I got "BEGIN PGP PUBLIC KEY BLOCK" attached to an email and I don't know what it is [duplicate]

Okay, I have no clue what this is, but I just received an email that has this in it.

-----BEGIN PGP PUBLIC KEY BLOCK-----

[redacted]

-----END PGP PUBLIC KEY BLOCK-----

If this means something, could someone decode it for me? If not, then could someone just tell me what it is?


Solution 1:

This is the PGP public key belonging to (presumably) the email's author. Its primary uses are:

  • to encrypt messages that you're sending to the key's owner (i.e. email privacy);

  • to verify digital signatures made by the key's owner (proof of authorship).

The PGP standard is used by such software as GnuPG (Gpg4win), Enigmail, OpenKeychain, Symantec Desktop Email Encryption (aka PGP.com), and so on.

As for why it was sent to you: you'll have to ask the person you got it from. Note that some mail apps begin automatically attaching the sender's PGP key to all messages as soon as the feature is set up, even if the sender didn't exactly ask for it.

If the sender didn't specifically request usage of PGP encryption or signing, and if you don't intend to use it either, then the attachment can be ignored.

Solution 2:

It's harmless, and possibly useful. Users of PGP (Pretty Good Privacy) (and other similar apps) send a 'public key', such as you saw in the message, so folks who have the key for that user can verify the message really came from the named sender. The 'public key' can also be used to encrypt a message which anyone with a PGP-like app can send to that user which only that user can decrypt with their private key.

Solution 3:

I used to know a website that did PGP packet decoding, but I can't find it now, so here's one from my system:

# off=0 ctb=99 tag=6 hlen=3 plen=269
:public key packet:
    version 4, algo 1, created 1537793680, expires 0
    pkey[0]: [2048 bits]
    pkey[1]: [17 bits]
    keyid: 19C85A0C5ACBA088
# off=272 ctb=b4 tag=13 hlen=2 plen=33
:user ID packet: "[snipped]"
# off=307 ctb=89 tag=2 hlen=3 plen=334
:signature packet: algo 1, keyid 19C85A0C5ACBA088
    version 4, created 1537793680, md5len 0, sigclass 0x13
    digest algo 10, begin of digest d2 ec
    hashed subpkt 33 len 21 (issuer fpr v4 16683B6345CFB4E0D68C3A6819C85A0C5ACBA088)
    hashed subpkt 2 len 4 (sig created 2018-09-24)
    hashed subpkt 27 len 1 (key flags: 03)
    hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 2)
    hashed subpkt 21 len 5 (pref-hash-algos: 10 9 8 11 2)
    hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
    hashed subpkt 30 len 1 (features: 01)
    hashed subpkt 23 len 1 (keyserver preferences: 80)
    subpkt 16 len 8 (issuer key ID 19C85A0C5ACBA088)
    data: [2047 bits]
# off=644 ctb=b9 tag=14 hlen=3 plen=269
:public sub key packet:
    version 4, algo 1, created 1537793680, expires 0
    pkey[0]: [2048 bits]
    pkey[1]: [17 bits]
    keyid: 4364B1912195D6CB
# off=916 ctb=89 tag=2 hlen=3 plen=310
:signature packet: algo 1, keyid 19C85A0C5ACBA088
    version 4, created 1537793680, md5len 0, sigclass 0x18
    digest algo 10, begin of digest 20 d2
    hashed subpkt 33 len 21 (issuer fpr v4 16683B6345CFB4E0D68C3A6819C85A0C5ACBA088)
    hashed subpkt 2 len 4 (sig created 2018-09-24)
    hashed subpkt 27 len 1 (key flags: 0C)
    subpkt 16 len 8 (issuer key ID 19C85A0C5ACBA088)
    data: [2046 bits]

It contains an RSA-2048 masterkey (id 19C85A0C5ACBA088) signed by itself, as is standard, and not countersigned/endorsed by anybody else, which may (or may not) affect whether and how much you trust it, and which specifies the e-mail address of the owner (on gmail -- presumably the person who sent you the mail). It also contains an RSA-2048 encryption subkey (4364B1912195D6CB) signed by the masterkey, as is standard. If you decide this key block is truly from that person (not faked), you can use it to encrypt emails (or files) so they are secure: no one other than that person should be able to decrypt them.