How to Decrypt Files Using GPG

This help file is intended to give more detailed, platform-specific instructions on how to decrypt files using GNU Privacy Guard (GPG) for those that need it.

First, some background: File encryption is required by U.S. Federal law when transmitting the proprietary information utilized in peer reviews. We have endeavored to make this process as simple as possible while using free software that is supported on all popular OS platforms, but we recognize that it is obviously not as easy as it could be. Please accept our apologies for the inconvenience and our thanks for the additional time and effort it takes to decrypt these files.

Windows

  1. First, download and install the latest version of GPG4Win. You will need administrator access to install it. Make sure you install the GPA component. It may not be part of the default installation.

  2. After GPG4Win has been successfully installed, launch GPA (gpa.exe), either by clicking on its icon or selecting it from the Windows "Start" menu.

  3. After it has launched, click on the "Files" icon in the toolbar of the "GNU Privacy Assistant - Key Manager" window. It is the third icon from the right in the toolbar, next to the "Clipboard" icon. This will open up the "GNU Privacy Assistant - File Manager" window.

  4. In that window, click on the "Open" icon in the toolbar (the first icon on the left of the "File Manager" toolbar) and then navigate to the encrypted (*.asc) file and open it. The file should now be listed in the "File Manager" window.

  5. Finally, click on the "Decrypt" button. This will present a dialog box for you to enter the passphrase. Type (or paste) the passphrase, which should have already been supplied to you by the mission's peer review staff. After a few moments, the file will be decrypted and you can quit GPA.

  6. You will likely still need to untar the decrypted file, but there are many Windows programs to do that (e.g., 7zip, WinZip, Winrar, Winace), and you may already have one of those utilities installed.

  • Alternatively, you can use the command line interface in a Terminal session. Note that the executable may be named "gpg2.exe" instead of "gpg.exe". It will probably be installed in C:\Program Files\GNU\GnuPG\. If that is the case, you should amend the recommended command line from "gpg" to "gpg2" accordingly.

Mac OS X

  1. First, download the GNU Privacy Guard for Mac OS X installer. We recommend downloading the latest 1.4.x version, which is 1.4.9 at the time of this writing.

  2. Locate the downloaded image file ("GnuPG1.4.9.dmg") in the Finder and double-click it to mount it.

  3. After the image mounts, double-click on the "GnuPG for Mac OS X 1.4.9.mpkg" installer package and follow the installer's instructions to install GPG on your Mac. You will need administrator access to do this.

  4. Next, launch the Terminal application, which should be located in the "Utilities" folder inside your main "Applications" folder. (Use Spotlight to locate it by searching for "Terminal", if necessary.)

  5. Once you have a Terminal window open, you will need to change directory to where the encrypted file was downloaded. For example, if the encrypted file is in your Downloads folder, you would type:

    cd ~/Downloads/

    If the encrypted file is on your desktop, you would type:

    cd ~/Desktop/
  6. If the encrypted file is in your home directory, you would just type:

    cd
  7. Finally, copy and paste one of the Unix-compatible commands for decrypting files, as given in the peer review instructions, into the Terminal window. The second command should work on Mac OS X and is recommended. If you get an error in the Terminal window that says "gpg: command not found" or similar, replace "gpg" with "/usr/local/bin/gpg" in the decryption command and try again.

  8. Depending on which Terminal command you used, you might still need to untar the decrypted file. We recommend utilizing the free utility The Unarchiver for that purpose. It can also be downloaded for free from the Mac App Store.

Linux, BSD, Solaris, or Other Unix-Like OS

Most popular Linux distros ship with GPG already installed. You should be able to just copy and paste the decryption command (as given in the peer review instructions) into any terminal window. If not, consult your distro's software package manager on how to install GPG (a.k.a. "gnupg"). Alternatively, the source code is also available.