═══════════════════════════════════════════════════════════════════
    PGP ENCRYPTION SETUP GUIDE
    Complete Step-by-Step Tutorial for Darknet Users
═══════════════════════════════════════════════════════════════════

Source: TORZN Official (https://torzn-official.com)
Last Updated: January 2025

═══════════════════════════════════════════════════════════════════
    TABLE OF CONTENTS
═══════════════════════════════════════════════════════════════════

1. What is PGP?
2. Why You Need PGP
3. Installing GnuPG
4. Generating Your Key Pair
5. Backing Up Your Keys
6. Encrypting Messages
7. Decrypting Messages
8. Verifying Signatures
9. Key Management
10. Best Practices
11. Troubleshooting

═══════════════════════════════════════════════════════════════════
    1. WHAT IS PGP?
═══════════════════════════════════════════════════════════════════

PGP (Pretty Good Privacy) is encryption software that provides:
• End-to-end encryption for messages
• Digital signatures to verify authenticity
• Protection against interception
• Secure communication on darknet markets

GnuPG (GPG) is the free, open-source implementation of PGP.

═══════════════════════════════════════════════════════════════════
    2. WHY YOU NEED PGP
═══════════════════════════════════════════════════════════════════

Essential for darknet markets:
✓ Encrypt shipping addresses
✓ Verify vendor identities
✓ Secure sensitive communications
✓ Protect against market compromises
✓ Verify market mirror authenticity

Without PGP, your information is vulnerable even if the market
is compromised by law enforcement.

═══════════════════════════════════════════════════════════════════
    3. INSTALLING GnuPG
═══════════════════════════════════════════════════════════════════

WINDOWS:
1. Download Gpg4win from https://gpg4win.org/
2. Install with Kleopatra (GUI interface)
3. Verify download signature

MACOS:
1. Download GPG Suite from https://gpgtools.org/
2. Install GPG Keychain
3. Verify download

LINUX:
Already installed on most distributions
Command: gpg --version

TAILS OS:
Pre-installed and configured
Access via Applications > Encryption

═══════════════════════════════════════════════════════════════════
    4. GENERATING YOUR KEY PAIR
═══════════════════════════════════════════════════════════════════

USING KLEOPATRA (WINDOWS):

Step 1: Open Kleopatra
Step 2: Click "New Key Pair"
Step 3: Enter details:
   - Name: Use pseudonym (NOT real name)
   - Email: Use anonymous email or leave blank
   - Comment: Optional

Step 4: Advanced Settings:
   - Key Type: RSA
   - Key Size: 4096 bits (IMPORTANT!)
   - Expiration: 1-2 years recommended

Step 5: Create strong passphrase:
   - Minimum 20 characters
   - Mix of letters, numbers, symbols
   - Don't use dictionary words
   - Store in password manager

Step 6: Generate key (takes 1-2 minutes)

COMMAND LINE:

gpg --full-generate-key

Follow prompts:
1. Select RSA and RSA
2. Enter 4096 for key size
3. Set expiration (1y recommended)
4. Enter name (pseudonym)
5. Enter email (optional)
6. Create passphrase

═══════════════════════════════════════════════════════════════════
    5. BACKING UP YOUR KEYS
═══════════════════════════════════════════════════════════════════

CRITICAL: Backup immediately after generation!

EXPORT PRIVATE KEY:

Kleopatra:
1. Right-click your key
2. Export Secret Keys
3. Save to encrypted USB drive

Command line:
gpg --export-secret-keys -a "Your Name" > private-key.asc

EXPORT PUBLIC KEY:

Kleopatra:
1. Right-click your key
2. Export
3. Share this with others

Command line:
gpg --export -a "Your Name" > public-key.asc

EXPORT REVOCATION CERTIFICATE:

Command line:
gpg --gen-revoke "Your Name" > revoke.asc

Store revocation certificate separately from private key!

BACKUP LOCATIONS:
✓ Encrypted USB drive (primary)
✓ Paper backup (print and store securely)
✓ Second encrypted USB (offsite)
✗ Never: Cloud storage, unencrypted drives

═══════════════════════════════════════════════════════════════════
    6. ENCRYPTING MESSAGES
═══════════════════════════════════════════════════════════════════

STEP 1: Get recipient's public key
- From market profile
- From vendor listing
- Verify fingerprint!

