Lock up your emails

When it comes to email and data encryption, one of the most well-known tools is PGP – Pretty Good Privacy.

Since version 9.0, Pretty Good Privacy has been a complete solution for data protection on the PC.

As well as encrypting and decrypting emails in Outlook, Outlook Express, Eudora and Entourage, it can also encrypt conversations in AOL’s Instant Messenger.

In addition, PGP can even encrypt entire hard disks to protect them from unauthorised access. The PGP Zip module also enables you to compress and encrypt files and directories. The current version, PGP Desktop Home 9.5, costs about £65 from the PGP online shop.

But you don’t need to spend money to protect your email. GNU Privacy Guard – or GnuPG – has proved itself to be one of the best open-source solutions. It integrates with most email clients to offer powerful encryption technology. If you can’t come to terms with the command-line version, there’s a complete bundle, gpg4win. The installer contains GnuPG and the Windows Privacy Tools (WinPT) key manager.

How it works
Encryption with GnuPG works according to a fairly simple principle, known as public key infrastructure (PKI). Every GnuPG user has a key pair that comprises a public key and a private key. Email and files that are encoded with the public key can only be decoded by using the private key.

The public keys are stored and correlated with email addresses centrally on a database held on a GnuPG key server. The private key is known only to its owner, and a password has to be entered every time it is used. In order to encrypt a message, you have to know the recipient’s public key by getting it from the key server.

Generating keys
Before that, you need to create your pair of keys. Start by clicking on GnuPG Key pair generation and enter your name, email address and password. The program uses this data to generate a public and a private key. You can make the public key available to other users by right-clicking on the WinPT icon in the system tray and choosing ‘Key management’ from the context menu.

In the window of the same name you will find the key that you have just created. Click on the entry and select ‘Send to key server’ from the context menu. Choose a server from the list and confirm your choice by clicking on Yes. The box on the next page shows how to use your GnuPG keys to encrypt email in some of the most popular mail clients.

A key can be used for more than just encrypting messages. Digitally signing an email is the only way to ensure that the recipient can be certain that the message really did come from the person who claims to have sent it.

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!