PGP is a program that is used to encrypt and decrypt data, so that only the legitimate recipient can decrypt the information. OpenPGP is the open standard based on PGP, and the one currently used in all programs. Mailvelope is an extension for Chrome and Firefox that will allow us to encrypt and decrypt emails from leading providers such as Gmail, Outlook and Yahoo Mail.
What is Mailvelope?
It is an extension for Google Chrome and Mozilla Firefox browsers that is completely free, incorporates the OpenPGP standard for encryption and decryption of text in emails, but it also allows you to encrypt the attached files of these e-mails. Its use is very simple if you have previously used a PGP-based program to send and receive emails, today in RedesZone we will show you how to configure and how encrypted e-mails are sent so that nobody reads them.
Installing Mailvelope in Chrome or Firefox browsers
The first thing we have to do is access the official website of Mailvelope and follow the links to download the extension in your browser. We have tried to install this extension in Google Chrome, and during all the tests we have used a Gmail account.
Once we click on “Add to Chrome” it will automatically be installed, it is not necessary to restart the computer nor the Google Chrome browser itself.
This extension will appear at the top of the web browser, and we can activate or deactivate the extension whenever we want, in addition, we can also click on “Add” in case we are in Gmail and the extension does not detect that we are in the Google webmail client, We can also click on “Reload” to refresh the extension.
If we click on “Options” we will enter all the configuration of the extension, something necessary to start using it since we will have to create or import our cryptographic keys.
Configuration: Generation of the public key and private key (asymmetric encryption)
In order to send or receive emails with OpenPGP, the first thing we need is to create the cryptographic keys. In the “Password management” area we must go to the “Configuration” part. In this menu we will have two options mainly:
- Generate key: will generate new cryptographic keys to use next.
- Import keys: if you already have previously generated PGP cryptographic keys, you can import them to start using them.
We are going to generate new keys, so click on “Generate password” and fill in all the text boxes. We must put our name and email, of course, we must also enter a password to encrypt and decrypt the content of the emails, without this key we can not do anything, and we must not forget it.
If we click on the “Advanced >>” button we will see that we can modify the length of the RSA keys, by default it is 4096 bits which is a fairly secure key length. Another option that we can define is that the cryptographic keys expire after for example 2 months, in this way, we ensure the renewal of these keys.
A very interesting option that we can mark or unmark is ” upload public key to the Mailvelope Key Server “, this facilitates the sending of our public key to future recipients. It does not matter to upload this public key to that server, since what we must protect is the private key it generates. The entity that manages this key server is Ubuntu, the popular Linux distribution.
Verify public and private keys from Mailvelope
In the “Show keys” tab we can see all the keys that we have generated or that we have imported in this extension. It will appear both if we have the public and private key, as if only the public one (because it is that of a recipient), the associated email will also appear as well as the ID of the key and when it was created.
If we click on the key in question, we can see all its details, and even export the public, private key or both.
How to send an e-mail with PGP and the Mailvelope extension
Once we have installed the extension and created the cryptographic keys, we can send and receive emails encrypted with PGP. The first thing we have to be clear about is that in order to send an encrypted email to a recipient, we must first have their public key and have imported it , in fact, the extension itself will notify us if we do not have the recipient’s public key, indicating that we only You can sign the email.
Once we have the key, just open Gmail and put a recipient of whom we have your public key, then we put the subject and in the body a new icon that is Mailvelope’s will appear directly. Clicking on that icon will open a new menu and that is where we must put the text we want to send to the recipient. Once sent, we can not only encrypt the message but also sign it so that you know 100% that we are the ones who sent it.
In the following image you can see how it looks when we already have the e-mail ready to sign and encrypt:
Before we can sign it, we must enter our password as it is signed with the private key (so that the recipient checks the signature with our public key that he should already have).
As soon as we click on accept, it will take us directly to the Gmail screen and paste the encrypted message into the body of the email:
And we will simply have to send the email as always, the recipient will receive all that and must decrypt it with their OpenPGP-based software and with their private key (since we have encrypted it with their public key). In the following tweet you have a perfect explanation:
https://twitter.com/JZdziarski/status/753223642297892864
How to decrypt an encrypted email with PGP
When we receive an email encrypted with PGP we will see something like this in our inbox:
If we open it we will see that the body of the message is fully encrypted with PGP, and we will get a sealed envelope with a padlock. If we press on it, we can open the content of the email by simply entering the password we created previously:
If we verify the email, we will see the signature of the sender of the message (in this case we have been ourselves):
As you can see, decryption of e-mails with Mailvelope is really easy and very fast.
Encrypting and decrypting attachments
In the “Options” area, if we click on the “File encryption ” tab we can attach files to our email with a maximum size of 20MB. In this area we can both encrypt and decrypt them:
As you can see, encrypt and decrypt e-mails and attachments with the Mailvelope extension is very simple, fast and also completely free. If you need to increase the privacy of your communications, we recommend using OpenPGP either as an extension or a dedicated program.