second (called private, since only the recipient should have it).

These algorithms are usually rather slow, so usually it's done like, you generate a random key (usually called session key) for symmetrical encryption and then package data encrypted symmetrically with it, along with just that small key encrypted with public keys of each of the recipients.

By the way there are also algorithms which, using sometimes even the same pair of keys — but the other way — allow to, using the private key, create a digital signature (veryfing some small piece of data like a checksum hash, since these algorithms are slow just like in case of encryption) over a piece of data.

The most popular standard of a toolkit for using these methods is OpenPGP, derived from PGP software. GnuPG (GPG) is a GNU implementation of OpenPGP, the most popular one.

Usage of GPG starts with generating a new key.

In GPG a key is actually a set of identities plus a set of subkeys (subkeys are the cryptographic-nomenclature keypairs in GPG).

Each subkey has a role assigned to it: there is encryption, signing — and also authorization iirc (which, not to complicate things, we will say is probably just implemented basing off signing) and placing signatures on identities (this one is mandatory and can only be realized by the main subkey in a key). For each key, you have, in your local database, some stored public keys of subkeys and along them you can also have some private keys of some subkeys that you have the public key for.

Each identity consists of the data (either a photo or a name+emailaddr+comment) and of the set of signatures. Signatures are generated with the keysigning-role-assigned subkey of people — they import your public key, place a signature on some of your identities to verify them, and than export the public key again with the signatures attached, which when you import it join the set of signatures in your database. They are always signed by your own keysigning subkey in the first place.

Generating a new key begins with picking in which algorithm it is going to be, and whether there is going to be a subkey just for signing or also one for encryption. To increase hardness of cracking, software doesn't make it easy to create a key with just one subkey for both signing and encryption, although you can accomplish it with key editing.

It then proceeds to creating the main identity of a key, asking you for a name, email address, and an optional comment for the identity.

It then asks you for a password to symmetrically encrypt the private keys of all the subkeys of the key — every export of private key or private subkeys will also always be encrypted with it later, and you will have to enter it before each use (although gpg-agent will store the unencrypted private keys for you for some time of runtime).

Then you wait for it to generate random indivisible prime numbers.

The public key you can export to a file and publish. Usually people have them on their websites, or they publish their long keyIDs that are hard enough to create collisions of, with the public keys themselves residing on some keyservers like or or or or some Debian keyservers or some other ones. To most of them you export with --send-keys and get from them with --recv-keys — instead of having to click-download the files from some non-API websites and --import them (or --export and upload).

So such a key is usually a piece of one's digital identity. People have their keys, sometimes with all the private subkeys, sometimes with just some of them, not just on their laptops but sometimes even on their smartphones — to be able to decrypt (or sign) something like an email or an XMPP/Jabber message. They need them to sign software packages, to sign a version control revision (like a Git tag or commit). Some even use them as SSH keys. And ultimately, they often use them when encrypting files to themselves, even if the machine that they are encrypting on has both the public and the private key — because they're handy, being already there.

A password manager is basically having some stuff decrypted regularly, and rarely encrypted somewhere not trusted enough not to have the ability to decrypt there. So while gpg increases the security by serving as a separate piece of the key (since password can be guessed, but you need both the password and the key files in case of gpg and some stronger solutions), for a password manager it is used just because of the handiness, and could be replaced by something not utilizing assymetrical encryption, but just having a symmetrically encrypted bigger symmetric key instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment