What is PGP?
Update (November 2018): Please my related post on OpenPGP, the free, open-source version of PGP.
Ever since the last presidential election, there’s been a lot of talk about online security and privacy. I’m sure many of you heard words like “Signal,” “Tor,” and “PGP” tossed around, then were told you should use them. Maybe you’re interested in these things, but you don’t know when and where and how to start. Let me help you. Today, I’m going to tell you about PGP.
History of PGP
PGP stands for Pretty Good Privacy. It’s encryption software that not only protects email, but can also protect files and entire hard drives.
PGP was invented by Phil Zimmermann in 1991. The software was distributed through newsgroups, a system of message boards that were used before the invention of modern web browsers. PGP passed through several owners over the years, and is now owned by Symantec. This version of PGP is integrated in Symantec’s products for businesses, not those for individuals.
If you would like to use PGP for your personal emails, there is a solution. Even though the official PGP software isn’t free, there is also an encryption protocol based on it called OpenPGP. The free, open source software that implements OpenPGP is called GnuPG.
GnuPG doesn’t require a license or a fee to use, and it comes in many versions to support many different platforms. Not only can GnuPG encrypt your emails, it can also encrypt files, folders, and your entire hard drive. But in this post, I’ll just concentrate on what it can do for your emails.
How It Works
PGP is based on public key encryption. To put it simply, everyone who uses public key encryption gets two keys: a public key and a private key. The public key is listed in a public database called a key server; your public key serves as your identification for anyone who wants to contact you. Your private key is kept secret; only you should have access to it. When you send someone an encrypted email, you encrypt it with the recipient’s public key. When your recipient gets the email, she decrypts it with her private key.
After you have downloaded the appropriate version of GnuPG, you will create your own pair of keys. There’s no need to memorize complicated mathematical formulas to do so. Generating your keys can be as simple as pressing a button. After your keys have been created, you will be given the option to backup your keys (please do this) and to upload your public key to a key server.
If you’ve never contacted someone before, you can find their public key by looking them up on a key server. Here are some examples of the phone books of the modern age:
The instructions for importing the key – that is, downloading the person’s public key – varies, but it is often as simple as using a search button and copy-pasting a block of text. All the public keys of your contacts are added to a file called a keyring. Once you have imported the recipient’s public key, then you can start sending them encrypted email.
PGP only encrypts the content of the email itself, not the subject line. PGP can’t hide the addresses of the sender and the recipient; email can’t work that way. It would be like trying to send snail mail without the recipient’s address.
Windows and MacOS
You can add the security of GnuPG to your desktop email with the assistance of Gpg4win and GPG Suite.
Gpg4win is the official Windows version of GnuPG. It’s free of charge and is compatible with all versions of Windows from XP to 10. Gpg4win supports Outlook 2003 and up. Installing Gpg4win is just like installing any other Windows software.
GPG Suite is the official MacOS version of GnuPG. It supports MacOS 10.9 (Mavericks) and up. Unfortunately, it isn’t fully compatible with the MacOS version of Outlook. The good news is that it does work with Apple’s official Mail program.
Your free alternative to Outlook and Mail is Mozilla’s Thunderbird. Thunderbird is available for both Windows and MacOS. Its features and interface are very similar to Outlook and Mail, so the learning curve won’t be too steep. Just keep in mind that you will need to download and install Thunderbird before you fully install Gpg4win or GPG Suite.
After you’ve finished installing those two programs, you’ll need Enigmail. This is an add-on for Thunderbird that will let Thunderbird work with Gpg4win or GPG Suite to encrypt your emails. For more detailed instructions, I recommend the Electronic Frontier Foundation’s guides to installing PGP for Windows and installing PGP for MacOS.
Android
K-9 Mail is a very popular email app that’s named after a character from Doctor Who. It’s free to use and supports IMAP and POP3 email accounts. K-9 Mail is designed to work with OpenKeychain: Easy PGP, which is the Android version of GnuPG.
If you prefer an app that’s all-in-one, there’s R2Mail2. The free version of this app will only display ten emails; think of this more as a demo version. To access all features you must buy the R2Mail2 License; at this writing, it costs $4.97 in the Google Play store.
iOS
The only PGP-related app for iOS is iPGMail. It’s $1.99 and it works with the default iOS mail client. You can use AirDrop to transfer keys from a MacOS computer to your iPad and iPhone. iPGMail can also transfer files using DropBox and iTunes File Sharing.
Webmail
If you love the convenience of web-based email, you can still enjoy the security of PGP.
Gmail users have waited for years to add end-to-end encryption to their accounts. Since Google appears to have abandoned this project, it’s up to third-party providers to fill the gap.
Cryptup is a web browser plugin that integrates with Gmail. The free version will allow you to send encrypted emails and attachments. The advanced version adds extra features – such as the ability to send large attachments and make messages expire – all for $5 per month. For now, Cryptup is only available for Chrome and Firefox; the makers of Cryptup have promised Android and iOS versions in the future.
Mailvelope is a free web browser plugin that works with other webmail providers. It’s compatible with Gmail, Yahoo, Outlook.com, GMX, and others. Unfortunately, this plugin only works with the Chrome and Firefox browsers.
If you can’t wait for an update and are willing to try something new, there are two PGP-compatible webmail services available now.
Hushmail works in a web browser and also has an iOS app. For $49.98 per year, you’ll get 10 GB of storage, unlimited email aliases, and live customer support.
Protonmail is available as an app for Android and iOS, and also works in a web browser. The free version gives you one address, 500 MB of storage, up to 3 folders, up to 20 labels, and a limit of 150 messages per day. The two paid versions not only give you more storage, folders, labels, and messages, but also the ability to add extra addresses and custom domains.
PGP may seem complicated at first, but once you get the hang of it you’ll realize it’s not so hard after all. The peace of mind is worth it in the end. There are many good options available for you. There’s no need to wait: try one today.