Complete PGP Encryption Tutorial

1.1 Choose Your Operating System

Download appropriate PGP software for your device:

1.2 Install PGP Software

Run installer and follow setup wizard:

• Windows: Run Gpg4win installer, click "Next" through wizard, select all components
• Mac: Open .dmg file, drag GPG Suite to Applications, enter admin password
• Linux: Use package manager command from above
• Installation takes 1-3 minutes

1.3 Launch Key Management Application

Open PGP key management interface:

• Windows: Start Menu → Kleopatra
• Mac: Applications → GPG Keychain
• Linux: Applications → Passwords and Keys (Seahorse), or use command line

✓ Installation Complete: PGP software installed and ready for key generation. Proceed to create your encryption keypair.

2.1 Create New Key Pair

Generate your unique PGP keypair for Vortex Market:

• Open Kleopatra (Windows) or GPG Keychain (Mac)
• Click "New Key Pair" or "New" button
• Select "Create personal OpenPGP key pair"

2.2 Enter Key Information

Fill out key creation form:

• Name: Can use pseudonym (e.g., "VortexUser2025") - not linked to identity
• Email: Optional - can leave blank or use fake email for Vortex keys
• Comment: Optional - can add "Vortex Market Key" for identification
• Click "Advanced Settings" or "Expert Settings"

2.3 Configure Advanced Settings

CRITICAL: Select proper key strength and algorithm:

• Key type: RSA (most compatible with Vortex Market)
• Key size: 4096 bits (maximum security - required by many vendors)
• Expiration: 2-3 years recommended (prevents old compromised keys from being used indefinitely)
• Avoid smaller key sizes (2048-bit becoming outdated)

2.4 Create Strong Passphrase

Passphrase protects your private key on your computer:

• Length: Minimum 25 characters (longer = better)
• Complexity: Mix uppercase, lowercase, numbers, symbols
• Uniqueness: Never reuse passwords from other accounts
• Example format: "Correct-Horse-Battery-Staple-2025-Vortex-#7@9"
• Use password manager (KeePassXC, Bitwarden) to generate and store
• Write physical backup stored in secure location (safe)

🚨 PASSPHRASE WARNING: If you forget your passphrase, you cannot decrypt messages sent to you. EVER. There is no password recovery, no customer support, no backdoor. Write it down and store securely.

2.5 Generate Key Pair

Create the keys:

• Click "Create" or "OK"
• Enter passphrase when prompted (twice for confirmation)
• Key generation takes 30-60 seconds (4096-bit keys require significant computation)
• Success message displays: "Key pair successfully created"

✓ Key Pair Created: You now have public key (for sharing) and private key (keep secret). Proceed to backup your private key.

3.1 Export Private Key

CRITICAL SECURITY STEP: Backup private key immediately:

• In Kleopatra/GPG Keychain, find your newly created key
• Right-click key → "Export Secret Keys..." or "Export"
• Choose save location (encrypted USB drive recommended)
• File format: .asc (ASCII armored - readable text) or .gpg (binary)
• Save file as "vortex-private-key-backup.asc"

3.2 Secure Backup Storage

Store private key backup securely:

• Encrypted USB drive: Use VeraCrypt, BitLocker, or LUKS to encrypt USB
• Physical security: Store USB in safe, safety deposit box, or secure location
• Multiple backups: 2-3 copies in different physical locations
• Never cloud storage: No Dropbox, Google Drive, iCloud - offline only
• Test backup: Import to clean computer to verify backup works

3.3 Export Public Key

Extract public key to share on Vortex Market:

• Right-click key → "Export..." (NOT "Export Secret Keys")
• Save as "vortex-public-key.asc"
• Public key safe to share freely - paste to Vortex profile
• Open .asc file in text editor to view public key block

⚠️ Critical Distinction: Public key = safe to share with everyone. Private key = NEVER share with anyone, including vendors or Vortex support. If someone asks for private key, it's a scam.

