This is a text-only version of the following page on https://raymii.org:
---
Title       : 	Keep messages secure with GPG
Author      : 	Ben Everard
Date        : 	22-03-2015
URL         : 	https://raymii.org/s/articles/Keeping_messages_secure_with_GPG.html
Format      : 	Markdown/HTML
---



This article was originaly published in [Linux Voice, issue 1, April 2014][1].
This issue is now available under a [Creative Commons BY-SA license][2]. In a
nutshell: you can modify and share all content from the magazine (apart from
adverts), even for commercial purposes, providing you credit Linux Voice as the
original source, and retain the same license.

This remix is converted manually to Markdown and HTML for ease of archiving and
copy-pasting.

<p class="ad"> <b>Recently I removed all Google Ads from this site due to their invasive tracking, as well as Google Analytics. Please, if you found this content useful, consider a small donation using any of the options below:</b><br><br> <a href="https://leafnode.nl">I'm developing an open source monitoring app called  Leaf Node Monitoring, for windows, linux & android. Go check it out!</a><br><br> <a href="https://github.com/sponsors/RaymiiOrg/">Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.</a><br><br> <a href="https://www.digitalocean.com/?refcode=7435ae6b8212">You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days. </a><br><br> </p>


Other converted Linux Voice articles [can be found here][4].

* * *

### Keep messages secure with GPG

The Feds (and GCHQ, and the NSA) are snooping on our communications, but we can
fight back with encryption

![GnuPG logo][5]

Normal email is one of the least secure forms of communication available - less
secure even than post cards. These mails can typically be read by anyone on the
same network as you, anyone at the ISP, anyone at your mail provider, anyone at
the recipient's ISP and anyone on the same network as the recipient, as well as
anyone with access to the various networks between the two ISPs.

If you use SSL or TLS to connect to your inbox, then it improves things a
little, but it's still vulnerable as soon as it leaves your mail provider.

PGP (Pretty Good Privacy) is a program designed to remove these weaknesses. It
uses the normal email system, but adds a layer of encryption to protect them in
transit. These days, PGP is usually used to refer to the OpenPGP format for
these encrypted messages, rather than the PGP program specifically.

The OpenPGP format uses two different types of encryption: symmetric key and
public key. In symmetric key encryption the same key (basically just a binary
string that's used as a password) is used to encrypt and decrypt the message.

In public key encryption, two different keys are used (one to encrypt and one to
decrypt). The phrase 'private key' can refer to either the key in symmetric
encryption, or the secret key in public key encryption. To avoid this ambiguity,
we won't use the phrase in this article, but you may come across it in software.

When encrypting a message with an OpenPGP-compatible program, the software
generates a random symmetric key and encrypts the text. This ciphertext forms
the bulk of the message. The problem is that the recipient of the message has to
know the key, but it can't be included in the message otherwise anyone who
intercepts the message will be able to read it.

This is where public key encryption comes into play. Everyone who uses PGP first
creates a public/secret key pair. The public key is made public while the secret
key is known only to the user. However, anything encrypted with the public key
can be decrypted only with the secret key and visa versa.

### Public and private keys

The solution is to encrypt the key for the message with the recipient's public
key. When they receive the message, they can then decrypt the key for the
message, and then decrypt the message itself. This is a bit convoluted, but it's
much less processor- intensive than encrypting the whole message using public
key encryption.

You can use OpenPGP in most mail clients, but we'll look at doing it in webmail.
Since OpenPGP is purely a text format, you could generate the encrypted message
elsewhere and copy and paste it into your email. That's exactly what we'll do,
but instead of copy and paste, we'll use a browser extension to convert the
plaintext to encrypted ciphertext.

Mailvelope (www.mailvelope.com) works with Chrome/Chromium and Firefox, and it
comes pre-configured to work with some of the most popular webmail providers
(Gmail, Yahoo, Outlook.com and GMX).

Installing it is no more challenging than downloading the extension from its
[Releases section][6] and opening the file with the appropriate web browser.

The first step is to generate a public/secret key pair. In Chrome/Chromium, you
can get to this by clicking on the padlock icon that should have appeared to the
right of the address bar.

In Firefox, this options menu is a little more hidden. First, you'll need to go
to `View > Toolbars > Add-on bar`. This will make the Add-on bar appear at the
bottom of the screen, and then you should find the padlock icon on the right-
hand side of this. This icon will bring up a menu, and you'll need to select
`Options` (see the image).

![gpg1][7]

In the Options screen, you can create a new public/secret (private) key pair by
selecting `Generate Keys`.

Once you've done this, you can go to the `Display Keys` screen to see it. This
screen will show all the keys that Mailvelope knows, whether they're other
people's public keys or your own public/secret key pairs.

Before you can receive emails, you have to send your key to the people you want
to communicate with. The key file can be exported from the `Display Keys` screen
(you can also export your public/private key pair here and import them into
another mail program).

Getting the public key to the recipient can be a challenge. The best way to do
this is to physically transport the key, as you can be completely sure that they
got it correctly. The easiest way is just to email them the keyfile. However,
it's possible for some malicious attacker to intercept this message and change
the keyfile.

There are two other options: key servers and webs of trust. Key servers are
databases of keys that you can add your keys to, and retrieve other people's
keys from. For example, try <http://keyserver.pgp.com> or <http://pgp.mit.edu>.
Of course, it is possible that some attacker could take control of one or more
of these key servers and put fake keys in them.

Webs of trust have a decentralised method of verifying keys. It's done by people
digitally signing the keys of people they've met and exchanged keys with. If you
need to communicate with someone, you can then tap into this web of trust and
see who trusts them. Perhaps someone you trust also trusts them. Perhaps someone
you trust trusts someone who trusts them. If this chain is short enough, then
you can be confident that you can trust the person. Unfortunately, Mailvelope
doesn't currently support webs of trust.

### Keep it secret, keep it safe

As is so often the case, the decision on which way to distribute your key comes
down to security versus convenience.

If you're concerned, you could always follow up with another method such as a
phone call to confirm the key.

Once someone has sent you their key, you just need to load it into Mailvelope
using the `Import Keys` screen in the `Options`. Getting set up with keys is the
hardest (or at least, most inconvenient) part of using any OpenPGP-based
communication.

Once you've done this, it's easy. With the Mailvelope extension running, just
use your mail provider's web page as normal (if your mail provider isn't already
on the Mailvelope watch list, you'll need to add it in the Options).

![gpg2][8]

When you get to the compose page, you'll see a floating icon of a pen and paper.
Click on this and it will open a new window to let you enter the text for the
message. Once you've written the message, click on the padlock, and add one or
more people to the list that it's encrypted for, then `Transfer` to put the
ciphertext into the email.

If you receive an encrypted message, Mailvelope will display a decrypt icon;
click on this to enter the passphrase you entered when you generated the key.
This password gives you some security even if an attacker gets access to your
machine.

Provided you exchange keys securely, and keep your keys safe, OpenPGP provides
security that is thought to be unbreakable with current technology.

### Boxout 1, Using other mail clients

We've described the process for working with Mailvelope, but the process is
almost identical for all OpenPGP-compliant software.

You shouldn't have any problems following along using Thunderbird or Evolution,
or even AGP and K9 for Android or Cyanogenmod.

Regardless of the software, you'll still have to go through the same process of
generating and exchanging keys before you can communicate with someone.

As mentioned in the main text, you should be able to transfer keys between these
pieces of software so you can access the same mail account through different
programs.

Mailpile is a mail client designed to bring PGP to the masses by making it
easier to set up OpenPGP encryption, even for new users. The project raised just
over $163,000 in crowdfunding and is currently in development, and you can track
its progress at [www.mailpile.is][9].

### Boxout 2, Digital Signing

![gpg3][10]

OpenPGP encryption ensures that only the intended recipient can read the
message; however, it doesn't guarantee that they receive the message, or prove
who sent the message.

Encryption can't help with the first of these, but there is something you can do
about the latter measure. In many OpenPGP mail clients (and the gpg command line
tool), you can add a digital signature to a clear-text message.

It does this by leaving the message in plain text, but also encrypting a hash of
the message with your secret key. This encrypted hash is known as a digital
signature.

Since it's encrypted with your secret key, it can be decrypted with your public
key. Any recipient that knows your public key can then decrypt this hash and
check it against the message. If they match, the recipient knows that it really
came from you.

   [1]: http://www.linuxvoice.com/download-linux-voice-issue-1-with-audio/
   [2]: https://creativecommons.org/licenses/by-sa/3.0/
   [3]: https://www.digitalocean.com/?refcode=7435ae6b8212
   [4]: https://raymii.org/s/tags/linux-voice.html
   [5]: https://raymii.org/s/inc/img/logo-gnupg.png
   [6]: https://github.com/toberndo/mailvelope/releases
   [7]: https://raymii.org/s/inc/img/linuxvoice/1/gpg1.png
   [8]: https://raymii.org/s/inc/img/linuxvoice/1/gpg2.png
   [9]: http://www.mailpile.is
   [10]: https://raymii.org/s/inc/img/linuxvoice/1/gpg3.png

---

License:
All the text on this website is free as in freedom unless stated otherwise. 
This means you can use it in any way you want, you can copy it, change it 
the way you like and republish it, as long as you release the (modified) 
content under the same license to give others the same freedoms you've got 
and place my name and a link to this site with the article as source.

This site uses Google Analytics for statistics and Google Adwords for 
advertisements. You are tracked and Google knows everything about you. 
Use an adblocker like ublock-origin if you don't want it.

All the code on this website is licensed under the GNU GPL v3 license 
unless already licensed under a license which does not allows this form 
of licensing or if another license is stated on that page / in that software:

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.

Just to be clear, the information on this website is for meant for educational 
purposes and you use it at your own risk. I do not take responsibility if you 
screw something up. Use common sense, do not 'rm -rf /' as root for example. 
If you have any questions then do not hesitate to contact me.

See https://raymii.org/s/static/About.html for details.