Email security

I have come across an excellent article on a system that passes the “your-85-year-old-grandmother-could-use-this” test (providing a younger family member installs it on her computer). A doddle to use and nobody can see your email. It would take a thousand computers a thousand years to decrypt your information.

This is called PGP which stands for “Pretty Good Privacy” designed by Phil Zimmerman who I had met many years ago. Phil had the American government on his back for years as they tried to send him to prison for exporting strong encryption which was against the law. However, he did not export the program. He exported the written code of the program which was allowed by a badly drafted law. Now the whole world has it. And he became a wealthy company president instead of a prison inmate!

This is a system where you generate two program keys. One is your public key and may be given to everyone, the other is your secret key and should be closely guarded. Any email encrypted with your secret key, and the other person’s public key may only be read using that other person’s secret key. There are communal registries what can hold everyone’s public key. Once you download a public key you can check it is the right key by phoning or writing a snail mail letter with the “fingerprint” code. Once you get a reply you can mark that key as a “trusted” key. All good stuff and really easy to do. Once the key is trusted that part of the operation is over.

Now you can encrypt an email very easily and nobody can read that email other than the person you have written to. If the authorities demand a copy of your secret key you can give it to them, and then make another key. If everyone does this the authorities will eventually grind to a halt!

Finally, another use of this method is to sign your email. This doesn’t encrypt it but if anyone tries to alter it and pass it on as yours, the signing can prove the email has been altered. Very useful if you dabble in politics.

The following tutorial is excellent and, although for Windows users, can be used as a guideline for Linux users. There are many PGP programs in Linux all free of charge. I use Enigmail for Thunderbird and Evolution has PGP built in.


%d bloggers like this: