Encrypted mailing

I started using mailbox.org and PGP to secure my messages. Unfortunately this is only as secure as the number of contacts which also use it. So read about mailbox.org, PGP and my experience with it.

What is PGP?

The really good Introduction to PGP and secured E-Mail-Communication Video by mailbox.org is a good way to start diving into the topic.

Quick and easy it is a way, so every one can encrypt a message for you while you are the only one who can decrypt and read it.

The trick is simple. You have two so called keys. One of them is your public key, which only can encrypt messages for you. So you have to let everybody know this key who want to send encrypted messages to you.

You might guess it, the second key is private and only known by you, and only by you. This key is the only one that can decrypt your data and that’s the point!

How it works is a mathematical question and the answer is the prime factorization.

mailbox.org and the others

Mailbox.org is a German mail service that uses PGP and thus tries to encrypt as much as it can.

Unfortunately you only can send encrypted messages to other users of PGP. To find those users more easily there are public key servers and you are encouraged to store your public key on these servers, so others can communicate secure more easily with you.

The good news is: even with providers like GMail PGP is possible. The way is a bit costlier but easier as you might think. You should only consider that e.g. the GMail web interface and App become useless, because they can’t decrypt your messages.

Instead you will use Software like Thunderbird with the Enigmail Plugin on Desktop or Apps like AGP and K-9 on Android. These are open source and free to use. For most platforms there are similar programs to go with.

The good thing about the tools mentioned above, especially Enigmail, the key creation process is as easy as counting to three.) is a German mail service that uses PGP and thus tries to encrypt as much as it can.

Unfortunately you only can send encrypted messages to other users of PGP. To find those users more easily there are public key servers and you are encouraged to store your public key on these servers, so others can communicate secure more easily with you.

The good news is: even with providers like GMail PGP is possible. The way is a bit costlier but easier as you might think. You should only consider that e.g. the GMail web interface and App become useless, because they can’t decrypt your messages.

Instead you will use Software like Thunderbird with the Enigmail Plugin on Desktop or Apps like AGP and K-9 on Android. These are open source and free to use. For most platforms there are similar programs to go with.

The good thing about the tools mentioned above, especially Enigmail, the key creation process is as easy as counting to three.

Keep your private key synced but save

A way to keep your key save but also have the ability to sync it through your devices is the encrypted Dropbox approach with EncFS.

Alternatively mailbox.org has it’s own secure cloud for storing your private key and securing it with a password.

Start to use PGP right now

Use my public key and right me an email. Find my email on the about page.

Any thoughts of your own?

Feel free to raise a discussion with me on Mastodon or drop me an email.

Licenses

The text of this post is licensed under the Attribution 4.0 International License (CC BY 4.0). You may Share or Adapt given the appropriate Credit.

Any source code in this post is licensed under the MIT license.