Step-by-step, Practical Encryption with WinPT

A quickstart guide for GPG encryption using Windows Privacy Tools (WinPT) for Windows users.


Windows Privacy Tools (WinPT) is available from or as part of the excellent OpenCD project.

Windows Privacy Tools (WinPT) is a collection of applications to assist you with digital encryption and signing of documents, email, or other files. It uses GnuPG for its encryption, which is compatible with OpenPGP compliant software (like PGP). With this program you can create a set of public and private keys, which you can then be stored on a key ring. The public keys are distributed freely to others and is used by them to encrypt material intended for your eyes only. You then use your private key (which you must guard closely) to decipher the message. In a similar way, you can use your private key to digitally sign a document, the origin of which can then be confirmed by others using the corresponding public key.

Installing WinPT

This page will address installing from The Open CD.

Put your CD into the drive. You should be automatically greeted with the welcome screen. The disc itself is a brilliant and worthwhile project, but we are simply using it as a means to an end. Our goal is to get and install Windows Privacy Tools.

This disc contains a compilation of high quality Open Source software for Windows.

The OpenCD welcome

Select “Continue”. You’re now presented with the main menu. WinPT appears under “Utilities & Other”.

The OpenCD menu and the WinPT menu The OpenCD WinPT install

Within “Utilities & Other”, press “next” until you are presented with the Windows Privacy Tools selection. Press “install”, select your language and walk through the installer. We suggest you install everything available, including email plug ins if you use Outlook. For this article, we will assume that you do not use Outlook however, so if you use one of the other wonder email clients such as Mozilla , you will still be able to proceed.

The first time you run WinPT, you may be presented with an error message. If this is the case, select “yes”.

WinPT Keyring confirm box

This is generally caused by not having any “keyrings” yet, or by not having a registered keyboard shortcut (see the WinPT FAQ entry on this topic for more information).

If you haven’t yet created keyrings, you should do so now. Select “Have WinPT generate a key pair”.

WinPT generate keys box

The screen you’ll be presented with is is a series of drop down menus and text boxes. Fill in the information as appropriate. We suggest you accept the defaults where applicable for now.

WinPT Key Generation

When you are finished, select “Start”. WinPT will generate your keypairs. The process will take a few moments, after which you’ll have the opportunity to back-up your data. You should do this!

Congratulations, you’re now ready to encrypt and decrypt using GPG (GNU Privacy Guard).

WinPT in the system tray

You should see the WinPT icon in your system tray, and right clicking on it brings up a list of options. Try it now, and select “Key Manager”.

WinPT Key Manager

In order for the rest of the world to trust you, you’ll need to provide them with your “public key”. You can do this by selecting your user, and selecting edit > copy. Now in your keyboard you should see a long alpha-numeric string. For example, my public key is:

    Version: GnuPG v1.2.1 (MingW32) - WinPT 0.7.96rc1

You’ll need to provide that key to others, usually in an email, via a web page or through a keyserver.

Importing a public key with WinPT

In order for you to descramble an encrypted message, you first need to know the public-key of the author of that message. Importing a key is a straight-forward process. Launch the Key Manager by right-clicking the WinPT icon in the system tray, and selecting “Key Manager”.

Now go to the public key of the author (you can use my Public Key at if you wish). Copy everything between (and including)

“—–BEGIN PGP PUBLIC KEY BLOCK—–” and; “—–END PGP PUBLIC KEY BLOCK—–”. You now have the public key in your clipboard. In the key manager, select edit > paste. WinPT will now import the data, and present you with a Key Import screen. Press the Import button.

WinPT Key Import

You may not see the new entry unless you select “Key > Reload Key Cache”. This is normal.

WinPT Key Refresh

You can now send encrypted messages to this individual. Notice that within the Key Manager, your key has both a public and secret pair, but your others have only the public key.

You still will not be able to use this key to verify with, until you “sign” it. To do this, from within the Key Manager, right-click the key you want to use, and select “Sign” from your menu.

winPT sign a key

Encrypting your text using WinPT

WinPT can encrypt and decrypt text in a number of ways. The process is performed via the Windows clipboard which makes WinPT universal.

First, type up the message you want to encrypt. You can do this in any program, including your email program. Next select all of the text, and edit > copy.

winPT copy clipboard

Your text is now in your clipboard. To encrypt it, right-click on the WinPT system tray and select clipboard > encrypt. Choose the person to whom you want to send the encrypted message from the Key Manager and press OK. Now you can delete your un-encrypted message and paste your encrypted version instead.

WinPT encrypted clipboard

Now send your file, knowing it is safe, and only readable by the individual who you signed it for.

Unencrypting text using WinPT

In order for you to unencrypt text, the person would have needed to sign it with your public key.

To unencrypt, simply copy the encrypted text to your clipboard, and select Decrypt/Verify. You can now paste the unscrambled message into any application and read it.

WinPT decryption

This entry was made on and filed into How-To.


No comments yet, be the first to write one!