Summary: Encrypting email is surprisingly difficult. We'll look at a practical solution that anyone can use, as well as the way it "should" work.
What software do you use to encrypt emails? Do you have any recommendations for email encryption software (preferably free)?
•
I wish this was easier, and it should be easier.
But the fact is encrypting email is cumbersome and solutions that should work easily don't work consistently.
I'll give you three alternatives, starting with the one that's easiest for just about anyone to use.
•
The issue is simple: even if you communicate with your mail server through an https or secure connection, your message is stored in plain, unencrypted text on the server, and it is likely to be transmitted onto the recipient's server unencrypted as well. In addition, you don't control how your recipient connects to their email. If they don't use a secure connection, then they could easily be downloading your email in the clear.
The only solution for total security is to encrypt the email message itself.
Unfortunately, that's not as easy as it sounds.
Encrypted Attachments
This is by far the most practical solution available today for the average user. It ain't pretty, but it works.
-
Write your message in a program like Notepad, Word or whatever text or document editor you prefer.
-
Save that message to a file on your hard disk. (example: message.txt for notepad, or message.doc for a Word document)
-
Encrypt that file using a tool like AxCrypt, 7-Zip, or even GnuPG.
-
Email the encrypted file as an attachment to its destination.
-
Convey the password or encryption key to the destination by some other means. This is important, because if a malicious individual was able to capture the encrypted package, then they might well be able to capture the encryption key if you sent it using the same mechanism. Pick up the phone, send a letter, or use completely different email accounts on both ends using completely different computers in completely different locations.
There are, naturally, a couple of caveats.
Make sure that you chose an encryption program that your recipient can use. AxCrypt, for example, is Windows only, so it will present a problem if your recipient is using a Mac. Your recipient will need to be able to run the corresponding decryption tool.
Make sure you choose an appropriately difficult password/passphrase - just like account login passwords, encryption passwords are subject to brute force attacks as well. The simpler your password, the easier it might be for someone to guess it and decrypt your message.
With "how it can most easily work" out of the way, let's look at two alternatives to "how it should work".
Certificate Based Encryption
Buried in the advanced security dialogs for Outlook, as well as the security setting in Thunderbird's accounts dialogs, as well as similar places in some other email clients is the concept of using digital certificates to sign and encrypt email.
These are, essentially, the same kind of certificates that are used to protect https websites, and in general they're purchased - yes, purchased - pretty much the same way. Like website certificates, these certificates can be used for two purposes:
-
To "sign" your messages in such a way that you are confirmed as the author of the message, and that the message has not changed since you signed it. (This isn't encryption, it's validation.)
-
To allow people to send you messages that are encrypted such that only you can decrypt them.
That last one is a little counter intuitive. To encrypt a message, you don't use your own encryption certificate, you use that of the person you're sending the encrypted message to. That way, only they can decrypt it.
This is a fine approach, and once set up can be nearly transparent.
Unfortunately, it suffers from a couple of problems that have prevented widespread adoption: not all email programs support it, and certificates either cost money, or are cumbersome to obtain.
PGP/GPG Based Encryption
PGP (Pretty Good Privacy) and GPG (Gnu Privacy Guard, the open-source equivalent) are very similar to the certificate based encryption scheme above. The rely on public key cryptography which, in a nutshell, boils down to this:
-
Two really large numbers, A and B, are created that share a special relationship
-
Anything encrypted with "A" can only be decrypted by "B", and anything encrypted with "B" can only be decrypted by "A".
-
You make one of them, either A or B, public and keep the other one private.
Let's say I make my "A" number public (which I have), and keep the "B" number private - only I have it.
You can now encrypt a message to my using my public key "A". Only I can decrypt it with my private key "B".
Conversely, I can encrypt (or sign) a message using my private key "B", and anyone can decrypt it - but since they can, they know beyond any doubt (as long as I've kept my private key private) that only I could have created the message.
PGP and GPG are just standard techniques and tools to manage those two "numbers", more commonly called keys.
The good news about GPG is that all the parts are free. The bad news it can be fairly geeky. I wrote an article about using it some years ago: How do I send encrypted email? that walks through the steps. I don't actually recommend it for the average user, but if you're at all technical, or just enjoy this kind of geekery, you can see what it entails.
Most email programs do not include support for GPG/PGP keys. Thunderbird does have an extension, "Engimail", that adds support quite nicely.
The Weakest Link
I have to include a word about trust.
All the encryption in the world won't help a whit if you can't trust the person at the receiving end. They have to keep passwords safe, if you use them, and they have to keep your private message private, if that's the intent of your encryption. They also have to practice safe computing - your message will be decrypted on their computer, and hence visible to any malware that might be present thereon. Heck, if their computer is stolen and they happened to keep the decrypted message for some reason, that's now in the hands of someone else.
So in addition to doing the right things yourself with your sensitive information, make sure that your recipient has an appropriate level of understanding as well.
That's something that technology just can't fix.
Related:
-
Email Encryption - Failure to Launch? Email Encryption - it should be easier. Much easier.
-
How do I stay safe in an internet cafe? When connecting to the internet in an internet cafe, hotspot or other public connection you could be opening yourself up to serious security issues.
Article C3659 - February 25, 2009
--quote--
Right, but then everyone you send encrypted or signed email has to either have Thunderbird + Enigmail, or some other more painful solution to decrypt or validate.
-quote-
True, but my concern is making my life easier. If someone wants to use a painful solution to decrypting my email that is hardly my fault or concern.
01-Mar-2009
I have to ask. How often is it really necessary to encrypt your email?
01-Mar-2009
I gave Thunderbird + Engimail a try. The installation is not as straight forward as I like. Need to first install Thunderbird, and then GnuPG. After that I need to go to Thunderbird -> Tool to add the Engimail plugin. Can't they make the whole things into one package?
Creating the key is easy - there is a wizard for it. I notice it says the key is good for 5 years. What will happen after that? Will my emails encrypted/signed by the old key stop working?
Encrypting is easy as well - just press the OpenGPG button. I notice it actually put some encoded strings in the email when I view it from gmail directly. But in Engiemail, it automatically decrypts it. Very nice!
However, now I run into a problem. How do I send encrypted emails to other people? I tried my other email account and Engimail complains it couldn't find the key. Looks like the recipient must first have a key in the server? This seems broken... What do I miss here?
01-Mar-2009
I just started using voltage secureMail from voltage security to encrypt my email and I have to say it is the easiest email encryption solution I have ever used. After I installed it, all I had to do to send secure email was click the added "send secure" button in outlook. Also, it doesn't matter if the person I am sending to doesn't has secureMail, they can still read the message after they verify themselves. I think it has an advantage of PGP because it uses identity based encryption, which effectively makes my email address my public key. This is a great feature so i don't have to keep looking up the public key of everyone I want to send email to. I would definitely recommend SecureMail to everyone. Have you ever tried SecureMail Leo?
03-Mar-2009
Come on, you said nothing about FireGPG for webmail GMAIL in Firefox http://getfiregpg.org/ It works just fine! And it's free. Any upgrades come as naturally and automatically as any Firefox plugins, so it never gets outdated.
04-Mar-2009
Bottom line, don't send anything by email you don't want anyone else to see. If it's that sensitive there's still registered mail or certified mail w/return receipts...might take abit longer but atleast it's safe...
Posted by: David at March 4, 2009 11:15 AMI have done a LOT of searching for an easy and free email encryption service to use, and quite frankly there are no "free" versions out there that are user friendly and allows you to manage the keys yourself and at the same time worrying if your recipient can read when it gets there. As far as sending the occasional email that needs to be encrypted I prefer to use hushmail.com it is not a large sized account for the free version, but if you are worried about the information you are going to be sending it works and it's easy to use. I do agree you are relying on someone else managing you keys, but lets face it some people just turn on the computer check email and surf the net for a while and that is it. In my opinion email encryption today is simply too much for the average user to handle. By the way I do like to use and recommend off-the-record (OTR) for my instant messenger client......
Posted by: Chad at March 4, 2009 2:28 PMI've been playing with some free email encryption softwares in last few days. Here are the things I tried so far:
Hushmail - Easy to use. However I can't use my existing gmail account. The recipient needs to be a registered user, or I need to provide a secret question and answer. No installation required but need to go back to hushmail to get the email.
FirePGP - easy to use, love the integration with gmail. I can actually send encrypted email directly on Gmail's page! However, I can't send email to other people, and recipient needs to install the software and use firefox.
Sendinc - Need to use their page to send the email. Can send to anyone, but needs to go back to sendinc's page to read the email.
Opaqueware - easy to use, integrated with gmail. Can set time limit and get notification! Can send to anyone, but recipient needs to install the software.
So far, I like Opaqueware more. Both FirePGP and Opaqueware let me encrypt on my machine - I don't want the provider to see my email. Opaqueware let me encrypt to anyone and I really like their notification.
Posted by: John O at March 5, 2009 10:28 PMGot this when I tried AxCrypt link:
Not Found
The requested URL /d-axcrypt was not found on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Are they out of business?
07-May-2009
I have installed Opaqueware to use with Outlook 2007. When I click encrypt, pop window appears saying 'The page you are looking for cannot be found'!
Not sure what is going on as the app is using IE settings.
Posted by: BobC at July 8, 2009 7:25 AM