STEP 2: Import their public key

Kleopatra:
1. Click "Import"
2. Select their public key file
3. Verify fingerprint matches

Command line:
gpg --import vendor-public-key.asc

STEP 3: Encrypt your message

Kleopatra:
1. Click "Sign/Encrypt"
2. Enter message
3. Select recipient
4. Click "Encrypt"

Command line:
echo "Your message" | gpg --encrypt --armor -r vendor@email.com

STEP 4: Copy encrypted message
Starts with: -----BEGIN PGP MESSAGE-----
Ends with: -----END PGP MESSAGE-----

STEP 5: Paste into market message system

═══════════════════════════════════════════════════════════════════
    7. DECRYPTING MESSAGES
═══════════════════════════════════════════════════════════════════

STEP 1: Copy encrypted message
Include BEGIN and END lines

STEP 2: Decrypt

Kleopatra:
1. Click "Decrypt/Verify"
2. Paste message
3. Enter your passphrase
4. Read decrypted message

Command line:
echo "-----BEGIN PGP MESSAGE-----..." | gpg --decrypt

STEP 3: Verify signature if present
Green checkmark = verified
Red X = signature invalid (WARNING!)

═══════════════════════════════════════════════════════════════════
    8. VERIFYING SIGNATURES
═══════════════════════════════════════════════════════════════════

Markets and vendors sign messages to prove authenticity.

VERIFY MARKET MIRROR LIST:

1. Get market's public PGP key
2. Import key
3. Download signed mirror list
4. Verify signature:

Command line:
gpg --verify mirrors.txt.sig mirrors.txt

Good signature = authentic
Bad signature = PHISHING!

VERIFY VENDOR MESSAGE:

1. Copy signed message
2. Decrypt/Verify in Kleopatra
3. Check signature status
4. Verify fingerprint matches vendor profile

═══════════════════════════════════════════════════════════════════
    9. KEY MANAGEMENT
═══════════════════════════════════════════════════════════════════

KEY FINGERPRINT:
Your key's unique identifier
Share this to verify your identity

View fingerprint:
gpg --fingerprint "Your Name"

Example: 1234 5678 90AB CDEF 1234 5678 90AB CDEF 1234 5678

KEY EXPIRATION:
Extend expiration:
gpg --edit-key "Your Name"
> expire
> save

Rotate keys annually for security

KEY REVOCATION:
If compromised:
1. Import revocation certificate
2. Upload to keyservers
3. Generate new key pair

═══════════════════════════════════════════════════════════════════
    10. BEST PRACTICES
═══════════════════════════════════════════════════════════════════

✓ Use 4096-bit keys minimum
✓ Set strong passphrase
✓ Backup keys securely
✓ Verify fingerprints always
✓ Use separate keys for different identities
✓ Rotate keys annually
✓ Store private key offline
✓ Test encryption before using

✗ Never share private key
✗ Never upload private key anywhere
✗ Don't use weak passphrases
✗ Don't skip fingerprint verification
✗ Don't store keys unencrypted
✗ Don't reuse keys across identities

═══════════════════════════════════════════════════════════════════
    11. TROUBLESHOOTING
═══════════════════════════════════════════════════════════════════

PROBLEM: "No secret key"
SOLUTION: Import your private key

PROBLEM: "Decryption failed"
SOLUTION: Check passphrase, verify message format

PROBLEM: "Bad signature"
SOLUTION: Message tampered or wrong public key

PROBLEM: "Key expired"
SOLUTION: Extend expiration or generate new key

PROBLEM: Can't find recipient's key
SOLUTION: Import their public key first

═══════════════════════════════════════════════════════════════════
    EXAMPLE: ENCRYPTING SHIPPING ADDRESS
═══════════════════════════════════════════════════════════════════

1. Get vendor's PGP public key from profile
2. Import key into Kleopatra
3. Verify fingerprint matches profile
4. Write address:

   John Smith
   123 Main Street
   Apt 4B
   New York, NY 10001
   USA

5. Encrypt for vendor
6. Copy encrypted message
7. Paste into market order form

═══════════════════════════════════════════════════════════════════
    QUICK REFERENCE COMMANDS
═══════════════════════════════════════════════════════════════════

Generate key:
gpg --full-generate-key

List keys:
gpg --list-keys

Export public key:
gpg --export -a "Name" > public.asc

Export private key:
gpg --export-secret-keys -a "Name" > private.asc

Import key:
gpg --import key.asc

Encrypt:
gpg --encrypt --armor -r recipient@email.com file.txt

Decrypt:
gpg --decrypt file.txt.asc

Verify:
gpg --verify file.sig file.txt

═══════════════════════════════════════════════════════════════════
    ADDITIONAL RESOURCES
═══════════════════════════════════════════════════════════════════

• GnuPG Documentation: https://gnupg.org/documentation/
• TORZN Security Guides: https://torzn-official.com/guides.html
• PGP Best Practices: https://torzn-official.com/blog/pgp-key-management-guide.html

═══════════════════════════════════════════════════════════════════

Remember: PGP is only secure if you use it correctly. Take time to
learn and practice before using on real markets.

© 2025 TORZN Official - All Rights Reserved