openpgp-notes/book/source/encryption.md

<!--
SPDX-FileCopyrightText: 2023 The "Notes on OpenPGP" project
SPDX-License-Identifier: CC-BY-SA-4.0
-->

# Encryption

[Encryption](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt) is one of the core facilities of OpenPGP. It provides confidentiality.

For implementation details and discussion of advanced concepts, see [](/adv/encryption).
For an in-depth, packet-level view of encrypted data in OpenPGP, see [](/zoom/encryption).

## High-Level overview of the message encryption process

Encryption in OpenPGP is performed in two distinct steps:

1. **Session key transmission**: For each recipient of the message, a packet that contains a protected copy of the session key is generated.
2. **Symmetric encryption**: The actual plaintext message is encrypted based on the [*session key*](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-confidentiality-via-encrypt). The resulting (potentially large) ciphertext only needs to be stored once, even if it is sent to multiple recipients who use different OpenPGP keys. All recipients get access to the same shared *session key* to decrypt the message.

```{note}
Above, "plaintext" means one of:

- *{term}`Literal message<Literal data packet>`*,
- *{term}`Compressed message<Compressed data packet>`*, or
- *{term}`Signed message<Inline Signature>`*.
```

## Session key transmission

- Usually, the *session key* is encrypted to a public encryption component key of the recipient.
- Alternatively - or additionally - the *session key* may also be encrypted using a passphrase. This is a specialized and less commonly used mode of operation that doesn't require OpenPGP certificates.

### Session key encrypted for a recipient's component key

### Session key encrypted to a passphrase

## Symmetric encryption of data

Different versions of encrypted data in OpenPGP have been specified over time. They use different cryptographic mechanisms, internally, and the assurances they provide differ. However, from an application perspective, all of them are applied in the same way:

The plaintext data is encrypted using a symmetric *session key*. To decrypt, the same session key is used.

The stored plain text consists of an [OpenPGP message](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-openpgp-messages). That is, after decryption, the data is formatted as a series of OpenPGP packets.