This glossary explains key encryption-related terms you may encounter when using FlowCrypt. It focuses on OpenPGP, cryptography, and email security concepts that appear across FlowCrypt applications and documentation.
Jump to a Letter
A
ASCII Armor
A text-based representation of binary PGP data, typically enclosed between -----BEGIN PGP MESSAGE----- and -----END PGP MESSAGE-----. It allows encrypted data to be sent over text-only channels like email.
Asymmetric Encryption
A cryptographic method using two separate keys - one public key and one private key. Messages encrypted with a public key can only be decrypted with the corresponding private key.
C
Ciphertext
Encrypted data produced after applying encryption to plaintext. It is unreadable without the correct decryption key.
Compression
A process of reducing data size before encryption to improve efficiency and security. PGP applies compression automatically to plaintext before encryption.
Cryptographic Signature
A digital signature generated using a private key to verify that a message was not modified and originated from the claimed sender.
D
Decryption
The process of converting ciphertext back into readable plaintext using a private key.
E
Email Encryption
The process of securing email content so that only the intended recipient can read it. FlowCrypt implements OpenPGP for this purpose.
Encryption
The process of converting plaintext into ciphertext using a cryptographic algorithm and a key. Encryption can be symmetric or asymmetric.
Entropy
A measure of randomness collected by a system to generate secure cryptographic keys. Higher entropy results in stronger key pairs during PGP key generation.
K
Key Expiration
A date set on a PGP public key or private key that determines when it will no longer be valid. It helps users rotate keys periodically.
Key Fingerprint
A short, unique identifier derived from a public key. It is used to verify that the correct public key is being used.
Key Pair
A matched pair of cryptographic keys - one public key, one private key - used for encryption and decryption.
O
OpenPGP
The open standard for encrypting and signing data using public key cryptography. FlowCrypt is built on OpenPGP and compatible with other implementations like GnuPG.
P
Passphrase
A password that protects a private key. It prevents unauthorized use if the key file is compromised.
Plaintext
The original readable content before encryption.
Private Key
A secret key used to decrypt messages and create digital signatures. It must always remain confidential.
Public Key
A key that can be freely shared and used by others to encrypt messages for the owner or to verify their signatures.
Public Key Server
A service that stores and distributes users’ public keys to make them discoverable for secure communication.
R
Revocation Certificate
A file created when a PGP public key or private key is generated, used to invalidate the key if it becomes lost or compromised.
S
Session Key
A temporary symmetric key generated for encrypting a single message. The session key is then encrypted with the recipient’s public key.
Signature Verification
The process of confirming that a message’s digital signature was created with the claimed sender’s private key and that the content was not modified.
Symmetric Encryption
Encryption that uses the same key for both encryption and decryption. PGP uses symmetric encryption internally after establishing a session key.
T
Trust Level
An indication of how much confidence you have in a public key’s authenticity. PGP uses a web of trust to evaluate this confidence.
U
User ID
An identifier associated with a public key, typically containing a name and email address. User IDs help verify that the key belongs to the correct person.
W
Web of Trust
A decentralized trust model used by PGP, where users sign each other’s keys to indicate trust in their authenticity.