In that last few years we’ve come to see more and more that things we thought were private, simply aren’t. Whether it is companies that want to sell you things, the government wanting to find terrorist plots, or thieves looking for personal data to aid with identity theft, there are many players out there looking at your data.
Is there anyway to protect ourselves from prying eyes? One way is to use strong encryption. PGP, Pretty Good Privacy, has been around since 1991. It’s a public key encryption system, which means it uses a pair of encryption keys, one that is public and can be freely given out to anyone and one that is private/secret and must be protected. In addition to the keys there is a passphrase that is known to the owner of the keys and is required to decrypt a message. PGP has been a useful tool for techno-savvy folks, but has been difficult to use for the more techno-casual person.
I recently attended a CryptoParty. The aim of these events is to help put privacy tools in more hands. I discovered some new (and more modern) packages for working with PGP and integrating it into tools you may be familiar with, so I thought I’d share my experience of setting up PGP for use with Roundcube. Roundcube is an open source webmail client that is available for use with your SWCP account.
A little background
In order to use PGP you’ll need to generate your private and public keys and create a passphrase. You can export your public key and give it to anyone else you’d like to communicate with. They will also have to have a PGP setup in order to make use of your key and you’ll need their public key in order to encrypt a message to them. Your private key should remain on your local machine. You should never give it out. Even if your private key becomes compromised your passphrase and your private key are required to decrypt a message.
Mailvelope is a package that works with webmail clients, Gmail, Yahoo, Outlook, and others including Roundcube. It works as a browser extension for Chrome or Firefox. This will take you to the Chrome store page for Mailvelope. If you’re using Firefox this link will download the extension. Once you’ve installed the browser extension you’ll see a small icon next to the location bar that looks like a padlock and key.
Generating your keys
Click on the padlock and key symbol, then select options.
You’ll see a window that looks like this:
Now you can choose “Generate Key”. Your keys will be associated with an email address as well as your name, so you can have multiple identities by generating multiple key pairs. Each set of keys needs a unique email address. Once you’ve done this you should see you key in the Display Keys window. To make this more interesting you’ll want someone to communicate with. Below is my public key. Select and copy the entire block, starting with the BEGIN PGP line and including with the END PGP line. Then select import keys and paste the key into the text box and press Import. If you display keys now you should see a key for Jamii Costlow. That wraps up part 1 of Private Email. In the next post we’ll look at using these keys to encrypt email with RoundCube.
Jamii’s Public Key
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: Mailvelope v0.13.1 Comment: https://www.mailvelope.com xsFNBFW1iJABEADvgklTslRpsI1/+qSSgc/ABxMyduizXN8XGEjjVjyR3Kx9 VAcGFG9xtyWSX+8WCaC7mjjn90cEBv9eacMO0EUcpDBTY3dHrjv9fYGjJgF0 0M3p1MmdCMtvfsKUloJbIvUyoH+bt4sZxKYzf9W/Pz2kX/vraRsiHrZq3ULe 53O0H382vWwYVtrXAPpwUwS0LowiNLO2d34JZjvuKZ4aPCZmU2HgfrL+3ujF rM0nFgUE0hv4GqZODdC2Ju1wil6RT4z715fbBhP/XcbUABZYsiyMO4nnIm3i MdM/w5grzuuAQ8KMzwWBITHVfFMoT0dq4UzWQxZdvJHCywu+vAVROiZuVXM8 CPpYQ69R1PiPJ1ntiJvzNjuSwD6omBVY8eLLkPQY50ehArMEpNsfDUyO5Zfr rpBO2YfjWO93lV/2BdS75l926PBnCpKxwsd6fHg4pzr+Dxko6qh+9INd2tkG bVwzplp0ojL1y0qAJCCh93o7iwhiOL+4B8XPOlLlhcO3HU0IVYQsaFfb/ZFL z6cGD3fAnHM/fhnRrFPLEC3WXLimu49OlwSXwOWgDfsKk2CeXIZ0PJfcsdXf SUKBi4ORww+PUYgx6hlYQU+JT0OJvt+YH9LzSGUjDt7P9NWoJbRqdC+9pvve FHZ0eVbF2tfseEDa8rYfT/bigUihCy+kzg23MwARAQABzShKYW1paSBDb3N0 bG93IDxqYW1paUBpZGVhc2FuZGNvZmZlZS5jb20+wsFyBBABCAAmBQJVtYiZ BgsJCAcDAgkQLN2DVoqFTBgEFQgCCgMWAgECGwMCHgEAAHP5D/wLoVQHqm22 savdkl5/qt+eT5dxWKOIuQC3Azmwql/xsBGnG2rtoEi1p2m7Q5aWIKfW4/qM K147NfsjbWLVh++bnUajSHpgi8J6xJlfQGVzs8sZnisKOF/UaaO0G9ayyZab Ov7tc8riKtTqd4zq54NUF4T0diqajivdKs07HH2ECIeTXPloXPxh1w5e3go5 JxwaBiNmKtlfd0N0184Sn+DEqS6feebOtNbWk6/r9/b17cdrcWyS+UFVJPcG 2QU2uJUm8axUg7ZAj0swq1YCvRksUYvsUcEQWgHDbHsBJKNjd+FygDZRQduy yVwASsQ7QyNR+Iw7rtGYjf6O4PgPMDfXigfJy8Vx/10gBvmw78Pu3qdoBv8X OXTG5EI1ejLoa7rXAe5dkFZ+ZFD/3i6rjc3OC3p5Z8EXvg2JM5xX0e11X/1T 6WKiCpIqD35PnA0j8TDV6fG3HF+Md41DABn4G+Szgi+SLDFwflicQQxwzX5U 06p+SDJLSu2It14eyVQx7NVuEdCLxe8n5DvtBQ3JEOJ73aJ9nPhL42f+AIhb /1ZH7U3cV21ahTLw2fYYCB84EanrNscY0Epprjtb5RX8XCGfDSVGCf/hREVb Os/PTTP6PcZzBTJzhzqRhaFiYIPs1Wxlf6EJVMnuxsz6HaPDDwQOHb7H724U d6dzNoNpne1qIM7BTQRVtYiQARAA9A5QP3zypnZZiD3ANdvrPL2xynr1qL7/ SsQyPD4gsrk4WC6Xz5sAcpW16VzR6ifyq1QzY/7kwG4zu8AVA3aX+3Lf/Bpm r1kB9qTxJtfxFG9vA04gmbkwAZ/vZyEoWcHg7S/oAc9UwKs3UIhDiJf2n0kH 30LLp8bqwgyTSTaiXEomsEiX8/DEvb1SDy4f4Z4KSzrLhb46cyrHXfCxSrvI k6+dmg0u1viMAP5w8j7Oy66YboPiP/PhHdI+QjkwwOIwrqy9X04wGhfDfD8B /tuKUzv00T7B1rBiPtz7rL2+J/QOpiahamB142fYnFR9QSvBP5cCV0cL9zMm mFDSKmjSBh2av4ips4BQsfoXdFqoHFiMLEdYol8YB6hRMfUrzWNw47vgfyTI eDW+h1x3iozs/DYafmBetp6Jk6+zLQhbITMJL53kgnS0G1TKRhVzS724bnA9 p4cGWEvMYLWdfBYg41ghKIltbMNH5nF9ZvAD/v5PramjXonFmiwkpKzpT5UY pTNr9Xq6zzIDOX9QPGLaShlm6JRD3O9Cb+wpI3hH1Ls5YbUPlrFmU3APkka+ kDUwx/Wkh/9rqUsD/68AK8Ikl8S/VPI2s3ms/UIWt5esvQh5IYe9zKvpofqN 3O5fgNfvwnQ/p8EOXBI+1aa64/XV74CFfhgm2Wxt70WA97hMrw0AEQEAAcLB XwQYAQgAEwUCVbWInAkQLN2DVoqFTBgCGwwAAP2bD/0UfGCqIPJvo5zZyPdb 8u9fTRrhXfVz/gjrG7vRgo3LSDjIlfIMRQ+bX9K2bnftdOx3JTNRgxj0dB2N coT2dhJwQ9dF12o+Sc4qi8Hc6coFN58gkZPJXTfLVm2Q1gFAzYWiguS+QYWu 30EiZZteB3IFxObw1wJy2GtPZo4PYr0Q7UfZNwyxY3PREw2C+ULxhjMJU+bc sHmfzvc4U/XUDTYlEZpu8VfoRRKTTbh0zlBaWy5nnKVXTfJRe9LHDDjpmCov XnwfokCoNcSXSgg0NaIUXgV4s5w4gopXUBirl9Vo7fO4G+dtMvPnOcx7b7EW YtNxOV40ILaicxwlxSf/a6hd344RczgzMkpzdYgNyMif2spIgFjyie5WENDw WUglJzZqr+alNds83vBYDXmVbEyFVcuDpo7B7C9wmLkh/Bct5erqThKh+fnx Fr9nYs8VNYdo9NBvAhCmabPj8KCcveyCiGkOqGN0Cgx1c6S0SZyu54RdZ1if gxc6gOvDs0YndVP8jjr4kupbGlWe4lpTNiY+kVsKu3uU8c01rzSloUV8LvaB 24RVwYBLdOYMeqbsECwYocR6yfs8TopFY0iv6FZfBbUT+0xHTe3rtKKhI6aI vJCK2H5TAG05GAf8m1V9gSV68xK20Z2DSONwujIOGlrgL7QiG4akJYGU5FOI WKAWaw== =Nkih -----END PGP PUBLIC KEY BLOCK-----
You’ll find part 2 here.