Gmail-LogoThe following steps are for use when enabling PGP encryption for use with a Gmail account. Similar steps are applicable to various webmail resources (such as Yahoo mail, Outlook, etc.). The tutorial will be focusing on the Firefox browser, but similar steps can be followed for Chrome.

What is PGP?

PGP (or Pretty-Good-Privacy) is an encryption algorithm following the OpenPGP standard (RFC 4880) for encrypting and decrypting data. PGP is a hybrid cryptosystem using a combination of symmetric key cryptography and public key cryptography.

When plaintext data is encrypted with PGP, it is first compressed to reduce plaintext pattern recognition. Next, a one-time session key is generated which is used to convert the compressed plaintext to ciphertext. This session key is then encrpted to the recipients public key, which is transmitted along with the ciphertext to the recipient.

The decryption is a reverse of the process. The recipient utilzes their private key to decrypt to the session key, which is then used to decrypt the provided ciphertext.

Configure PGP encryption for Gmail using the Mailvelope addon –

Step 1: Download the Mailvelope addon for Firefox or Chrome (Firefox will be used in this example). Please use the links below to download the appropriate addon for your browser.

– Firefox: https://github.com/toberndo/mailvelope/tree/master/firefox
– Chrome: https://chrome.google.com/webstore/detail/mailvelope/kajibbejlbohfaggdiogboambcijhkke

Step 2: Install the addon in your browser. After successful installation, you should see the addon appear in the active extensions list (in Firefox, you can browse to about:addons).

Step 3: Configure Mailvelope to you use your public/private keypair (Mailvelope can be used to generate a public/private keypair if you do not already have one, please see section 3a).

  1. Enable the ‘Addons’ toolbar in Firefox if necessary
  2. Select the Mailvelope lock symbol in the Addons toolbar
  3. Select ‘Mailvelope Options’
  4. The ‘Display Keys’ options will show any pre-configured keypairs that have been imported
  5. Select ‘Import Keys’
  6. Paste keypair text or manually import with the ‘browse’ button
  7. Select submit
  8. The newly imported keypair(s) will appear in the ‘Display Keys’ field

Step 3a: Generate a new PGP keypair.

  1. Enable the ‘Addons’ toolbar in Firefox if necessary
  2. Select the Mailvelope lock symbol in the Addons toolbar
  3. Select ‘Mailvelope Options’
  4. The ‘Display Keys’ options will show any pre-configured keypairs that have been imported
  5. Select ‘Generate Keys’
  6. Fill in required information (—), a particular keypair will need to be generated for each email address
  7. Select submit (this can take some time depending on the email address, passphrase, and key length used), your browser may appear to lock up but this is normal
  8. You should now see your keypair listed in the ‘Display Keys’ field

Step 4: Encrypt message(s) within Gmail –

  1. Select ‘Compose’ to create a new message
  2. You will see a new icon appear for Mailvelope within the body of the email, select this icon to open the Mailvelope compose page
  3. Add your message text, and then select the lock icon to the right
  4. You will now see a drop down list of your contacts, select the appropriate contact(s) and select add
  5. Select ‘Ok’ and your message will then be encrypted
  6. Select transfer to move the encrypted text to the body of gmail, your message can now be sent

*Please note that you must provide your public key to another user before they will be able to decrypt the messages.

** Please note that the Mailvelope addon DOES NOT encrypt attachments, only message text