Be Secure: A Beginners’ Guide to PGP with Gmail using MailVelope

To assist several of my friends in setting up PGP, I’m writing this tutorial to get regular old everyday people (with an IQ less than Ross) set up with PGP. This is very useful if you don’t want people other than your intended recipient to be able to read your messages.

Background

Go ahead and skip this section if you know about PGP and email.

Email is not, by nature, a secure form of communication. Anybody who happens to be listening “on the wire” can read your email. And unless you run your local server as an email server, your hosting provider can also read your email. This includes the infamous Lavabit service.

PGP stands for “pretty good privacy” and is an Asymmetric Method of encrypting data (typically text). When you create a “key pair” which includes a “public key” and a “private key,” that allows you to DECRYPT messages using your private key and distribute a public key which allows others to ENCRYPT messages ONLY. Public keys cannot decrypt messages

You can see that this is the ideal situation for two-way message encryption. Assuming PGP is “pretty good” and you keep your private keys secure on your machine AND protected with a password, this is a reasonably secure method of communication.

Getting Started

You probably have a Gmail account. You probably have Google Chrome installed on your computer. (If you don’t, go fix that…)

Now, using the chrome web store go ahead and install Mailvelope:

Mailvelope in Chrome Web Store
Mailvelope in Chrome Web Store

Now, once you have installed and enabled it, go ahead and access the Mailvelope options. Click on “Generate Key.”

Generate Key in Mailvelope
Generate Key in Mailvelope

Those are my recommended size settings (MAXIMUM). Click submit and then wait (it will take a while).

Once that completes you should see your key pair displayed in the keys page:

Keys in the Keyring of Mailvelope
Keys in the Keyring of Mailvelope

You’re almost done! Lastly, you should export your key from the keyring page and import it into a pgp key server — for example pgp.mit.edu.

Exporting Key -- Hit "Copy to Clipboard"
Exporting your public key — Hit “Copy to Clipboard”

Now, on MIT’s pgp server, go ahead and paste in your key under “submit a key.” You can now search for keys using their search function and then import them into your mailvelope. Any time you want to send an email to someone, sign it with their key. You can sign an email with multiple keys:

Email with mailvelope icon
Email with mailvelope icon
Compose all encrypted text in Mailvelope's dialog
Compose all encrypted text in Mailvelope’s dialog
Add public keys that you want to be able to read messages
Add public keys that you want to be able to read messages
Encrypt
Encrypt
Transfer into the compose field, then send!
Transfer into the compose field, then send!

Easy as pie!

Remember: Reading your own sent emails

Remember, if you don’t sign your keys with your own public key, you won’t be able to read sent messages. Selecting this in the options will default your public key in the sign field. Helpful.

This will make it so you can always read your sent emails
This will make it so you can always read your sent emails

Thanks! Leave questions in the comments!

Leave a Reply