Open Development

I have long seen encryption as an increasing necessity in our digital lives, but until late, my excuse for not using it was that it was too much hassle to deal with! PGP is great, but PGP Desktop seemed a little bloated for my own purposes, took forever to load on startup, and (at least in my experience) was not very easy to setup with my Gmail + Outlook 2007 setup. The key to effective security, just as with any other precautionary measure, is that it must be convenient. Just the other day, a friend of mine introduced me to OpenPGP and a few graphical front-ends and plugins for Mozilla Thunderbird that make using Email and file encryption a piece of cake. For whole or partial drive encryption, TrueCrypt impressed me greatly.

Let’s begin with setting up Email encryption. Here’s what you need:

1. Mozilla Thunderbird, a light-weight but powerful alternative to Microsoft Outlook. By the makers of the Firefox web browser. You may also choose to use Outlook, but there seems to be a few hiccups between GnuPG4Win and the 2007 edition.
2. GNU Privacy Guard for Windows, a collection of open-source graphical encryption tools (including a shell extension) for the MS Windows operating system that act as a front-end to the daunting OpenPGP command line utilities.
3. Enigmail, a security plug-in for Thunderbird that allows effortless OpenPGP encryption

During the GnuPG4Win installation, you will be asked if you want to download and install extra components: I would recommend that you leave each checkbox checked to utilize the whole suite of tools. Once the installation is completed, you need to create a public and private key that will be used to encrypt your data: the public key is the key that you share with other, and the private key lets you decrypt messages encrypted with your public key (your contacts must use your public key to encrypt a message addressed to you, but they cannot decrypt it with the same key). To create your key, launch WinPT.exe and double-click on its system tray icon:

Figure 1: The Key Manager Window

On your first launch, you won’t see any keys listed, so launch the creation wizard (don’t forget to upload your public key to one of the public servers if you want your friends to be able to search for your key:

Figure 2: Creating Your Encryption Key

The wizard will ask you for your name, email address, and a strong password which it will use to create a strong 2-part PGP key containing your public and private key.

Figure 3: Uploading Your Key to the Public Server

Once you have a key to work with, go ahead and install Thunderbird and the Enigmail plug-in, and try out your new encryption system! Encrypting a message you are composing is as simple as clicking on the toolbar button. Here’s a few distinctive features that make Engmail pain-free and easy to use:

1. Automatic decryption – If an email is encrypted, Enigmail will ask you for the decryption password and retain it for 5 minutes.
2. Automatic Encryption upon Reply – Do you frequently tap out short emails back and forth with your colleagues that more closely resembles a chat? Don’t worry – Enigmail will automatically encrypt your replies if you respond to an incoming message that was encrypted.

Figure 4: Composing and Encrypting a Message

That’s all there is to it! More on TrueCrypt coming soon…