Tin-Foil Hat Time – PGP Encrypted Mail

So now I have a lot of my mail, and other information out there in the cloud, hanging around on other people’s servers, and some of it I may want to keep from prying eyes for some reason. And remember, an email on the internet is more like a postcard than a letter in an envelope. Don’t put anything in email you don’t want the postmen to read!

Remembering that any employee of Google authorised to manage their email systems could probably see my mail, and the latest attempts by someone in China to hack into Google to break into dissidents email accounts, or the fact the under US law, authorities may not even need a warrant to snoop into your mail held on a routing agencies server if older than 30 days etc and you start thinking, “Maybe I should encrypt my mail stored on these systems?”

EMail Encryption Standards

With encryption, the most commonly supported schemes use “Public Key Encryption”. This is where you have a “Certificate” which is a large string of random numbers. Part of this certificate is “Public”, and part is “Private”. This can be shared with whomever you want to be able to decrypt mail sent by you to them, and you will also need the recipients “public” certificate. Email or files can be encrypted using the recipients public key and your own private key. When received, the recipient decrypts using your public key and their private key. If all is working well, only these combinations of random numbers will turn the random string of garbage you just sent over the internet back into something that can be understood by humans. The goal of the encryption is to make the text that is actually sent and stored look as close as possible to random noise.

The other issue to consider is “Trust”. Are you 100% certain the public key you have is really from who they claim to be, and how do you safely and securely get the public key from someone who you wish to conduct secure communication?

There are two major flavours of Public Key Encryption certificates.

1: X509  Certificates – These are certificates generated by you and passed to a Signing Authority to approve. They then send you back a signed certificate which you can use with various systems for secure communication. Most commonly used in SSL for encrypting web traffic, but can be used for email too using a mail format called SMime.

Advantage: Good commercial support – can be used between mail gateways for encrypting mail in transit, and robust.

Disadvantage: Signing authorities usually want money from you to sign the certificates. This is not always cheap, and everyone you want to encrypt with must have these certificates.

2: PGP – or Pretty Good Privacy – With this scheme, no central signing authorities are involved, and your certificates are free, but trust is ultimately the responsibility of the certificate owners. Eg, I am John, and I have a friend, Bob, with whom I am passing financial and personal details of members of a club we belong to. We both generate our PGP certificates, and meet each other to exchange them. I verify that Bob passes me his certificate, and I sign it, and he signs mine. Now say another club member, Sally, also needs to be sent these secure mails, but lives closer to Bob than she does to me. Bob gives her my public key, and his, and he signs Sally’s key. Sally can then mail me the key, and as I trust Bob, and he has signed Sally’s key, I also trust that Sally’s key really is hers. This is a PGP “Web of Trust”

Advantage – Free

Disadvantage – managing key signing is a bit of a hassle.

For me, as you may know, I went for cheap, but this causes a little difficulty and some issues as to what email clients to use.

Here is how I did it:

The Tools

One of the neat things about open-source software, it that it is usually available on nearly every OS platform. There is an open implementation of PGP called GnuPG (confusingly GPG). Mozillas Thunderbird is a fine mail client, and V3 is looking pretty good with unified inbox views for managing multiple mail accounts, plugin support for a calendar, and some nice themes for making it look just how you want, and available for Windows, Linux and OS X. Enigmail – a plugin for Thunderbird that adds PGP support.

Step1 – Install GPG
On OS X –  Download the disk image for the GPG installer from http://sourceforge.net/projects/macgpg/files/ Open the disk image and run the installer there. Not much actually gets added to your program files etc as most of these tools are command-line based and provide services for the other applications to use.) I downloaded GnuPG1.4.9.dmg for use on Snow Leopard 10.6.2 on my Mac Mini.

On Windows – Download GnuPG for WIn32 1.4.x. I downloaded 1.4.9 but I see now 1.4.10b is available. You can download from http://www.gnupg.org/download/ and look for the Binary package. I installed 1.4.9 on Windows 7 32 bit

On Linux – Best bet is to use the package manager with your Linux distro and install the PGP packages. I use Linux Mint 7, and the default install already has GPG. Nothing to do here.

Step 2 – Install Mail Client (e.g. Thunderbird3)
Get the Windows and OS X installs from http://www.mozillamessaging.com/en-US/thunderbird/. Download the package for your OS, and install it. For Linux, again just use your package manager.
Setup Thunderbird to access your mail accounts, then go to the Add-ons menu item, and search for “Enigmail”. Download the plugin and install it. Then go through the setup wizard to generate your key pair. Using Enigmail, it appears to automatically send your public keys up to a pre-installed list of key servers, so if everyone gets setup the same, this should make it much easier to exchange keys and sign them.

Warning – some of the options that the Enigmail setup changes will stop HTML emails displaying inline – and will constantly ask you to sign messages etc. You may need to check these settings out to see if you can live with the results. Personally I think it just makes the emails look ugly, and for the 90% of the time when you wont be encrypting or signing mail it is just a pain. The disadvantage is though that some emails wont encrypt or sign properly due to weird formatting.

So that is the overview – On my laptop using Linux and Windows – Thunderbird is may main client, but on OS X however, I still prefer Apple Mail for many reasons but luckily Thunderbird can access the local Apple Address book, so I’ll just keep TB3 around for dealing with encryption when I need it. Using iMAP for my mail servers means both Apple Mail and TB3 can see the same mail and folders and always stay in sync. Downside is there is a good chance that my mail is being cached by both clients. Oh, well, I’ll consider it a backup 8)

Oh, and there is an excellent TB3 skin theme called leopard_mail-default-graphite-3.2.4-tb.jar. Locate this in the theme browser and install. This works fine for Windows, OS X and Linux, and actually makes all three clients feel the same, otherwise the default theme in Linux and Windows was ugly IMHO.

— Update 20/8/2010 —GPGMail now have an opensource plugin for Apple Mail (Leopard and Snow Leopard, available here: http://www.gpgmail.org/download

It requires the OS X GPG libraries to be installed just like Enigmail.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s