Encrypting Documents with OpenPGP

Collabora Office can encrypt documents using OpenPGP public key cryptography. The document is encrypted using a symmetric encryption algorithm.

note

GPG signing only works for ODF documents.


To access this command...

Choose menu File - Save as, select Encrypt with GPG key, Click Save.


Collabora Office can encrypt documents confidentially using OpenPGP. The document is encrypted using a symmetric encryption algorithm, which requires a symmetric key. Each symmetric key is used only once and is also called a session key. The document and its session key are sent to the recipient. The session key must be sent to the recipients so they know how to decrypt the document, but to protect it during transmission it is encrypted with the recipient's public key. Only the private key belonging to the recipient can decrypt the session key.

Collabora Office uses the OpenPGP software installed in your computer. If no OpenPGP software is available you must download and install one suitable for your operating system, likely from your application store or software distribution channel.

Here are some external GPG applications known to work with Collabora Office:

You must define a personal pair of cryptography keys with the OpenPGP application. Refer to the OpenPGP software installed on how to create a pair of keys, it is usually the first step to execute after the software installation.

Collabora Office Encryption Setup

Set the preferred public key for OpenPGP encryption and digital signature. These preferred keys will be pre-selected in key selection dialog every time you sign or encrypt a document, so you don't have to select it yourself when signing with one specific key frequently.

Choose menu – User Data. In the Cryptography area:

OpenPGP signing key

Select your OpenPGP key from the drop-down list for signing ODF documents.

OpenPGP encryption key

Select your OpenPGP key from the drop-down list for encrypting ODF documents.

When encrypting documents, always encrypt to self

Mark this checkbox to also encrypt the file with your public key, so you can open the document with your private key.

warning

Keep this option selected, if you ever want to be able to decrypt documents you've encrypted for other people.


Encrypting documents

OpenPGP encryption requires the use of the public key of the recipient and this key must be available in the OpenPGP key chain stored in your computer. To encrypt a document:

  1. Choose File – Save As,

  2. Enter a name for the file.

  3. Mark the Encrypt with GPG key checkbox.

  4. Click Save. Collabora Office opens the OpenPGP public key selection dialog.

  5. Choose the public key of the recipient. You can select multiple keys at the time.

  6. Click OK to close the dialog and save the file.

The file is saved encrypted with the selected public keys.

warning

Only the private key belonging to the recipient can decrypt the document, unless you also encrypt for yourself.


Decrypting documents

You can only decrypt documents that have been encrypted with your public key. To decrypt a document:

  1. Open the document. An Enter password prompt shows.

  2. Enter the password of the OpenPGP private key. The document is decrypted and the contents is available.

Difference between document encryption with OpenPGP and Save with password

Both commands address confidentiality, but in different ways.

When you save a document with a password, you must remember the password inserted to open the document later. Anyone else that needs to open the document must also know the password used at save time. Therefore, the Save password must be transmitted to be known by other users.

Files encrypted with the save password cannot be decrypted unless the save password is supplied.

With document OpenPGP encryption, you define the set of users that can decrypt the document and you don’t need to send passwords through channels which security is unknown. Besides, the OpenPGP application manages the key chain of public keys more efficiently.

Please support us!