"Pretty Good Privacy" (PGP) Email Encryption
Send a secure email using PGP (Pretty Good Privacy) which no one else could read except for the intended recipient!
By Fahad Usman
When we send an email from top “free” e-mail providers such as Gmail, Yahoo or Hotmail, our emails get logged on their servers. They can read the content of your email and sell you products and/or sell your data to third parties for profits! Or NSA/GCHQ could be reading your emails and spy on you!
If you want to send secure email, you need to “encrypt” it.
“If you want someone to send you an encrypted message, they need to have your “Public” key.”
The process is fairly simply once you know the basic things involved!
Pretty Good Privacy (PGP) is a way to help protect your email communications from being read by anyone except their intended recipients. And, to a lesser extent, it can save your emails from being read if the computer on which they are stored is stolen or broken into.
It can also be used to prove that an email came from a particular person, instead of being a fake message sent by another sender (it is otherwise very easy for email to be fabricated). Both of these are important defences if you’re being targeted for surveillance or misinformation. The below process is for Macbooks but you can use similar process for windows without issues.
Step 1: Download GPG Tools/Suite and install
Step 2: Download and install Mozilla thunderbird
It is an email client just like Apple mail etc. This makes it really easy to encrypt and decrypt emails.
These two programs are so easy to download and install that I am not going to bother posting any screenshots!
Step 3: Open up thunderbird
It will ask you to setup an email. You can either setup an existing email or create a new one. I setup my gmail in this step.
Step 4: Installing Enigmail
This add-on is essential for encryption is FREE!
Within thunderbird: Click Tools -> Add-ons
Then click on “Extensions” on the left hand menu
Type enigmail in the search bar and press enter.
Then select the first option and click “Add to thunderbird”
Step 5: Setup Enigmail
At this point, some people say that the thunderbird gets rebooted automatically but it wasn’t the case for me. So I had to manually start the Enigmail “Wizard” by clicking on the “Enigmail” menu at the top and selecting “Setup Wizard” option.
Just do next, next next… setup a strong passphrase to generate your “Public” and “Private” keys.
If you want someone to send you an encrypted message, they need to have your “Public” key.
If you have someone’s public key, you can do two things: encrypt messages that can only be decrypted with their secret key, and verify their signatures that were generated with their secret key.
With your secret key you can do two things: decrypt messages that were encrypted using your public key, and digitally sign messages.
NOTE: In no circumstances should you share your private key with anyone. If someone gets hold of it, you are toast! They can decrypt all your future and past email messages.
Step 6: Share your public key with anyone you want to send you a secret/encrypted email that only you could read and no one else!
In thunderbird, click “Enigmail” menu at the top and select Key Management. You should be able to see your keys here. Just right click on the key you want to share and select the option “Send Public Keys by Email”.
You can also share your keys by:
Open up GPG Keychain (This gets installed automatically with Step 1)
You should be able to see your public and private key that you just created in Step 5.
Right click on your key and select “Send Public Key Via Email…” option.
A new email window will open up. Just type the email address of the person you want to send you an encrypted email.
NOTE: they should always compare the fingerprint of the key (Which is also listed in the GPG Keychain. We use finger print because the original key is way too long to compare. So its like a shorthand for your key).
Step 7: Get the other person through the same process of set up
Sadly, if one of you is not using PGP then the email gets unencrypted and will NOT be encrypted even if you are using PGP yourself. So get your friends and family to start using encrypted emails to avoid snooping.
Once the other person has setup, they will also have to share their Public key with you in order for you to reply back in encrypted format!
Now let’s test to see if it really works.
So I am going to send an email from my gmail account to Yahoo account!
Compose an email by clicking on “Write”.
Once Sent. Go to Yahoo email via web-browser and login.
You should see something like this!
As you can see that it cant be read via Yahoo web mail. This is how it gets saved on their servers! No more snooping sucka!!!!
Now if you wish to read it, you need to go back to thunderbird and open the email there.
PS You might have to enter your passphrase (Created in Step 5) to decrypt the message and Voila!
Because you sent an email from a Gmail account and if I login to Gmail via web-browser and go to “Sent” messages, you can’t read my message that I sent to Yahoo address.
This proves that the encryption and decryption happens before the email leaves your computer! So they can’t see what’s been sent. It even concealed my subject line (Which can be revealing as well)
I also tested the same on Hotmail and they can’t see the contents + subject of my email either!
So, Hopefully you now know how to send and receive encrypted emails! 🙂