Free & easy to use client-side PGP key generator

Is it safe for me to generate my PGP keys through your website?

Yes, it is as safe as generating your keys using a local application. The key generation on our website is done client-side only. This means the key pairs are generated entirely in your web browser and they never leave your computer. Our website never sees any key related data or the key itself.

Can you tell me more about the keys you generate?

Sure. For starters, we enforce using a passphrase with each key generated. This ensures some level of protection if your key is ever stolen. We also automatically generate subkeys for you, for signing and encryption. You can use your subkeys to sign and encrypt data and keep your primary private key safe. You can set the expiration date on your keys using the 'Expire' option in the key generation form.

What is Elliptic Curve Cryptography?

Elliptic Curve Cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. One of the main benefits in comparison with non-ECC cryptography is the same level of security provided by keys of smaller size. We recommend using Curve25519, which offers excellent security and performance. You can read more about it at RFC 6637.

I'm concerned about my privacy. Do you keep or gather logs of any sort?

Our website is hosted entirely on Amazon's S3 and CloudFront platforms. All of our code is client-side. We have NO backend servers. Since we don't have a backend server we don't keep any logs. The only logging that occurs when you visit our website is performed by Google Analytics, which helps us keep track of the number of people visiting the site monthly.

What technology do you use?

We use OpenPGP.js, an actively maintained, open source JavaScript implementation of the OpenPGP standard. It leverages the Web Cryptography API for high performance key generation directly in your browser.