How do I send encrypted email?

Home » EMail

I need to have a client send me some very sensitive information. Really really sensitive. I know that email is fundamentally insecure, so I want the email to be encrypted. What's the best way to do that. Did I mention it's sensitive?

You are correct in noting the email is, at it's very core, insecure. An administrator on any of the systems between sender and recipient can quite easily look at any email that traverses their server. Similarly, networks can be sniffed, and email passing by can be easily read.

I'm not trying to scare you, because that kind of reading is very rare, and typically very benign. Let's face it, most people don't really care about your email, I'm sorry to say.

But what if even that small risk is unacceptable?

Then we encrypt.

I want to start by pointing out that there are several ways to encrypt data, and several tools that can be added to mail programs that might even do it for you. There are many good solutions out there. Sadly, not all are compatible with each other. So rather than enumerate a list of add-ons for various mail programs, and include some kind of matrix of compatibility, I'm going to get just a little geeky, and talk about encrypting by hand, using the underlying technology that many, though not all, of those tools use: Gnu Privacy Guard, or GPG.

This technique works with all mail programs.

•

Public Key Encryption

When we talk about encryption, the first approach that typically comes to mind is password or phrase encryption. With those techniques, a password is used to encrypt the data, and then must be supplied again to decrypt it. The data without the password is theoretically useless, but anyone with the password can decrypt it.

Public Key encryption uses a different style of algorithm. To begin with, you'll generate two matching "keys"; a public key, and a private key. The characteristics of these keys is such that data encrypted with one can only be decrypted with the other.

That's important. Make sure you get it. By generating a public/private key pair, someone can encrypt data using the public key that can only be decrypted using the associated private key. If all you have is the public key, you can't even decrypt what you've just encrypted.

As an example, you'll find my public key here. Anyone who wants to encrypt data that only I can decrypt would use that key. I keep the associated private key ... well, I keep that private. When I need to decrypt something that has been encrypted with my public key, I use my matching private key to do so.

Naturally there's a lot more to it, but those are the basics.

•

Getting GPG

GPG is free software, under the GNU General Public License. You can download it, and find documentation for it, on the GnuPG web site. It's available for many platforms, and often comes preinstalled on various Linux distributions. Windows users can download binaries directly from the GPG download page.

GPG is a command-line tool. That means once installed, you'll need to open a Windows Command Prompt and run the tool from there. It's perhaps easiest to simply "CD" to the directory containing the GPG executables. Alternately you can copy all the "G*.exe" executables to a different directory already on your PATH.

Run "gpg" once, and it will create it's storage location for keys, which it refers to as your "key ring".

•

Creating a key pair

The intended recipient needs to generate a public/private key pair.

In the Windows Command Prompt, enter gpg --gen-key. In the following sequence, your responses are in bold:

gpg (GnuPG) 1.4.2.2; Copyright (C) 2005 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

Please select what kind of key you want:
   (1) DSA and Elgamal (default)
   (2) DSA (sign only)
   (5) RSA (sign only)
Your selection? ENTER to accept the default
DSA keypair will have 1024 bits.
ELG-E keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) ENTER to accept the default
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) ENTER to accept the default
Key does not expire at all
Is this correct? (y/N) Y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
    "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Leo A. Notenboom (Use your own name)
Email address: example@ask-leo.com (Use your own email address)
Comment: ENTER to accept the default
You selected this USER-ID:
    "Leo A. Notenboom <leo@ask-leo.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.
Passphrase: Enter a passphrase to further protect your private key

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

(Random characters appear here as they key is generated.)

gpg: key 874A3EC1 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   2  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 2u
pub   1024D/874A3EC1 2006-03-08
      Key fingerprint = 8A4F 770F D037 D414 F4E6  B95C 6E89 72A3 874A 3EC1
uid                  Leo A. Notenboom <example@ask-leo.com>
sub   2048g/1B917E56 2006-03-08

At this point your secret key and your public key have been generated, and placed on your keyring.

In order to get the public key to the person who wants to encrypt your data, you'll need to export it:

c:\>gpg -a --export example@ask-leo.com >mykey.pub

This created "mykey.pub", a text file that contains your public key. You can now mail this to the person who's going to encrypt data to be sent to you, or post it publicly if you like.

•

Encrypting Data

In order to encrypt data, the sender will have to install GPG as above. They don't need to create their own public/private keypair in order to encrypt your data. All they need is the public key you created above, and made available to them somehow.

