You are using the basic form of public key cryptographic. The sender knows your public key, cyphers the message with it and sends you a message that only you can decrypt. It is as standard as it goes and if someone recovers your private key from analysing the traffic then pgp has serious problems. I don't know how difficult it would be for someone intercepting your traffic to get the public key though. This means I would not personally use this procedure to authenticate clients, but someone more knowledgable might cast some light on this aspect.

If you have enough control on the server, you could do something similar (and even better) using ssl with client authentication, by giving clients your server's certificate and only allowing your clients' certificate (or better a different certificate for every client) on your server.

Cheers

Antonio