The GNU Privacy Guard

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 (also known as PGP). GnuPG allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories. GnuPG, also known as GPG, is a command line tool with features for easy integration with other applications. A wealth of frontend applications and libraries are available. GnuPG also provides support for S/MIME and Secure Shell (ssh).

Since its introduction in 1997, GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License .

The current version of GnuPG is 2.4.5. See the download page for other maintained versions.

Gpg4win is a Windows version of GnuPG featuring a context menu tool, a crypto manager, and an Outlook plugin to send and receive standard PGP/MIME mails. The current version of Gpg4win is 4.3.1.

Reconquer your privacy

Arguing that you don't care about the right to privacy because you have nothing to hide is no different from saying you don't care about free speech because you have nothing to say. – Edward Snowden

Using encryption helps to protect your privacy and the privacy of the people you communicate with. Encryption makes life difficult for bulk surveillance systems. GnuPG is one of the tools that Snowden used to uncover the secrets of the NSA.

Please visit the Email Self-Defense site to learn how and why you should use GnuPG for your electronic communication.

News

GnuPG 2.4.5 and Gpg4win 4.3.1 released (2024-03-12)

We are pleased to announce the availability of a new stable GnuPG release: version 2.4.5. This version fixes a couple of bugs and comes with some new features. {more}

Security advisory for smartcard keys with backup   important

GnuPG versions 2.4.2, 2.4.3, and 2.2.42 had a regression in the default way to create smartcard keys. If you created a key with the –edit-key command using one of these versions, please head over to our security advisory:

https://gnupg.org/blog/20240125-smartcard-backup-key.html

GnuPG 2.4.4 released (2024-01-25)

We are pleased to announce the availability of a new stable GnuPG release: version 2.4.4. This version fixes a couple of bugs, comes with some new features. A smartcard related security bug is also fixed and a tool to check for this flaw is provided. {more}

GnuPG 2.4.3 released (2023-07-04)

We are pleased to announce the availability of a new stable GnuPG release: version 2.4.3. This version fixes some minor bugs and improves the performance on Windows. {more}

GnuPG 2.4.2 released (2023-05-30)

We are pleased to announce the availability of a new stable GnuPG release: version 2.4.2. This version fixes some minor bugs and improves the performance on Windows. {more}

GnuPG 2.4.1 released (2023-04-28)

We are pleased to announce the availability of a new stable GnuPG release: version 2.4.1. This release comes with a lot of new features and fixes some minor bugs. {more}

25 Years of GnuPG (2022-12-20)

Exactly 25 years ago the very first release of GnuPG was published. We are pleased to take this opportunity to announce the availability of GnuPG version 2.4.0.

This release has a few new features and the binary releases come with an updated Libksba to fix another vulnerability related to CVE-2022-3515. {more}

Libksba security advisory update (2022-12-20)   important

Another bug has been found in Libksba which affects all versions of libksba before 1.6.3 (CVE-2022-47629). Our security advisory for CVE-2022-3512 has been updated accordingly. Windows users should update to Gpg4win 4.1.0 or to GnuPG VS-Desktop 3.1.26.

GnuPG / Libksba security advisory (2022-10-17)   important

A severe bug has been found in Libksba, the library used by GnuPG for parsing the ASN.1 structures as used by S/MIME. The bug affects all versions of Libksba before 1.6.2 and may be used for remote code execution. Updating this library is thus important.

Please see our security advisory for CVE-2022-3512. For download links please see the download page. Windows users should update to Gpg4win 4.0.4 or to GnuPG VS-Desktop 3.1.25.

GnuPG 2.3.8 released (2022-10-13)

We are pleased to announce the availability of a new stable GnuPG release: version 2.3.8. This release comes with a lot of new features and the binary releases come with the fix for the Libksba vulnerability CVE-2022-3515. {more}

GnuPG 2.3.7 released (2022-07-11)

We are pleased to announce the availability of a new stable GnuPG release: version 2.3.7. This release fixes CVE-2022-34903 which could be used to inject wrong status information in signatures. The status information could then be abused to display a wrong validity in Kleopatra and other users of GPGME. {more}

GnuPG 2.3.6 released (2022-04-25)

We are pleased to announce the availability of a new stable GnuPG release: version 2.3.6. This release fixes a regression introduced in 2.3.5 released just a few days ago. {more}

GnuPG 2.3.5 released (2022-04-21)

We are pleased to announce the availability of a new stable GnuPG release: version 2.3.5. This is another release in the stable 2.3 series which introduces new options, improves the performance, and fixes some bugs. {more}

Libgcrypt 1.10 is the new stable branch (2022-03-28)

Although we will keep on maintaining the 1.8 branch, the new stable branch is now 1.10. Version 1.10.1 comes with a lot of performance improvements and a few other new features. It provides full API and ABI compatibility to previous versions. {more}