Symmetric (passphrase) encryption.
Sealing data with a passphrase instead of a recipient's public key — the
gpg -c style. The same passphrase locks and unlocks. No keypair required.
Symmetric encryption in OpenPGP derives a key from a passphrase you choose (via a memory-hard function) and encrypts the data under it. There is no public or private key involved — anyone who knows the passphrase can decrypt, and only they can.
What it is.
Most PGP usage is asymmetric: you encrypt to someone's public key, and only their private
key opens it. Symmetric encryption skips the keypair entirely. You pick a passphrase; OpenPGP stretches
it into a symmetric key and encrypts the data. To decrypt, you supply the same passphrase. This is what
gpg --symmetric (gpg -c) does.
gpg --symmetric --armor secret.txt
# prompts for a passphrase, produces secret.txt.asc
Why it matters.
Sometimes there is no key to encrypt to. You want to seal a file for your future self, or hand a secret to someone you can phone but whose PGP key you don't have. Asking them to generate and exchange a keypair is overkill; agreeing on a strong passphrase out of band is enough.
The whole security of the result rests on the passphrase and how you share it. A short or reused passphrase, or one sent over the same channel as the ciphertext, defeats the purpose. Use a long random passphrase and a separate trusted channel to share it.
Related terms
Get PGPony
Free OpenPGP encryption for iOS and Android. No accounts, no tracking.