Monday, November 3, 2008

Using FireGPG with Gmail


As, u have learned “Encrypted emails using WinPT” now I will teach you how to ecrypted & Decrypted emails using fireGPG with gmail.

Installation

You can download FireGPG from here



Note: FireGPG isn't a key manager. You must install the GnuPG software! U can refer to previous post for that.


After installation u need to restart your firefox.

You will find your FireGPG installed



















Compose emails

If you open your gmail account, click compose

Type ur email, and the email address of the person you want to send,



Please note: u need to import the key of the person, to whom you are sending the email

Press encrypt, select the person to whom u r sending the email, from your key database




















After pressing, Ok, your message will be encrypted

& then send this message to your friend.




















Receive Encrypted Emails

When your friend has send you encrypted email than after opening the email press “Decrypt this email”



















The fireGPG will ask your passphrase, after you have enter your passphrase, you will see your email message.














I hope you like the tutorial.

[C]How to Encrypt Your Email with GnuPG in Windows Part 1 - WinPT

Email encryption is not new but not many people know how to do it. Using GnuPG/GPG and WinPT, you can easily generate your encryption keys that allows you to send encrypted email to somebody else and only that person will be able to open it and vice versa. To make this simpler, I will divide this tutorial into three parts. Therefore in the tutorial below, I will show you step by step on how to install WinPT and GnuPG so you can encrypt your email later.

windows-email-encryption-gnupg-winpt

A Simple Introduction to Email Encryption with GnuPG

To start, you need to understand how email encryption works and I will try to use simple terms to explain this as clearly as possible. To encrypt an email, each email account requires a keypair that consists of two digital keys (imagine two text files with random characters inside them):

  • Private Key - you will use this key to open encrypted email that is sent to you. This key is exclusive to you only. Don’t give it out to anyone!
  • Public Key - you can distribute this key to anyone that you want. When others want to send you a secret encrypted message; they will be using this key.

Example of an email encryption process:

  1. Syahid and Bill are close friends. Sometimes they exchange secrets using emails, in Windows.
  2. Syahid has created his own private key and public key for syahid@notreal.com email address.
  3. Bill has created his own private key and public key for bill@notreal.com email address.
  4. Both of them then share their public key with each other. Bill has Syahid’s public key and vice versa.
  5. Bill wants to send Syahid a secret, so he will encrypt the email message with Syahid’s GnuPG public key and send the encrypted email to Syahid’s email address.
  6. Syahid’s receives Bill’s encrypted email. He then uses his exclusive, GnuPG private key to decrypt the message to be able to read the real text.
  7. If Bill mistakenly send the encrypted email to a wrong person; for example john@notreal.com, John won’t be able to read the real message because it is encrypted. Unless John is freakingly smart like Philip R. Zimmermann or Bruce Schneier, he has no way to read that encrypted email unless he goes to the extreme and steals Syahid’s private key.

For extensive information on encryption, you can read all the nitty-gritty, technical details here - GnuPG, WinPT, GPG, PGP, Email Encryption. I am going to skip the gory details because I am afraid that it may scare beginners!

Windows Email Encryption Tools

To create your own keypair for each of your email address, you need GnuPG and WinPT:

  • GnuPG (GNU Privacy Guard) - the real, command based application that actually creates your encryption keypairs. Also known as GPG.
  • WinPT (Windows Privacy Tools) - a Windows front-end / interface for GnuPG to make it easier for you to create and manage all your digital keypairs.

and of course you need an email account too. LOL!

WinPT and GnuPG Installation and Setup

How Install WinPT and GnuPG

1- Download the WinPT installer . It combines both GnuPG and WinPT in one simple package.

2- Double click the installer to start the installation.

winpt-gnupg-encryption-manager-001

3- Choose OK, Next, I Agree and Next for the first four screen.

4- Accept the default components on the “Choose Components” screen and press Next.

winpt-gnupg-encryption-manager-006

5- Press Next on the next three screens and then Install. Wait for the installation to finish before pressing Finish.

winpt-gnupg-encryption-manager-009

6- WinPT will automatically launch. If you get a screen prompting that you don’t have a keyring (no keyrings), press Cancel. WinPT tray should be available at your system tray now.

winpt-gnupg-encryption-manager-013

Create a Keypair For an Email Account

7- Right click on WinPT system tray and select Key Manager.

winpt-gnupg-encryption-manager-014

8- From the Key Manager menu bar, choose Key -> Generate to start creating a keypair.

winpt-gnupg-encryption-manager-015

9- Insert a username, the corresponding email address and pass phrase (password) two times for your keypair. Leave other options as default.

winpt-gnupg-encryption-manager-016

10- Wait for your keys to be created. A dialog will pop out to prompt you to backup your keyrings for safekeeping in case your hard disk crashes or your keyrings are accidentally deleted. Save the pubring.gpg and secring.gpg to somewhere you think safe - in a portable USB drive maybe?

winpt-gnupg-encryption-manager-018

11- Your key will appear the Key Manager screen. If it doesn’t, select Key from the menu bar and then Reload Key Cache. Select OK if you are prompted to do so.

winpt-gnupg-encryption-manager-022

winpt-gnupg-encryption-manager-021

12- You should now have one key for your email account listed. Take note of the Key ID and Type column. pub/sec means you have both the public and private keys for your email account inside your PC.

winpt-gnupg-encryption-manager-023

Create a Revocation Certificate (optional)

A revocation certificate allows you to notify others that your public key should no longer be used, in case you lose your private key or its pass phrase. It is a best practice to create a revocation certificate just after you create a keypair.

13- Right click on your keypair in Key Manager and choose Revoke.

winpt-gnupg-encryption-manager-024

14- Select the “Key has been compromised“. Add your own description, insert a password that you can remember and choose the name and location to store the revocation certificate. Click OK. You should get a success message.

winpt-gnupg-encryption-manager-025

Export Your Public Key to a Keyserver

By exporting your public key to a keyserver, others can download it and use it to send encrypted email to you. You can also send your public keys to your friends via a text file too.

15- Right click on your keypair in Key Manager and select Send to Keyserver -> Default Keyserver.

winpt-gnupg-encryption-manager-028

16- Take note or jot down your keyserver name (e.g. http://wwwkeys.nl.pgp.net) and press OK. Press OK once again to close the confirmation message.

winpt-gnupg-encryption-manager-029

winpt-gnupg-encryption-manager-030

Check Out Your Published Public Key Online

17- Using your favorite web browser, access your keyserver using the URL that you have jotted down above.

18- In the search string field, enter the email address that you used to create a GnuPG keypair above and press “Do the search!

winpt-gnupg-encryption-manager-031

19- Your public key should be listed successfully. Now others can use it to send secret emails to you!

winpt-gnupg-encryption-manager-032


Ref: http://www.techmalaya.com/2008/06/17/encrypt-emails-gnupg-gpg-winpt/

Google Search