blog

Trying PGP

by

Software screen capture
Some months ago, I wrote about using PGP and S/MIME to keep e-mail private. As much as I love the idea of keeping my e-mail private, I rarely use PGP or S/MIME. This is because the people with whom I communicate don’t use PGP or S/MIME. To improve this situation, I’ve been looking at ways I can help my friends and family try securing their e-mail.
Before I dive into what I’ve found, let me mention that these solutions do not provide the same level of security as installing GnuPG (or other similar tools) on your own computer.

Hushmail

Hushmail is an e-mail service provider that focuses on providing private e-mail services. I tried their limited free service.
Hushmail does a good job of not exposing their users to PGP any more than necessary. It is trivial to send encrypted e-mail to other Hushmail users, and only slightly more difficult to send it to outside addresses. (Note that Hushmail is in the middle of an interface upgrade, so some of the instructions refer to the older interface.) When you send encrypted e-mail to outside addresses, Hushmail does not default to using PGP. Instead, Hushmail sends a message that contains a link to Hushmail’s website. There, the user answers a question written by the sender. The question and answer are used to generate the key for encrypting the message.
If you want to work with PGP users outside of the Hushmail system, there are additional steps you must take. If you want Hushmail users to be able to send messages to you, you must upload your public key to Hushmail. If you want to send messages to Hushmail users, you can get their public keys from Hushtools. Finally, if you are a Hushmail user and decide that you want to use your secret key outside of Hushmail (be careful!) then you can export your Hushmail secret key.
Hushmail does a nice job of keeping private e-mail simple. Their service is not the most secure—they have a history of compromising accounts in support of court orders—but it is good enough for most people. The biggest downside of using Hushmail is you will probably have to change your e-mail address to use it.

Mailvelope

Software screen capture
Mailvelope is a Google Chrome browser extension which uses OpenPGP.js to provide some support for PGP in your browser. It is specifically designed to work with webmail interfaces and comes preconfigured to work with Gmail, Yahoo Mail, Outlook.com and GMX. It can create keys, import and export keys, and encrypt and decrypt messages. It’s almost too easy to use and the developer behind it has done a good job of keeping the interface simple.
There are some security concerns around using JavaScript for cryptographic operations and additional concerns around providing potential attackers with both plaintext and ciphertext. JavaScript is not the best runtime environment for storing private data. It does not provide any mechanism by which to prevent memory from being paged out. Potential sources of random numbers (especially used in key generation) are not as good as in other environments (but this is improving.) Finally, when you write a message in Gmail and encrypt it with Mailvelope, Google has access to both the plaintext and the ciphertext. This may help Google discover your private key.
In testing Hushmail and Mailvelope together, I ran into a known issue that prevents Mailvelope from importing Hushmail public keys. (The issue was fixed five days ago and should make it into a release in the near future.) Other than this, Mailvelope looks like a great tool.
Update: Mailvelope 0.6 was released about the time this post was published. This new release provides an external editor for composing e-mail (which addresses the concerns about your service provider getting access to plaintext) and fixes the Hushmail key import error.

Give these tools a shot and let me know how they work for you. If they don’t work for you, have you found any others that do?

+ more