Sometimes, we need to send sensitive information through email, and we want to make sure it won't fall into the wrong hands. Using the free OpenPGP encryption, we can send secure email messages, which will keep our personal data safe from prying eyes, even from the NSA.
Unblock any international website, browse anonymously, and movies and Mp3 with complete safety with CyberGhost, just for $2.75 per month:
Data encryption is a huge chapter, and there are multiple algorithms and methods to secure our data, both online and offline.
In this guide we won't analyze computerized cryptography in detail - we are preparing a separate guide for that - but we will take a practical approach on how to send secure email messages, using OpenPGP.
What is OpenPGP 1c1u1y
PGP (Pretty Good Privacy) is a cryptosystem, a family of software systems that provide cryptographic privacy and authentication for data communication. OpenPGP is an open standard for PGP encryption, based on PGP 5.x.
In simpler words, PGP can be used for digitally g data and can encrypt and decrypt anything, from files and whole disk partitions to text and email messages. OpenPGP is the standard method for different applications to encrypt and decrypt data using PGP.
Despite its name, PGP is more than just "pretty good". It is an excellent encryption solution for sensitive data, especially when we want to send secure email messages.
Edward Snowden mentioned that "Encryption works" as a way to hide our email contents from the NSA. According to security expert Nico Sell, founder of the mobile security app Wickr, "when it comes to email [encryption], PGP's about as good as it gets".
Set up secure email with OpenPGP 4c556v
To send a secure email with OpenPGP, we might need to change the way we send email. If we are using webmail, we need to use it through an email client.
For this guide, we will setup OpenPGP in Thunderbird, Mozilla's open source email client. It is possible to send a secure email with OpenPGP through Outlook, but we will cover this in a separate guide.
and install the software 5a6z3d
To send secure email with OpenPGP, we will need the following software:
- 1) gpg4win, a free Windows software that allows us to generate secret keys and manage public keys for our s.
- 2) Thunderbird
- 3) Enigmail, an encryption and authentication add-on for Thunderbird
While installing pgp4win, we will only need the default GnuPG component, we can safely uncheck everything else (though it won't hurt if we keep them).
Thunderbird is pretty straightforward to install, nothing out of the ordinary.
After installing Thunderbird, we select to use our existing email...
...and then provide our email credentials.
If you are using Gmail and have trouble connecting it to Thunderbird, see our guide:
Use Gmail with Thunderbird, for Offline Access and Backup
We install Enigmail like any other add-on in Thunderbird. After we the .xpi file...
...we open Thunderbird, select Add-ons...
...select "Extensions" and drag the .xpi on Thunderbird.
This will open the installation prompt. After the installation, we need to restart Thunderbird.
Setup Enigmail 3m662o
After we restart Thunderbird, we will find the Enigmail Setup Wizard running.
If we close the Wizard without going through the setup, we can start it again from the new Enigmail entry on the menu.
We just need to click on the arrow and select the Setup Wizard.
Either way, we select the standard configuration.
We need to enter a secure phrase, at least eight characters long.
We will be using this phrase both to send a secure email and to receive it.
We must make sure we it because there is no way to retrieve or reset the phrase if we forget it. In this case, we will have to create new OpenPGP keys.
Next, Enigmail will use gpg4win to create both a private and a public key. On a modern PC, this will take less than 30 seconds.
After the program has generated the keys, we need to create a Revocation Certificate. We will use it in case we lost access to our private key - if we forgot our phrase, for example - to revoke our public key and issue a new one.
We need to enter our phrase to create the certificate...
...and then save it on our hard drive.
Exchange public keys with selected s 1i5018
The way asymmetric cryptography works, before we send our first secure email, we need to exchange public keys with the intended .
We just need to Write a new message...
...and click on "Attach my Public Key".
We can write anything on the subject line and inside the email body, it doesn't matter.
Our recipient, who must also have gpg4win, Thunderbird, and Enigmail installed, will receive the key.
They need to right-click the attachment and select "Import OpenPGP key".
After it is successfully imported...
...they must send us their key...
...and we will also import it.
We need to do this with any we wish to send secure email to, but only once.
Unless we or one of our s revoke the public key, this connection is good for five years, by default.
Confirm the keys 59335l
After we received and imported the public key from our , we must confirm that we have received it intact.
We go to Menu -> Enigmail -> Key Management...
...right-click on the recipient's public key and select "Key Properties".
We must then the recipient, and confirm that we have the same Fingerprint for his key.
We then do the same thing for the public key we send them, to that fingerprint.
If everything is in order, we click on "Select action" and choose "Sign Key".
We select "I have done very careful checking", and check the "Local signature" option.
The recipient should do the same.
Now, we are ready to send as many secure email messages as we want.
How to send secure email with OpenPGP m515
When we create a new email for a that we have exchanged public keys, the message will be encrypted by default.
that anything in the message's body will be encrypted, but the subject line will always be visible. So, make sure not to give any spoilers.
For extra security, we can click on the "This message will be encrypted" message and change two settings.
First, we can check the "Sign Message" checkbox, which confirms that the email came from us. Second, we can select the "Use PGP/MIME" that will also encrypt the names of any attachments.
From this same window, we can also disable encryption, in case we just want to send an unencrypted email to this .
To send the message encrypted, we have to provide our phrase.
If the recipient tries to read this message from their Gmail , they will get a bunch of gibberish.
With Thunderbird and Enigmail, though, opening the message will prompt for their phrase.
With their correct phrase, they will get the decrypted message.
If the phrase is wrong, they will get nothing at all.
The only way to break this code is by brute force - that means having a computer test all the possible phrases until it finds the right one.
The thing is, if a phrase is long and complicated enough, it can take literally forever to be cracked by brute force. The famous Edward Snowden example, "MargaretThatcheris110%SEXY" creates a search space of 2.66 x 10^51 possible s.
If a massive array of computers tried 100 trillion phrase guesses per second, it would take 8.47 thousand trillion trillion centuries to check all the possibilities.
Just make sure your phrase is not "phrase". Or "MargaretThatcheris110%SEXY" for that matter, because it's a famous example and a strong attacker would definitely try it before trying the brute force method.
Did you find it easy to send secure email using Enigmail? 2f5228
Cryptography is somewhat like how a cell phone works. Those of us who aren't telecommunications engineers don't have the slightest clue on how the GSM network works, but this won't stop us from dialing and texting.
Sure, all this exchange of public keys is a bit complicated. But, after the initial setup, which only needs to be done once with a , sending secure email messages is simple for anyone.
Will you use Thunderbird and Enigmail to send secure email? Do you prefer another method? Leave us a comment.
PCsteps 4y3t4m
Do you want to PCsteps, so we can post high quality articles throughout the week?
You can like our Newegg.
If you prefer your purchases from China, we are d with the largest international e-shops:
