The GNU Privacy Guard (GnuPG or GPG) is a free software replacement for the PGP suite of cryptographic software. GnuPG is based on OpenPGP and is interoperable with the current version of PGP
You can use GnuPG for encrypting e-mails, encrypting files in your filesystem, and for creating digital signatures.
GnuPG(PGP too) works using a technique called Public Key Encryption.
Public Key Encryption
Consider the case of sending a secret email. Classic methods for encryption only use one key for encryption. The sender encrypts the message with this key. The receiver uses this very same key to decrypt the message. So that means the key too has to be given to the receiver in someway. But if somebody else too somehow obtains this key then he too can decrypt the message.
In Public Key Encryption system there are actually a pair of keys, the Public Key which can be given to anyone and the Private Key which is available only to the owner. Now, a message (or a file) encrypted with the Public Key can only be decrypted with the Private Key of the same pair. So to send a mail to Alice, we actually encrypt with her public key and send to her, now only Alice can decrypt this message with her private key.
Digital Signatures
Digital Signatures are just like normal signatures. They are used to check whether the message is from the one who claims to the author. The method is simple, We can digitally sign the messages we send using our Private Key. Now the receiver can verify the authenticity of the message using our Public Key.
You can see that Digital Signature works the in an opposite fashion than Public Key Encryption.
