Encrypt Gmail Messages with FireGPG

Ads by Google

firegpglogo   Encrypt Gmail Messages with FireGPGFireGPG is a Firefox addon that allows you to encrypt gmailmessages and send encrypted email from Gmail with ease. It uses GnuPG, which is a program that utilizes public-key cryptography for securing the messages. Public key cryptography is probably the most widely used method for securing data, as it quite effective when used properly.

Public-key cryptography makes use of public and private key pairs for encrypting and decrypting data. Anyone can encrypt a message with a public key, but only the private key can be used to decrypt it. NEVER give your private key to anyone else. DO give your public key to others if you wish for them to send you encrypted messages.

In order for you to encrypt Gmail email and send encrypted messages to others, you¬†must use the recipients’ public keys so that they will be able to decrypt the messages. If you are interested in establishing secure email communications with others, you will want to direct them to this article if they are unfamiliar with PGP.

Before installing the FireGPG addon, you will first need to download the proper GnuPG binary for your operating system and install it. After you’ve downloaded and installed GnuPG, you can then download and install FireGPG.¬†Once you’ve installed both, launch Firefox and log into Gmail.

First, you will need to import your friends’ public keys.¬†You can do this with the FireGPG Key Manager.¬† You can launch the key manager from the Firefox menu bar if you navigate to Tools > FireGPG > Key manager.

Ads by Google

firegpgkeymanagerlaunch   Encrypt Gmail Messages with FireGPG

The easiest option is to just import from a key server, if you friend has uploaded his public.¬†Let’s say his email address is foo@bar.com. In a real search, you would only get one result (more if your friend has created more than one public key), but here’s what the search results for foo@bar.com looks like:

importkeyfromserver   Encrypt Gmail Messages with FireGPG

Once you’ve imported your friend’s key, you can send him an encrypted message.¬† You should probably also generate your own public key and upload it to the server, so that he will be able to respond to you with encrypted messages as well.

You can create your own public/private key pair by clicking the New key button in the Key manager. Enter all of the pertinent information, and choose a strong password. Choose something you can remember without writing it down, but not something that someone else would be able to figure out. Including numbers and symbols is a good idea as well.

Once you have your friend’s public key and your own public/private key, you are ready to send an encrypted message.¬†Visit Gmail, compose a message as you would normally, and before you submit it, be sure the lock image is colored (not gray).¬†If it is gray, click the Encrypt link to enable it.

firegpg encrypt message   Encrypt Gmail Messages with FireGPG

Although it isn’t required, it is a good idea to sign the message as well. Your friend can verify the message came from you by verifying your signed message with your public key. A valid signature can only be sent with a private key and verified with the corresponding public key.

Click Send.  If you chose to sign the message, you will be prompted to provide the password for your private key. Your friend will receive your message and should be able to decrypt it with his private key and password.

Please note that while you are composing a message, if it is autosaved it will be placed onto Google’s servers. While residing there, it will not be encrypted. ¬†Your messages will not be encrypted if they are autosaved while you are composing them.

If this concerns you for any reason and you want to take extra precautions, there is an option in FireGPG to disable Gmail’s autosave feature. ¬†From the Firefox menu bar, navigate to Tools > FireGPG > Options and go to the Gmail tab.

disableautosave   Encrypt Gmail Messages with FireGPG

Alternatively, if you do not want to disable autosave you can use FireGPG’s text editor to compose the message.¬†After composing the message in the text editor, you can then sign, encrypt, save it to the clipboard, and paste it into the Gmail message composition box.

firegpgtexteditor   Encrypt Gmail Messages with FireGPG

What do you think of FireGPG? What other tools do you use for sending encrypted emails with Gmail?

Ads by Google

6 Comments - Write a Comment

Reply

albatros

Great post, thanx.

Reply

Vladimir Klimsa

Thanks for your learning and sharing. I use your article in post about (vladimirklimsa.com/2009/09/17/como-de-seguro-es-su-email) email security. Vladimir

Reply

Encryption Software

I have taken the precaution to encrypt my emails to friends and family. Unfortunately, I have asked some friends if they have ever taken this precaution and they regretfully have said no. They do not believe in the threat of online predators hacking into personal emails and extracting information. I have convinced them to at least not send certain information over the Internet that they would hate to have fall into the wrong hands.

Wilson

I tried TheLetterEncrypter.

Its portable freeware of 9 KB.

Does its job efficiently.

Its worth making it a “Software Always to have in a PC”

Reply

Mellisa

TheLetterEncrypter’s nice.

Your comment