I am going to explain here step by step, how to send an encrypted email.
Difficulty of this tutorial: Very Easy
First of all, why would you want to send an encrypted email? Such an email will send your text encrypted so that even if someone could gain access to it, they would not be able to read it, unless they had your “secret key”. How could someone gain access to an email you are sending? Well there are at least two ways I am aware of. One of them occurs while the data is “in transit” and the other is when your inbox has been hacked. Let’s assume that it is very difficult for your inbox to be hacked, because you are using a really strong password, which is at least 15 characters long. But from what I gather, after reading lots of security articles, it can be easier for someone to steal your data as you are sending them, especially if you are using a public wifi without a trusted vpn.
The other concern that one may have is the surveillance of our emails by states. While we still (more or less) do trust the governments around the world to do the right thing with our data, I don’t necessarily want them to know to whom I am currently sending a love letter for example or what my plans for world domination are *lol*. That’s something private. After the Snowden revelations, it has become almost impossible to trust even the biggest and most established hosts. The internet has become like Tolkien’s Palantir “We do not know who else is watching”.
Besides, it’s just cool to know how to encrypt your emails. Encryption is a “magic power”, you can use it to impress your friends.
This kind of encryption that I will describe here is called “asymmetric”. This is the most secure and most popular way to encrypt texts. For the encryption to work you need to have a public key and a private key. However, your communications’ partner, must also have a public and a private key. Otherwise, you can’t exchange encrypted emails. So if you want to play the game of encryption, you need to find friends who will play it along with you :P.
I created a video some time ago where I tried to explain how to create a public key and a secret key. You just need to download a program (pgp4win) and click the options that will generate those keys. Watch the video:
Make sure your secret key remains secret. If you store your secret key on your computer, and your computer is constantly online, there is always a possibility that it may get hacked and someone could steal your key. Maybe they would install a keylogger and steal your key password too. (Don’t forget not to forget the password!!!) Generally, the safest way to store a key is offline, maybe on a usb stick. But… if you chose this path, make sure you have a back up of the key on a cd or another usb stick.
Now that you have your keys ready you can use the same program to encrypt your message. You will use the public key of the person you are sending the message to, to encrypt the email, and the receiver will use his own secret key to decrypt it. When someone writes to you, they are using your public key to encrypt the text, and you will use your secret key to decrypt it. How will they get hold of your public key? You either upload it on your website or give it to them in some other way (email etc).
The only problem when uploading public keys on our websites is that the websites could also get hacked and the key could be distorted. For this reason, one can encrypt a message not only with the public key of the other person, but also with one’s own secret key. This way, the recipient can confirm that the message comes from you, by using your public key to decrypt it, along with one’s one secret key.
Now I did upload my private key to keybase.io and I must confess struggled with that decision a lot. In the end I decided that the process they are using is probably (and I say probably because I am no expert in security) secure. The key is stored encrypted and only I can decrypt it with my password. It’s also helpful to know that people I trust have accounts on that website. Keybase.io represents an amazing concept that could make encryption available to anyone who doesn’t want to use pgp to encrypt and decrypt messages (because its just too much of a hassle to them).
Have fun with encryption!