What is PGP encryption and how does it work?

Share this page

When you send an encrypted email with Proton Mail, your message is automatically protected with PGP encryption. What is PGP? This article explains the tech behind our security promise.

PGP stands for Pretty Good Privacy, but the name is an ironic understatement. In fact, PGP is the most widely used email encryption system in the world. When you send messages using PGP encryption, no one can intercept and read your message in transit. PGP has been thoroughly field tested over its decades of use, its few vulnerabilities are well understood, and it has broad compatibility with other encryption clients. For these reasons, we use PGP as the backbone of our security architecture.

This article is part of a series explaining some of the tech behind Proton Mail. We have already covered end-to-end encryption and zero-access encryption. Here we’ll take a look at:

  • What PGP is
  • How PGP works
  • How you can use PGP to protect your communications

What is PGP?

PGP is a cryptographic method that lets people communicate privately online. When you send a message using PGP, the message is converted into unreadable ciphertext on your device before it passes over the internet. Only the recipient has the key to convert the text back into the readable message on their device. 

PGP also authenticates the identity of the sender and verifies that the message was not tampered with in transit.

Before PGP, your internet provider, your email provider, hackers, or the government could all theoretically read your messages. PGP was developed in the 1990s to allow email and other types of messages to be exchanged privately. 


Today, PGP has been standardized into OpenPGP, enabling anyone to write PGP software that is compatible and interoperable with other platforms that use PGP.

Several OpenPGP-compliant developer libraries have been created to help programmers implement PGP encryption in their applications. Proton Mail is the maintainer of two of these libraries: OpenPGP.js, for the Javascript programming language (used in our web app), and GopenPGP, for Go language (used in our mobile and desktop apps). OpenPGP.js, in particular, is one of the world’s most widely used OpenPGP libraries and has been thoroughly audited by security experts. 

PGP and Proton Mail

Historically, PGP was difficult to use, requiring additional software applications on top of your email provider or client. You also would have to manually generate encryption keys and exchange them with your contacts. 

With Proton Mail, PGP is built in and runs automatically and invisibly. When you compose an email to another Proton Mail user and click send, the message encryption and signature are applied automatically. You don’t have to do anything or need any specialized technical knowledge to encrypt your email with PGP.

Proton Mail makes PGP encryption easy, convenient, and accessible to everyone. 

How does PGP work?

PGP uses a combination of symmetric key encryption (i.e., a single-use session key which encrypts and decrypts the message) and public key encryption (i.e., the keys unique to the recipient encrypt and decrypt the session key). 

The below diagram shows how PGP encryption works.

For this article, we’ll stick with the high-level concepts. If you’re interested in the mathematics behind encryption, you can find (somewhat simplified) explainers that digest those topics.

PGP encryption

The first thing PGP does is generate a random session key. This key is an enormous number that is used to encrypt and decrypt the contents of the message. Only someone who knows the session key can read the message, and it is much too large to guess. This session key is also never used again for other messages.

Next, the session key is encrypted using the recipient’s public key. The public key is unique to each person and meant to be shared. Since it doesn’t change, your public key is like an email address. It is tied to you, and anyone can use it to send you an encrypted message.

Each person’s public key corresponds to their private key, which is secret. In PGP, when the recipient receives an encrypted message, they decrypt the session key using their private key. The plaintext session key then decrypts the message.

Why use two methods of encryption?

PGP takes the extra step of encrypting the message and the session key because public-key cryptography is much slower than symmetric cryptography, especially for large messages. It would take a lot of time and computing power to encrypt and decrypt large emails or files directly using the public key. Instead, public-key cryptography is only used to encrypt the session key, so it doesn’t take very long or use much computing power at all.

Using symmetric cryptography without public-key cryptography would be less convenient, because you would need to somehow share the session key with the recipient, and to do so in plaintext would not be secure. If you shared your session key in plaintext, anyone who intercepted it would be able to read it and then decrypt the entire message. 

Sharing the session key via another encrypted channel, or in person, would be impractical for your online communications. Therefore, PGP combines the efficiency of symmetric encryption and the convenience of public key encryption.

Digital signatures

There are two other aspects of PGP to note. The first is the digital signature. A digital signature proves to the recipient that an attacker has not manipulated the message or the sender, and can therefore be trusted. 

PGP does this by creating a unique number (the digital signature) using a combination of the sender’s private key and a mathematical redux (known as a message digest) of the plaintext message. If either the private key or the message is altered, the digital signature is invalid. 

Here’s how Proton Mail warns you if a sender verification has failed on your emails.

