The Hacker News Logo
Subscribe to Newsletter

What Is PGP Encryption And How To Encrypt Your Emails

Now that we have enough details about how the NSA's Surveillance program, running for a long time against almost each country of this planet. 

Hundreds of top-secret NSA documents provided by whistleblower Edward Snowden already exposed that Spying projects like PRISM and MUSCULAR are tapping directly into Google and Yahoo internal networks to access our Emails. NSA's tactics are even capable to defeat the SSL encryption, so unsecured email can easily be monitored and even altered as it travels through the Internet.

One major point on which all of us are worrying is about the privacy of communication among each other and If you're looking for a little personal privacy in your communications you will need to encrypt your messages.
To avoid privacy breaches; rather I should say to make it more difficult for the NSA or British GCHQ surveillance program to read our communication, we should use PGP encryption (Pretty Good Privacy).

Why we should Encrypt our Emails? Each public mail service provider sends information from sender to recipient like a postcard which has a recipient’s address and the content to be conveyed; and is open to the medium used for sending the card. Encryption is an envelope of the content of the document to be sent and leave the recipient’s address open so that it can reach to the destination. So by encrypting your mail, even if any mail service provider is keeping a record of all mails, you need not to worry that your document is being read by third person neither by NSA people.

Encrypting your email may sound daunting, but it's actually quite simple. We are going to use something called GNU Privacy Guard (GnuPG) or Gpg4win (Windows).
Step 1: Download the Gpg4win on windows machine and install it.
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 2: Go ahead and after successful installation, close the window.

Generating your PGP pair key:
Step 3: Now open Kleopatra tool (A GUI GPG Key Manager) to create a new asymmetric key pair (public & private). Click on File -> New Certificate.
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 4: In the key generation wizard, click on "Create a personal OpenPGP key pair" and in the next window enter your basic details:
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 5: In the next window, once review your details and click "Create Key". It will prompt you for entering a passphrase. Set a strong password and confirm it once again in the next window.

Step 6: Within a few seconds (depending on your system speed), Your Key pair will be generated (as shown).
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 7: You should "Make a backup of your file pair" somewhere safe. You can also export the public key to the public directory by clicking on the Upload Certificate to Directory Service.

Step 8: Once done, the key manager main interface will show your certificate as shown:
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 9: Select your newly generated certificate -> Right click -> click on Export Certificates to save your Public keys on the desktop.

You will have to exchange your public keys with whom you want to make secure communication via mails. Many people post their public keys to their personal websites. You can send it as attachments to everyone you email, just so they have them.
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Once your friends will have your Public keys, they can import it Kleoptra software via 'Import Certification' option from the menu.

Composing an encrypted email:
Step 1: Open Outlook -> Compose a new mail and write the recipient’s address, Subject and your message.
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Note: You should already have your email ID configured over Outlook software on windows machine and if your Outlook doesn't have OpenPGP, then you can install 'Outlook Privacy Plugin' to enable it.

Step 2: Under GpgOL menu (as shown), click on 'Encrypt'. The software will automatically import the public keys of the recipient from the Key Manager (only if exists or imported before).
Learn to Encrypt Your Emails against an invasion of privacy by NSA
Step 3: If you also want to attach some files to this encrypted email, then under GpgOL menu, click Encrypted File and select the file to be attached and SEND mail.

When you or the recipient will receive the encrypted mail, one should first decrypt it using private keys.

Step 4: Under GpgOL menu, click on 'Decrypt' to convert the email into readable form. To proceed, It will ask for  the secret passphrase entered at the time of creation of key pair.

That's it! Other than Outlook you can also use various desktop email clients (Thunderbird or Postbox) or web mail, that also support PGP encryption. You can import your key pair to other software also in order to manage the same account.

Final Note - Unauthorized access to your email by hackers, identity thieves, your ISP, and government surveillance and censorship agencies can have disastrous consequences. If you really care about your online privacy, I am sure you will definitely like this article. Stay tuned to 'The Hacker News' for more informative article and the latest updates from Hacking World.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.