How To Encrypt Your Email

Encrypted email allows you to protect your confidential email from casual prying when you communicate with others. Encryption works by taking your plain text message and scrambling the output so that it is unintelligible to someone who views it without decrypting it. To read it, the recipient must decrypt the message using a password (or key). For the purpose of communication, people typically use something called Public Key Encryption to implement this. However, since everyone does things differently, you will have to check the various free services and software listed here yourself to find out how they implement it.

Pretty Good Privacy is a popular program used to encrypt and decrypt e-mail over the Internet. PGP can also be used to send an encrypted digital signature that lets the receiver verify the sender's identity and know that the message was not changed en route it will stop efforts to harvest credit card numbers and information that can be used to commit identity theft. Email encryption is easy, free and offers strong protection against prying eyes. PGP is the most widely used privacy-ensuring program by individuals and is also used by many corporations. PGP has become a de facto standard for e-mail security. PGP can also be used to encrypt files being stored so that they are unreadable by other users or intruders.

How It Works

PGP uses a variation of the public key system. In this system, each user has a publicly known encryption key and a private key known only to that user. You encrypt a message you send to someone else using their public key. When they receive it, they decrypt it using their private key. Since encrypting an entire message can be time-consuming, PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the receiver who first uses the receiver's private key to decrypt the short key and then uses that key to decrypt the message.

Configure Outlook Express for PGP

1. Launch Outlook Express.  Click ToolsаPGPаOptions. 

2. Select the E-mail tab and check these two boxes:

       • Encrypt new messages by default

       • Sign new messages by default

3.  Click OK.   You are now ready to send an encrypted message to your partner.

4.  Create and send a new message to your partner.  When you click the Send button, a Recipient Selection window will appear.  Your partner’s e-mail should be listed under Recipients with a red question-mark because you and your partner have not exchanged key pairs.

5.  To acquire your partner’s public key, right-click the question mark and choose Update from Server.  Click OK

6.  Click the Import button.  You will be prompted to enter your passphrase.

7.  After your partner has sent you an encrypted message, click the Send/Receive button.  Open the newly-received message---it should look similar to this one:

8. Click the Decrypt button.  You will be prompted for your passphrase---enter it correctly and the message will decrypted.

Configure PGP in Thunderbird

1. Run the GPGP installer. It should put GNUPGP under your Program Files directory.

2. Once you've downloaded Enigmail, in Thunderbird open Tools -> Options -> Extensions -> Install New Extension, and then choose the Enigmail extension file.

3. When you've restarted Thunderbird with Enigmail installed, you will see an OpenPGP menu item. Open it and go to Preferences. There you'll find a dialog to point to your GnuPGP binary. Click Browse. On my machine, GPG was installed under Program Files\GNU\GnuPG\gpg.exe.

4. Now you’re ready to create your first key pair. From the OpenPGP menu item, choose Key Management. From the Generate menu, choose New Key Pair. Then select the email account that you want to create your first key pair for and set a passphrase. Hit the Generate Key button, and wait  some minutes.

When the key creation is done, you’ll be notified about it and asked if you want to create a revocation certificate. A revocation certificate is useful for if the secret key of your key pair gets lost. Just click “Yes” and Enigmail will prompt you to choose a location where you want your revocation certificate to be saved.

5. To find someone's PGP key, from the OpenPGP menu, choose Key Management. From the Keyserver menu, choose Search. Search for another PGP user by name or email address and add his key to your key manager. Once it's in there you will be able to encrypt mail to that person.

6. Compose your message as usual. Encrypt it by clicking the little key down on the lower right of your compose window. You can also cryptographically sign your message to prove it's you; that's the little pencil. When the key is colored green, it means the message will be encrypted.

Encryption makes your email only readable to the person you intend it for—hence the need for the person’s public key to encrypt the message for other persons it looks like :

You can easily decrypt this email by selecting Decrypt from the menu and entering your passphrase when asked.

Now, you can feel comfortable in the thought that you can send secure email messages. Certainly, there are still some precautions to consider, like keeping a secure copy of your key pair as well as your passphrase. But anyway your email will be protected

PGP is such an effective encryption tool that the U.S. government actually brought a lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries.