PGP Converter
AboutAbout This App
PGP Converter is a free, open-source tool for encrypting and decrypting messages using PGP (Pretty Good Privacy). It has been free, ad-free, and open source since its launch in May 2023. All cryptographic operations run entirely in your browser; no keys, messages, or passphrases are ever sent to any server.
This means:
- Your private keys never leave your device
- Your messages are never transmitted over the network
- The only external request the app makes is to fetch up-to-date donation wallet addresses on the donate page โ no user data is involved
- You can verify the source code on GitHub
Hosting & Privacy
PGP Converter is hosted on Netlify. Basic server-side analytics are enabled through Netlify's standard logs, giving us aggregate metrics like page views, unique visitors, and top locations. This data is never shared with anyone.
Beyond that:
- No cookies are set
- No client-side tracking scripts are loaded
- No third-party code runs on this site besides OpenPGP.js and a private API used solely to retrieve donation wallet addresses
- No personal data is collected, stored, or transmitted by the application
How PGP Works
PGP (Pretty Good Privacy) uses a system called public-key cryptography. Here's how it works:
Key Pairs
Every user has two keys that are mathematically linked:
- Public Key: Share this freely. Others use it to encrypt messages to you.
- Private Key: Keep this secret. Only you can decrypt messages with it.
Encryption
When someone wants to send you a secret message:
- They obtain your public key
- They encrypt their message using your public key
- Only your private key can decrypt the message
Decryption
When you receive an encrypted message:
- You use your private key and passphrase
- The message is decrypted and readable
Using This App
Generate Keys
Create a new PGP key pair. You'll need to provide your name, email, and a strong passphrase. Choose between ECC (faster, modern) or RSA (traditional, widely compatible) key types.
Go to Generate Keys โEncrypt Messages
Enter your message and the recipient's public key. The encrypted output can only be read by the person who has the corresponding private key.
Go to Encrypt โDecrypt Messages
Paste the encrypted message, your private key, and enter your passphrase to reveal the original message.
Go to Decrypt โSecurity Best Practices
Never share your private key with anyone. Store it in a secure location.
Choose a long, unique passphrase that you can remember but others cannot guess. This protects your private key.
Before encrypting, confirm you have the correct public key through a trusted channel.
Keep secure backups of your key pair. If you lose your private key, you cannot decrypt messages.
Security Considerations
As noted in the OpenPGP.js documentation, web-hosted cryptographic applications provide a different security model compared to installable applications. With web apps, users trust the server to deliver the correct code each time.
For maximum security in sensitive contexts:
- Verify the source code matches what is deployed
- Use browser developer tools to confirm no network requests are made during crypto operations
- For high-security needs, consider running locally or using dedicated PGP software