A significant milestone has been reached in the development of the GNU Privacy Guard (GNUPG), with the release of version 2.5.0 after a year and a half of work. This latest release is compatible with the standards of OpenPGP (RFC-4880) and S/MIME, providing users with tools to encrypt data, work with electronic signatures, control keys, and access public keys. The project’s code is written in the SI language and is distributed under the GPLv3 license.
GNUPG 2.5.0 marks the first release of a new code base incorporating the latest advancements. The next stable release, GNUPG 2.6.0, will be based on the GNUPG 2.5 branch, while GNUPG 2.4 remains as the stable branch recommended for general use. GNUPG 1.4 continues to be available for systems with limited resources and supports outdated encryption algorithms.
The main innovations in GNUPG 2.5.0 include:
- Experimental support for the combined algorithm Kyber+ECC for generating open keys, combining elliptic curve cryptography (ECC) with the Kyber algorithm, which is resistant to attacks from quantum computers.
- The GPG utility now allows users to specify “PQC” in the “–quick-gen-key” option to use quantum-resistant algorithms.
- An additional option “–show-only-session-key” has been added to display only session keys.
- Authorized persons can now revoke user privileges in output modes other than “–with-Colons.”
- The option “–with-Sig-Check” can now be used along with “–show-Key” in output modes other than “–with-colons.”
- Error handling has been improved, and key imports to TPM (Trusted Platform Modules) have been streamlined.
- Enhanced support for 64-bit Windows has been implemented.