Security Guide

PGP Encryption Tutorial for Mars Market 2025

Last updated: November 2025 | Reading time: 12 minutes

What is PGP Encryption?

PGP (Pretty Good Privacy) is a data encryption program that provides cryptographic privacy and authentication for data communication. When you encrypt a message with PGP, only the intended recipient can decrypt and read it—even if the message is intercepted, it remains unreadable to anyone without the private key.

PGP uses a combination of symmetric-key cryptography and public-key cryptography. Each user has a key pair: a public key that can be shared freely and a private key that must be kept secret. Messages encrypted with someone's public key can only be decrypted with their corresponding private key.

Why PGP is Essential for Mars Market

On Mars Market, PGP encryption serves several critical purposes:

  • Secure Communications: Encrypt sensitive information like shipping addresses so only the vendor can read them
  • Two-Factor Authentication: Mars Market can use PGP-based 2FA, requiring you to decrypt a message to log in
  • Message Verification: Verify that messages actually come from who they claim to be from
  • Protection from Compromise: Even if Mars Market servers are compromised, encrypted messages remain secure
Never send unencrypted sensitive information! This includes shipping addresses, personal details, and order specifics. Always encrypt before sending.

Installing GPG Software

GPG (GNU Privacy Guard) is the free, open-source implementation of PGP. Choose the version for your operating system:

Windows: GPG4Win

  1. Download GPG4Win from the official website: gpg4win.org
  2. Verify the download signature if possible
  3. Run the installer and select at least "Kleopatra" (key management GUI)
  4. Complete the installation with default settings

Mac: GPG Suite

  1. Download GPG Suite from gpgtools.org
  2. Open the DMG file and run the installer
  3. GPG Keychain provides the graphical interface for key management

Linux: GnuPG

Most Linux distributions include GnuPG by default. If not installed:

# Debian/Ubuntu
sudo apt install gnupg

# Fedora
sudo dnf install gnupg2

# Arch
sudo pacman -S gnupg

Generating Your Key Pair

Follow these steps to generate a new PGP key pair specifically for Mars Market:

Open Key Generation

In Kleopatra (Windows) or GPG Keychain (Mac), click "New Key Pair" or "New". On Linux command line, run: gpg --full-generate-key

Select Key Type

Choose "RSA and RSA" for the key type. This creates both an encryption key and a signing key.

Set Key Size

Select 4096 bits for maximum security. This is the strongest commonly available option.

Set Expiration

Choose an expiration date or set no expiration. A 1-2 year expiration adds security but requires key renewal.

Enter User ID

Enter a pseudonym (NOT your real name) and a anonymous email address (or leave email blank). This information is public.

Create Strong Passphrase

Enter a strong passphrase to protect your private key. Use at least 20 characters or a random passphrase of 5+ words. Remember this passphrase!

Tip: Never use personal information in your key ID. Use a pseudonym that doesn't connect to your real identity or your Mars Market username.

Exporting Your Public Key

To share your public key, you need to export it in ASCII armored format:

GUI Method (Kleopatra/GPG Keychain)

  1. Right-click on your key and select "Export"
  2. Choose "ASCII Armor" format
  3. Save or copy the exported key

Command Line

gpg --armor --export your@email.com

Your public key will look something like this:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBGVk1a0BEADF2r8q...
[many lines of characters]
...xYz123==
=AbCd
-----END PGP PUBLIC KEY BLOCK-----

Copy this entire block (including the BEGIN and END lines) and paste it into your Mars Market profile settings.

Importing Vendor Keys

Before you can send encrypted messages to a vendor, you need to import their public key:

  1. Copy the vendor's public key from their Mars Market profile
  2. In Kleopatra, go to Tools → Clipboard → Certificate Import
  3. Or save the key to a .asc file and double-click to import
  4. Verify the key was imported correctly

Command Line Import

# From clipboard (paste key, then Ctrl+D)
gpg --import

# From file
gpg --import vendor_key.asc

Encrypting Messages

Always encrypt sensitive information before sending to vendors:

GUI Method

  1. Write your message in a text editor
  2. Copy the message to clipboard
  3. In Kleopatra, go to Tools → Clipboard → Encrypt
  4. Select the vendor's key as the recipient
  5. Click Encrypt
  6. Paste the encrypted message into Mars Market

Command Line

# Encrypt for specific recipient
echo "Your message here" | gpg --armor --encrypt --recipient vendor@key.id

# Or encrypt a file
gpg --armor --encrypt --recipient vendor@key.id message.txt

The encrypted message looks like:

-----BEGIN PGP MESSAGE-----

hQIMA3R5/FbG8OqSAQ/9F...
[encrypted content]
...Xyz==
=AbC1
-----END PGP MESSAGE-----

Decrypting Messages

To read encrypted messages sent to you:

GUI Method

  1. Copy the entire encrypted message (including BEGIN/END lines)
  2. In Kleopatra, go to Tools → Clipboard → Decrypt
  3. Enter your passphrase when prompted
  4. Read the decrypted message

Command Line

# Decrypt from clipboard
gpg --decrypt

# Decrypt a file
gpg --decrypt message.asc

PGP Best Practices

  • Unique Keys: Generate a new key pair specifically for Mars Market—never reuse existing keys
  • Strong Passphrase: Your passphrase protects your private key; make it strong and memorable
  • Secure Backup: Back up your private key to encrypted storage or offline media
  • Verify Keys: Always verify you have the correct vendor public key before encrypting
  • Encrypt Everything: Encrypt all sensitive information, not just addresses
  • Keep Software Updated: Update your GPG software regularly for security fixes

PGP Frequently Asked Questions

If you forget your passphrase, you cannot recover your private key. You'll need to generate a new key pair and update it on Mars Market. This is why it's important to choose a memorable passphrase and consider keeping a secure backup.

Yes, you can export your private key and import it on other devices. However, this increases the risk of key compromise. Consider using separate keys for different devices or use a secure method to transfer the key.

Get the vendor's public key directly from their Mars Market profile. Be cautious of keys provided through other channels. Some vendors may sign their keys or provide key fingerprints through multiple channels for verification.

Related Guides

Security Guide

Complete OPSEC practices for safe marketplace use.

Read Guide

Registration Guide

Set up your Mars Market account securely.

Read Guide

Monero Guide

Private cryptocurrency payments on Mars Market.

Read Guide