They start by "importing" your public key onto their keyring:

c:\>gpg --import mykey.pub
gpg: key 874A3EC1: public key "Leo A. Notenboom <example@ask-leo.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

Now they're ready to encrypt. That looks like this (encrypting the example file "example.xls"):

c:\>gpg -a --encrypt -r example@ask-leo.com example.xls
gpg: 1B917E56: There is no assurance this key belongs to the named user

pub  2048g/1B917E56 2006-03-08 Leo A. Notenboom <example@ask-leo.com>
 Primary key fingerprint: 8A4F 770F D037 D414 F4E6  B95C 6E89 72A3 874A 3EC1
      Subkey fingerprint: 215A 55C8 C88A 2587 4E64  995C 5EFC 7E3F 1B91 7E56

It is NOT certain that the key belongs to the person named
in the user ID.  If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y

Note the dire warning about making sure you know who's key you're dealing with. There are ways to confirm and avoid this message, but for now to keep things simple, we'll simply note that the Primary Key fingerprint listed here matches the fingerprint that was listed when you created the key, and answer "Yes".

The result of this example operation is "example.xls.asc". This text file is your encrypted data. You can email it with confidence to the intended recipient, knowing that only they can decrypt it with their matching private key.

•

Decrypting Data

So you've passed your public key to the sender, they've used it to encrypt your sensitive data, and have emailed you the encrypted results. From your mail client, save the encrypted data to a text file - it's ok to leave headers and such in the file, the decryption program will ignore it.

To decrypt, you'll do this:

c:\>gpg -o example.xls --decrypt example.xls.asc

You need a passphrase to unlock the secret key for
user: "Leo A. Notenboom <example@ask-leo.com>"
2048-bit ELG-E key, ID 1B917E56, created 2006-03-08 (main key ID 874A3EC1)

gpg: encrypted with 2048-bit ELG-E key, ID 1B917E56, created 2006-03-08
      "Leo A. Notenboom <example@ask-leo.com>"

The "-o" parameter specifies the name of the decrypted file to create. Note that you still needed to enter the passphrase for your private key. This has nothing to do with the data you are decrypting, but rather is an additional layer of protection on your private key. Without a passphrase (which is possible), anyone who gains access to your private key would be able to decrypt any messages intended for you.

•

Security

It's that last point that is perhaps the most important, and that I want to emphasize. Your private key is this technique's weakest link. If your private key is compromised ... meaning that an unauthorized person gets a copy, and is able to guess or get the passphrase on it ... then your security has been breached.

For simple use cases such as this example, you'd simply generate a new key pair, and instruct your sender(s) to use your new public key. However if your usage is widespread, getting that replacement key "out there" can be a challenge. In fact, GPG includes an entire infrastructure around trust, key validation, key revocation, key expiration and so on dedicated to maintaining the integrity of public and private keys.

But it really all boils down to: key your private key secure.

In this scenario, I've glossed over many of the aspects of public/private key security in order to keep the instructions simple.

I've also glossed over many of the capabilities of this infrastructure, perhaps the most notable is "signing". Signing allows me to "sign" data using my (closely guarded) private key in a way that can then be validated by anyone using my public key. Validation proves that a) I, as sole holder of the private key, sent it, and b) the contents of the message was not altered. Both very powerful concepts that are missing from the basic email structure.

If security, encryption and validation are important concepts that you see a large need for, it would make sense to investigate the alternatives and add-ons available for your email clients and infrastructure, paying particular attention to cross-client compatability.

But in the mean time, the approach above can serve you well.

Related:

Ask Leo! - Just how secure is email, anyway?
Ask Leo! - How do I create and use Public Keys with SSH?
Ask Leo! - Is an https connection really all that safe?

More articles about: EMail

Article Useful? Link to it from your own website; just copy/paste this HTML:
<a href="http://ask-leo.com/how_do_i_send_encrypted_email.html">Ask Leo: How do I send encrypted email?</a>

Article 9998 | Posted March 8, 2006

•

Recent Comments

You wrote:
Note the dire warning about making sure you know who's key you're dealing with. There are ways to confirm and avoid this message, but for now to keep things simple, we'll simply note that the Primary Key fingerprint listed here matches the fingerprint that was listed when you created the key, and answer "Yes".

How do I avoid the message?

Posted by: Christer at October 3, 2006 06:51 AM

Hi, can I avoid the message "It is NOT certain that the key belongs to the person named in the user ID. If you *really* know what you are doing, you may answer the next question with yes.
" on encrypt?

thanks

Posted by: Rodrigo at November 10, 2006 09:06 AM

You mentioned below that there are ways to avoid the question "use this key anyway?" when encrypting. I would appreciate further information on how:

Now they're ready to encrypt. That looks like this (encrypting the example file "example.xls"):

c:\>gpg -a --encrypt -r example@ask-leo.com example.xls
gpg: 1B917E56: There is no assurance this key belongs to the named user

pub 2048g/1B917E56 2006-03-08 Leo A. Notenboom
Primary key fingerprint: 8A4F 770F D037 D414 F4E6 B95C 6E89 72A3 874A 3EC1
Subkey fingerprint: 215A 55C8 C88A 2587 4E64 995C 5EFC 7E3F 1B91 7E56

It is NOT certain that the key belongs to the person named
in the user ID. If you *really* know what you are doing,
you may answer the next question with yes.

