Encrypting email with GnuPG

Slashdot it! Delicious Share on Facebook Tweet! Digg!
© Kirill Bodrov - 123RF.com

© Kirill Bodrov - 123RF.com

Keyed In

US intelligence agencies tap into billions of call data and electronic messages monthly – reason enough to consider encrypting your email traffic.

Anyone sending email unencrypted needs to be aware that everyone can intercept or tap into it. Thus, it's highly advisable to encrypt your communications. Two encryption methods have prevailed over the years, S/MIME and OpenPGP. Both are open standards that are constantly being monitored for vulnerabilities by security experts.

S/MIME, like the HTTPS protocol, is based on the name-checking of commercial certificates of Certification Authorities (CAs). It's used mainly in the corporate world, whereas OpenPGP is more prevalent in the private sector. This article focuses on the open source OpenPGP that the free software GnuPG [1] provides under Linux.

In this article, I'll provide some basic guidelines for encrypting your email and explains how to encrypt and decrypt messages with the common Linux mail clients KMail and Thunderbird. This scenario can also be used with other mail programs that support GnuPG. An important part of this process is ensuring that both senders and recipients are prepared to send and receive encrypted email traffic.

One-Way Street

Both encryption methods mentioned here rely on a combination of a publicly documented process and a key coding independent of the algorithm. The private key should never be publicly revealed. If it is, after a key change, you can at least continue to use the participating programs (GnuPG and the email client).

How do you secure the key against prying eyes? The answer: You can't. In the age of global telecommunication surveillance, this process definitely requires some personal responsibility. To deal with this, GnuPG uses asymmetric public key cryptography, with two keys that are mathematically linked – a public key for encryption and a secret one for decryption (Figure 1).

Figure 1: The public key encryption concept is like a padlock requiring different keys for opening and closing. The locking key (in green) can remain inserted but provides no method of entry. Only the owner of the private key (in red) can open the lock.

More important than mathematical details, however, is the public key cryptography's role in the encryption process. Anyone knowing the public key of the pair can encrypt messages so that they can be decrypted only via the corresponding private key. The latter secret key is normally known only to the recipient; thus, the sender himself can't even decrypt his own message to change it.

With OpenPGP, key servers handle the global availability of public keys. If you want to send an encrypted email to someone with a publicly available PGP key, you can just query one of the independently synchronized key servers for the recipient's email address.

Safety Net

The system, however, has a catch: Anyone can create and publish a key for any email address. If you encrypt an email with the wrong key, its owner can't decrypt it again, because his private key won't correspond to the public key you used.

Things get critical when an attacker uses a spoofed key to successfully intercept your email (Figure 2), because he also has the corresponding private key for decryption. After encrypting it, he can forward the message – even with changes made to its content – to the actual recipient encrypted with the authentic key pair. This so-called man-in-the-middle scenario can occur without the recipient's or sender's knowledge.

Figure 2: In a man-in-the-middle attack, an attacker can attach a spoofed public key (the green key bordered in black) while intercepting the message, along with a corresponding private key (the red key bordered in black), then send it encrypted with the authentic public key (in green) to the recipient. The recipient sees only the message encrypted with the authentic key.

OpenPGP provides two methods to ensure authentication of the two keys. Each PGP key has a fingerprint consisting of 10 four-digit hexadecimal numbers. Because spoofing a key with a number of that size is technically impossible, this process virtually ensures its authenticity.

Before sending security-critical emails, you should contact your recipient offline by telephone and compare the OpenPGP key fingerprints. It doesn't help any potential attacker to eavesdrop on your correspondence as long as he can't manipulate it. The key can then be considered trustworthy for any further messaging.

The second method for ensuring key authentication is to have it signed by a third party that vouches for its authenticity based on your OpenPGP key.

Because of potential signature falsification, however, the third-party method works only if you can authenticate it with the recipient's trusted fingerprint. The signature method technically guarantees only that certain fingerprints can't be generated to indicate possession of a specific private key.

Buy this article as PDF

Express-Checkout as PDF

Pages: 6

Price $0.99
(incl. VAT)

Buy Ubuntu User

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • An overview of the IMAP client Trojitá

    Trojitá is new to the scene of email clients, but it already stands out for its intuitive interface and speed. Even so, this client is still missing some essential functions.

  • Welcome

    The title of this issue's Editorial section is a shameless rip-off of a section that used to run in Omni, the influential and very cool 80s magazine of "Science Fiction, Fact, and Fantasy." The section in Omni talked about advances in science and technology and where they would lead us. The title played on the actual verbal tense – the word "will" was used a lot in the articles, and the fact that, well, it was about the future.

  • GNOME Cleartext Passwords: Bug or Feature?

    The current discussion in the Ubuntu forums is about a possible security hole in GNOME, specifically about GNOME registered users having their passwords appear as cleartext on the keyring. Not a bug, say its defenders, but the security concept behind the GNOME keyring.

  • Anonymous and secure surfing with Tails

    If you need an anonymous connection to the web, Tails 0.19 is just what you need. The Live system conceals all traces of surfing and mailing.

  • Pyspread – The Spreadsheet with a Python connection

    You can find plenty of spreadsheets offering a multitude of features. The Python-based Pyspread demonstrates that a sophisticated spreadsheet application can also be newcomer-friendly.