Trusting the public keys

Digital signatures help mitigate sophisticated attacks, but how can a sender know that the public key they’re using belongs to the person they think it does? After all, the server could easily give a bogus public key to the sender.

To solve this problem, we introduced Address Verification, which allows you to share your public key and digitally sign the public keys of others that you have personally verified. These trusted public keys are then securely stored in your encrypted contacts.

How secure is PGP?

PGP is a battle-tested standard, and we can be virtually certain that even intelligence agencies like the NSA cannot break its encryption. (PGP was the encryption method of choice for Edward Snowden when he leaked classified documents to Glenn Greenwald.)

While there have been security bugs with certain implementations of PGP, such as the infamous Efail vulnerability, PGP itself is very secure. Proton Mail has not been affected by any known vulnerabilities.

Like most other information security systems, the biggest weakness is the user. Often the simplest and most effective attacks are the least high-tech, as this comic illustrates. Phishing remains the most common kind of cyberattack, and PGP cannot protect you if your device or accounts are compromised. (Check out these email safety tips, and the password managers we recommend.) 

How to use PGP encryption

PGP is notoriously complicated. Most people who aren’t tech savvy would never bother to learn how to use PGP, while the people who do know how to use it often don’t, because it’s too tedious. While there are programs for Thunderbird, Outlook, and Apple Mail that enable PGP encryption, these are not practical solutions for everyday emails.

However, Proton Mail solves this problem by making PGP encryption automatic and built-in for all emails sent between Proton Mail accounts. You can also easily encrypt emails to non-Proton Mail users

Anyone can create a free Proton Mail account in a minute or two and immediately start sending PGP emails. Proton Mail can also offer a high level of privacy because we don’t require any identifying information to create an account.

Proton Mail also offers full PGP support, allowing advanced users to send and receive PGP-encrypted emails from non-Proton Mail users right in their mailbox. For traditional PGP users, this is by far the simplest way to communicate with other PGP users while still having the convenience of Proton Mail. Follow the link to learn how to use Proton Mail as your PGP client.

Final thoughts

As new encryption standards gain popularity, we will test and implement the strongest security features for Proton Mail. We will also continue to adapt to new cyber threats.

We recently upgraded to elliptic curve cryptography, which maximizes security and efficiency, and we commission independent security audits to ensure that all our apps meet the highest standards of security possible.

With the support of our community, we’re building a safer internet upon its time-tested foundations.

Pretty Good Privacy FAQ

What does PGP stand for?

PGP in full form is Pretty Good Privacy. While the name sounds like it means you are settling for less-than-amazing privacy, it’s actually incredibly strong. Phil Zimmermann (the developer of PGP and the man who named it) was inspired by the grocery store Ralph’s Pretty Good Grocery in Garrison Keillor’s stories about a fictional town Lake Wobegon.

What is OpenPGP?

OpenPGP (short for open-source PGP) is the standard that allows companies to make and distribute PGP-compatible products, like Proton Mail. OpenPGP is the free and open source version of the PGP standard. 
OpenPGP created a free environment for PGP encryption tools to thrive and compete with each other.

What is a PGP key?

PGP uses three types of keys. Your encrypted one-use session key, your personal private key (which should never be shared with anyone), and your public key. These three keys are used to encrypt your emails and prevent anyone from intercepting and reading them.
Your session key is used to encrypt your message, while the public and private key pairs are used to encrypt and decrypt the session key.

Join the Proton ecosystem
Create a free account

Share this page

Related articles

Over 300 billion emails are sent and received daily around the world, making it one of the most popular forms of communication. However, most modern email providers, such as Gmail or Outlook, do not adequately protect your emails.  Gmail stopped rea
Your calendar is more than just a planning tool — it’s a record of your life. It lists what you’ve done, where you’ve been, and who you’ve met. This information deserves the same level of protection as your email and files, which is why we created Pr
Everyone has files that need to be encrypted. From intimate personal details to legal and financial documents, your files contain information that should be private and secure. But many internet services we all use every day are not private. Compani
For years, Apple watched Google and Meta make billions by collecting every scrap of people’s data to target them with ads. Now it appears it was just taking notes. Apple’s advertising operation follows the surveillance capitalism model of its rivals
When we launched Proton Drive two months ago, we wanted to create a truly private and secure cloud storage service. An encrypted cloud that allows anyone on the internet to safely store, access, and share their files without worrying about unauthoriz
From our initial crowdfunding campaign to the recent launch of our encrypted cloud storage service Proton Drive, Proton has always been supported by the community. Your feedback tells us what new features to develop and which we should improve.  For