Use this key anyway? (y/N) y
Note the dire warning about making sure you know who's key you're dealing with. There are ways to confirm and avoid this message, but for now to keep things simple, we'll simply note that the Primary Key fingerprint listed here matches the fingerprint that was listed when you created the key, and answer "Yes".

Posted by: Paul Tregunno at February 9, 2007 08:35 AM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It's been a while since I did it, but if I recall correctly it involves:

- - making sure that you actually have the proper key

- - signing that key youself

Signing it essentially tells gpg that "yes, I've verified that they key
belongs to who it claims to".

Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)

iD8DBQFFzTkiCMEe9B/8oqERAqWfAJ9AEbgr3OvW6Xt0aXGavJCf0ydT1QCfRS0/
EnYiNJC91aX5gHNlCBx01RI=
=oHeH
-----END PGP SIGNATURE-----

Posted by: Leo Notenboom at February 9, 2007 07:17 PM

I've used GPG for a while to secure important data stored on my PC. I haven't really used it in earnest for email encryption, though. The main reason is that it's a bit too cumbersome for most people to use. I'm now advocating a product called Private Post (http://www.privatepost.com/) to my friends and customers. It is fairly easy to install, bolts into Outlook and Outlook Express and provides an Explorer extended menu for encrypting files etc. locally as well as in emails.

Posted by: Mark at February 15, 2007 02:07 AM

This comment explains a way to avoid the message in the article stating "there is no assurance key belongs to the named user". Whether it is the "best" or even a good way is beyond my knowledge but I thought I would share what I have learned. As always with "all things secure", use at your liability!

I was receiving this message too when trying to use an imported public key from PGP (commercial "equivalent" of GnuPGP) on my GnuPGP machine. I ended up generating a key on GnuPGP and then "signing" the PGP key with my generated (and trusted) GnuPGP key with the following command:

gpg --sign-key "key name"

It prompted me with the following message:

"Are you sure that you want to sign this key with your key "my GnuPGP key name"

Really sign? (y/N)"

To which I responded "y".

To which it required the passphrase to unlock the secret key for my GnuPGP key.

To which I supplied.

I then ran the command to update my trust database:

gpg --update-trustdb

To which it found the PGP key (signed) but with no defined "trust" value. So it gave me the following:

"Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.)

1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
s = skip this key
q = quit"

To which I answered (4) and was no longer prompted with the statement "...there is no assurance key belongs to the named user..."

Hope this helps others. If there's a way to do this without generating a local private key and using that to sign the public key and someone knows, please let me/us know.

Thanks.

Posted by: Matt at March 22, 2007 06:46 AM

You can avoid the assurance or trust problem by adding " --always-trust" to the command when encrypting... worked for me anyway ;)

Posted by: Ingo at April 4, 2007 01:17 AM

A LOT OF THANKS.REALLY IT IS EASILY UNDERSTANDABLE MANNER. IAM VERY PROUD TO VISIT YOUR SITE AND ALSO WILL BE LEARN MORE THINGS FROM YOUR SITE.VERRRRRRRRRY THANKS.

Posted by: RAGHUMADHULLA at August 16, 2007 06:16 AM

Or you can just use an service like http://www.certifiedmail.com and do away with key mumbo jumbo altogether.

And if you happen to have an X.509 certificate, you can still sign the message and send it to the recipient securely. The signing cert will be displayed to the recipient for non-repudiation, but the encryption happens without needing each recipient to have their own keys.

Posted by: Bob Janacek at February 26, 2008 12:18 PM

In the above section Encrypting Data you mentioned "There are ways to confirm and avoid this message: Use this key anyway? (y/N) y” Can you please provide more details?

Thanks,
Clint

It's been a while, but I believe the approach is that after you import the public key you sign it to confirm that it is what it claims to be. Check the GPG/PGP docs for more on this.

-Leo

Posted by: Clint at July 23, 2008 08:39 AM

See all 18 comments...

Post a comment on "How do I send encrypted email?":

Name: (Required)

Email Address: (Required)

(Email Address will not be published.)

Remember Me? YesNo

By popular demand...
my tip jar

Buy Leo a Latte!

Comments: (you may use HTML tags for style)

New!

Subscribe to the RSS Feed specifically for comments on this article.

Before commenting, please...

Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored.
Comment only on this article. Use the Google search box at the top of the page if you have a question about something else.
Don't include personal information in the comment. No email addresses. No phone numbers. No physical addresses.
Don't ask me to recover lost passwords or hacked accounts. I can't, and those comments will be deleted.

I can't respond to every comment. And I can't vouch for the accuracy of others who do.
Read Why didn't you answer my question? for hints on getting an answer.
By posting a comment you agree to the Terms of Service. Don't agree? Don't post.
Read the article at the top of this page. If your comment shows you didn't, it'll be deleted and ignored. Yes, I'm saying this twice; you'd be amazed.

Please wait. Your comment is being processed ...