🔗 Essential Security Skill

PGP Verification Guide — Darknet Encryption

PGP (Pretty Good Privacy) encryption is essential for darknet security. Learn to encrypt messages, verify signatures, and protect sensitive information like shipping addresses from prying eyes.

🔑 Get Started 🔒 Encrypt Message

Why is PGP Essential for Darknet?

Understanding the importance of encryption

What is PGP?

PGP (Pretty Good Privacy) is an encryption system that uses public-key cryptography. You have two keys: a public key you share with others, and a private key you keep secret.

Anyone can encrypt a message using your public key, but only you can decrypt it with your private key. This allows secure communication even over insecure channels.

Why Use PGP on Nexus?

  • Encrypt shipping addresses: Only the vendor can read it
  • Verify link authenticity: Confirm .onion links are official
  • Secure communication: Private messages to vendors
  • Account recovery: Recover access with PGP
  • Protection from breaches: Data is unreadable if server is compromised

Getting Started with PGP

Choose your platform and install PGP software

🌐

Windows

Download Gpg4win which includes Kleopatra — a user-friendly GUI for PGP.

gpg4win.org →
🌐

macOS

Download GPG Suite for Mac which integrates with Mail and Finder.

gpgtools.org →
🌐

Linux / Tails

GPG is pre-installed. Use Kleopatra or command-line gpg.

gnupg.org →
💡 Recommendation

For best security, use PGP on Tails OS where Kleopatra is pre-installed and your keys can be stored in encrypted persistent storage. See our Tails guide for setup instructions.

Creating Your PGP Key Pair

Step-by-step instructions for Kleopatra

1

Open Kleopatra

Launch Kleopatra after installing Gpg4win (Windows) or from Applications menu (Linux/Tails).

2

Start New Key Pair

Click "New Key Pair" or go to File → New Key Pair → Create a personal OpenPGP key pair.

3

Enter Details (Use Pseudonym)

For Name: Enter your darknet username or a pseudonym (NOT your real name)
For Email: Use a fake email or leave blank (email is optional)

Important: Never use your real identity in PGP keys for darknet use.

4

Set Strong Passphrase

Choose a strong passphrase (15+ characters with mixed case, numbers, symbols). This protects your private key. You'll need this every time you decrypt.

5

Advanced Settings (Optional)

Click "Advanced Settings" to customize:
• Key type: RSA (4096-bit) for maximum security
• Expiration: Set expiry date or never expires

6

Create & Backup

Click "Create" and wait for key generation. Then backup your key pair by right-clicking → Export Secret Keys. Store the backup in a secure location.

Encrypting a Message

How to encrypt your shipping address for vendors

1

Get Vendor's Public Key

Copy the vendor's PGP public key from their Nexus profile page.

2

Import the Key

In Kleopatra: File → Import → Paste the key or import from file.

3

Write Your Message

Open Notepad and write your message (e.g., shipping address).

4

Encrypt

In Kleopatra: Notepad → Sign/Encrypt Notepad → Select vendor's key → Encrypt.

5

Send Encrypted Message

Copy the entire encrypted block (including BEGIN/END lines) and paste in Nexus order.

Example Encrypted Message

-----BEGIN PGP MESSAGE-----

hQIMA8YxS9YjT0DxAQ/9H3k2Y9hfa...
[encrypted content]
...Kx9zF3jQp5
=ABC1
-----END PGP MESSAGE-----

Only the vendor with the matching private key can decrypt this message.

⚠️ Always Encrypt Sensitive Info

Never send your shipping address in plain text, even in "private" messages. If Nexus servers are ever compromised, encrypted data remains protected.

Verifying PGP Signatures

How to confirm .onion links are legitimate

What is a PGP Signature?

A PGP signature is a cryptographic proof that a message was written by the holder of a specific private key. If Nexus signs their mirror links with their official PGP key, you can verify those links are authentic.

How It Protects You

  • Confirms links weren't modified by attackers
  • Proves announcements are from real Nexus staff
  • Detects phishing attempts with fake links

How to Verify a Signature

1

Import Nexus's official public key to Kleopatra

2

Copy the signed message (including signature block)

3

In Kleopatra: Notepad → Decrypt/Verify

4

Check result: "Valid signature" = Link is authentic

⚠️ Warning

If verification fails or shows "BAD signature", the message was tampered with. Do not trust links from failed verifications.

PGP Best Practices

Tips for secure key management

✅ DO:

  • Use a strong, unique passphrase
  • Backup your private key securely
  • Use 4096-bit RSA keys
  • Verify vendor keys before encrypting
  • Always encrypt shipping addresses
  • Use PGP on Tails for best security
  • Set key expiration dates

❌ DON'T:

  • Use your real name in keys
  • Share your private key with anyone
  • Use weak or simple passphrases
  • Encrypt to keys you haven't verified
  • Store private keys on cloud services
  • Ignore signature verification failures
  • Use the same key for clearnet and darknet

Ready to Access Nexus Market Securely?

Now that you understand PGP encryption, you can communicate securely with vendors and verify link authenticity. Get verified Nexus links to access the marketplace.

🔗 Get Official Nexus Link 💰 Monero Guide