4.1 Import Vendor's Public Key

Before encrypting to vendor, import their public key:

• Copy vendor's public key from Vortex Market profile (begins with -----BEGIN PGP PUBLIC KEY BLOCK-----)
• Save to text file "vendor-key.asc"
• In Kleopatra: File → Import → Select vendor-key.asc
• Verify import success: Vendor key appears in key list
• Right-click vendor key → "Certify" (marks as trusted)

4.2 Write Your Message

Compose message containing sensitive information:

• Open text editor (Notepad, TextEdit, gedit)
• Write shipping address, phone number, or order details
• Example message format:

Order #12345 - Shipping Address

Name: John Smith
Address: 123 Main Street, Apt 4B
City: Springfield
State: IL
ZIP: 62701
Phone: (555) 123-4567

Please ship discreetly. Thank you!

4.3 Encrypt Message

Encrypt message using vendor's public key:

• Save message as text file (shipping-info.txt)
• Method 1 - Kleopatra: File → Sign/Encrypt Files → Select shipping-info.txt
• Check "Encrypt" (not sign, unless vendor requests signatures)
• Select vendor's public key from recipient list
• Click "Encrypt" → Creates shipping-info.txt.gpg or .asc file
• Method 2 - Right-click: Right-click .txt file → "Sign and Encrypt" (Windows)

4.4 Copy Encrypted Message

Paste encrypted message into Vortex Market order:

• Open encrypted file (.asc format) in text editor
• Copy entire contents (starts with -----BEGIN PGP MESSAGE-----)
• Paste into order notes or shipping address field on Vortex
• Encrypted message looks like gibberish - this is correct

-----BEGIN PGP MESSAGE-----

hQIMA9fF2i8vBqpaAQ//ZG3kVpYJ8FnQm5P2vR0w...
[hundreds of random characters]
...Xm9kZWQgbWVzc2FnZQ==
=zR8K
-----END PGP MESSAGE-----

✓ Encryption Success: Your sensitive information is now protected. Only vendor with matching private key can decrypt and read your message.

5.1 Receive Encrypted Message

Vendor sends PGP-encrypted response on Vortex Market:

• Check Vortex messages or order updates
• Vendor message contains PGP encrypted block
• Copy entire message including header/footer lines

5.2 Decrypt Message

Use your private key to decrypt:

• Save encrypted message to text file (vendor-message.asc)
• Method 1 - Kleopatra: File → Decrypt/Verify Files → Select vendor-message.asc
• Enter your passphrase when prompted
• Decrypted message displays in new window
• Method 2 - Clipboard: Copy encrypted text → Kleopatra → "Decrypt/Verify Clipboard"

5.3 Verify Sender (Optional but Recommended)

If vendor signed message, verify signature authenticity:

• During decryption, Kleopatra shows signature status
• Green checkmark: Valid signature from vendor - message authentic
• Yellow warning: Signature from untrusted key - verify key fingerprint
• Red X: Invalid signature - message tampered with or fake

⚠️ Signature Verification: Always verify Vortex official announcements are PGP-signed. Phishing sites post fake announcements. Check signature against official Vortex public key fingerprint.

❌ Sending Private Key to Anyone

NEVER share your private key. Vendors, Vortex support, nobody legitimate needs your private key. If someone requests it, they're trying to steal your encrypted messages. Report immediately.

❌ Using Weak Passphrases

"password123" or "qwerty" passphrases = zero security. Brute-force attacks crack weak passphrases in seconds. Use 25+ character passphrase with complexity. Passphrase is your last line of defense.

❌ No Key Backups

Computer crashes, drives fail, laptops get stolen. Without private key backup, you lose access to all encrypted messages forever. Backup immediately after key generation to encrypted USB.

❌ Encrypting to Wrong Key

Double-check recipient before encrypting. Encrypting shipping address to wrong vendor's key = exposing personal info to random person. Verify vendor name matches key owner before clicking "Encrypt".

❌ Ignoring Signature Warnings

Vortex official messages should have valid PGP signatures. Red signature warnings = fake message from phishing site. Never follow instructions from unsigned "admin" messages.