Many new computer users consider encryption too hard to use or just not worth the trouble. If you’re sending the groceries list to your husband or wife, that may be true. But consider that our society is becoming more and more prone to surveillance, either by governments or private individuals looking for financial gains. If you had to send your bank statements to your financial advisor, or medical record to the family doctor, wouldn’t you use encryption?
If you choose not to, you risk exposing some intimate aspects to a malicious person, sniffing the internet traffic at a local hub or router. The same thing happens if you use a weak password or security question for your email account.
If that information was encrypted to start with, the sniffer would receive a bunch of seemingly random bits – and even if the person knew that it was encrypted, he still wouldn’t be able to do anything about it. And the guy who guessed your password still won’t have the private/public key combination to decrypt the actual message. Personally, I would sleep better at night knowing that I took this precautions for my own safety.
Now that we did some explaining for writing the article, lets delve into the world of encryption. Using the steps below, you will be able to encrypt any text message, including plain text email. Unfortunately, this tutorial will only cover the steps necessary for a Windows system using GnuPG. So, I invite my colleagues to teach you about encryption for Mac and Linux.
Instead of covering different plugins that interface GnuPG to clients like Thunderbird, I’ll show you how to do it the old fashion way which doesn’t require installing anything else than GnuPG, and is universally compatible.
- Download GnuPG for Windows from this page. Choose the current stable version of the program. The beta runtime is significantly larger, requires a restart, and it may contain bugs.
- From the start menu, choose to open WinPT. WinPT is a program that manages all the encryption/decryption keys you use.
- Generate your private key/public key set by clicking on “˜Generate a GnuPG key pair’. Learn about how this encryption scheme works by reading this article in Wikipedia.
- Select a name for your key pair and an email address that the key pair will be associated to. You will then have to enter a password that will unlock this very long encryption key pair. Remember that the encryption is as strong as the password you choose right now. Entering “˜123456′ is a very very bad idea if you really want to protect data.
- Success! Your initial key will be shown in the WinPT window.
- Open Wordpad.
- Send the receiving party your PGP public key by right-clicking on the key icon in the taskbar and selecting Current Window>Sign.
- Send the text that appears to the person which you wish to communicate with. They will need to send you their public key if they want to reply in encrypted format.
- Save the received PGP key as a .txt document and import it in WinPT by clicking Key>Import.
- Encrypt the message by either copying the text to the clipboard or by selecting Current Window>Encrypt in the taskbar. Paste the encrypted text to a new email and click send.
You can even encrypt files via File Manager>File>Encrypt into ZIP. In the window that appears, select the receiver’s public key. To decrypt, the receiver simply has to drag and drop the file into the File Manager.
And to answer proactively to a question I see coming – yes, I think it is possible that all our current encryption techniques can be broken by an organization such as the NRO or NSA. Come to think about it, during our history as humans, we invented a lot of encryption methods that turned out to be flawed, one of the most notorious being the Enigma machine.
What’s your take on encryption? Do you use it? Do you think you’ll ever need it? Have you say in the comments.
Image Credits: Flickr – Ngoc Ha