How To: Secure and Private Email

How To:
Secure and Private Email
How To:
Secure and Private Email
A Manual
By Ryan Porterfield
CONTENTS
1.0 Introduction ................................................................................................... 1
Disclaimer ........................................................................................................ 1
2.0 Choosing an Email Provider ........................................................................... 3
2.1 POP3 vs IMAP ............................................................................................. 3
2.2 Location of Servers ..................................................................................... 3
2.3 Privacy Policy.............................................................................................. 4
2.4 When You Can’t Choose Your Email Provider ............................................ 4
3.0 Choosing an Email Client ................................................................................ 5
3.1 Support for Email Encryption ..................................................................... 5
3.2 Open Source vs Proprietary ....................................................................... 5
4.0 Choosing a Secure Password.......................................................................... 7
5.0 Configuration How-To .................................................................................... 9
5.1 Configuring Thunderbird ............................................................................ 9
5.2 GPG .......................................................................................................... 11
5.3 Configuring Enigmail ................................................................................ 12
5.4 Sharing Keys and Sending Email ............................................................... 16
5.4.1 Exporting a Key ................................................................................. 16
5.4.2 Importing a Key ................................................................................. 18
5.4.3 Sending an Encrypted Email .............................................................. 19
iii
LIST OF FIGURES
Figure 1 .............................................................................................................. 10
Figure 2 .............................................................................................................. 11
Figure 3 .............................................................................................................. 12
Figure 4 .............................................................................................................. 12
Figure 5 .............................................................................................................. 13
Figure 6 .............................................................................................................. 14
Figure 7 .............................................................................................................. 15
Figure 8 .............................................................................................................. 16
Figure 9 .............................................................................................................. 17
Figure 10 ............................................................................................................ 17
Figure 11 ............................................................................................................ 18
Figure 12 ............................................................................................................ 19
iv
1.0 INTRODUCTION
The ability to have private conversations with friends or acquaintances is a right
most people expect they have. It is also a necessity for people discussing
business or trade secrets, activists, and a group of friends planning a surprise
birthday party for their friend. However, in the digital age, keeping
communications private is becoming harder and harder. Whether it’s a
government monitoring people for international security purposes, a hacker
spying on someone maliciously, or a nosy friend reading through your emails,
communications are constantly being monitored.
As the expectation of privacy and lack of actual privacy conflict, it is more
important than ever to make sure digital communications are kept both secure
and private.
This manual will teach you how to keep your email communications private
under a range of circumstances. In the ideal circumstance, the user can choose
their email provider and is sending email to contacts who are also using a
trustworthy email provider. Under slightly less ideal circumstances, the user
can control their email provider, but their contact is not using a trustworthy
email provider. In the least ideal circumstance, the user cannot control their
email provider, perhaps because it was assigned by work or school.
This manual will help the user choose an email provider, configure an email
client, and then help the user set up Gnu Privacy Guard to encrypt emails.
DISCLAIMER
This manual does not guarantee that all of your communications will be kept
completely secret from all entities. It does not guarantee privacy or security
when used incorrectly. This manual will not help if you are looking for a way to
keep all of your electronic communications private from national governments
or other state-sponsored entities.
1
2
2.0 CHOOSING AN EMAIL PROVIDER
There are many things to consider when choosing an email provider, such as
price, location of servers, supported protocols, Terms of Service, Privacy Policy,
and available email addresses to name a few. For our purposes, we will be
covering only the privacy related topics, supported protocols (POP3 vs. IMAP),
location of servers, and Privacy Policy. Other things that may be important to
you such as price should be considered on your own.
2.1 POP3 VS IMAP
There are two protocols for receiving email, and one for sending. Since there is
only one supported protocol for sending email (SMTP) we won’t focus on it,
and instead will consider the two protocols for receiving email, POP3 and IMAP.
Post Office Protocol (POP) was originally developed in 1984. POP3 works by
downloading all of your email from the server, to your computer. This is good
when you are very concerned about your communications being intercepted or
hacked, as nothing is left on the server for an adversary to read. The drawback
to POP3 is that if you access email from multiple locations, such as a home
computer, work computer, phone, or tablet, you cannot read email messages
downloaded to a different device.
Internet Message Access Protocol (IMAP) was originally developed in 1986.
IMAP gets a list of emails from the server, but not the email content. This takes
up less bandwidth which is good for people with slow connections, or a
monthly bandwidth limit. Also, because IMAP leaves emails on the server, you
can access all of your emails from multiple login locations.
For general email use, IMAP is recommended.
2.2 LOCATION OF SERVERS
The location of servers can be a very important factor in choosing an email
provider depending on what you use email for. For general use by American
3
users, servers in the U.S. are the best choice. For activists or people concerned
with corporate entities or governments getting a hold of their email, servers in
countries with strong privacy laws such as Italy or the Netherlands are a better
choice.
Most large email providers such as Google and Yahoo have servers in multiple
countries, and users may have no control over which country the servers they
connect to are in.
There are a few countries to avoid, such as Iran, China, and Syria (as well as a
few others) where internet access is heavily monitored and restricted.
For the average user, servers in the United States are recommended.
2.3 PRIVACY POLICY
Perhaps the most important aspect in choosing an email provider is the Privacy
Policy. The Privacy Policy of an email provider details the steps that the
company guarantees to take (or not to take) to keep a user’s data private. For
example, some companies such as Google and Yahoo reserve the right to scan
a user’s email (incoming and outgoing) and use that data for advertising
purposes. For someone concerned with privacy, this would not be acceptable.
On the other end of the spectrum, some email providers such as
Austici/Inventati do not keep logs of users accessing their service, and Vmail
encrypts all data on their servers.
Privacy Policies are usually short, and it is recommended to read the Privacy
Policy of all email services you are considering.
2.4 WHEN YOU CAN’T CHOOSE YOUR EMAIL PROVIDER
In some cases, you are stuck using an email provider you have no control over,
such as a work or school email address. Other times, you may be sending an
email to someone who uses an email provider you don’t trust. Encrypting your
email is always recommended, but is especially useful in these cases. Email
encryption is covered in section 3.0.
4
3.0 CHOOSING AN EMAIL CLIENT
There are a few things to consider when choosing an email client. Frequency of
security updates, interface usability, encryption support, open source vs.
proprietary, and trust in the developer are a few of the things to consider. Of
these, encryption support is the most important, followed closely by open
source vs. proprietary considerations.
3.1 SUPPORT FOR EMAIL ENCRYPTION
Most email clients support some form of encryption. Claws Mail, Thunderbird,
and Outlook all have some support for email encryption. Claws Mail is a
simple, lightweight, lightning fast client that is lacking in features, and has a
less-than-attractive interface. Thunderbird is developed by Mozilla and is the
email counterpart to the Firefox web browser. Thunderbird is more full
featured, but also slower. Outlook is slower, but has an interface that is
familiar to most windows users. All three email clients require a plugin to
support encryption, but installation is simple.
3.2 OPEN SOURCE VS PROPRIETARY
The development model of an email client can be a factor in choosing a client.
Open source means that anyone can look at and contribute to the source code,
while proprietary means that the source code is closely controlled by the entity
who owns it (usually a corporation).
While it may seem that open source is less safe because anyone can contribute,
the opposite is true. When a project is open source, multiple individuals or
organizations can “audit” the source code and verify that it is safe. Also for
most open source projects, code that is contributed has to be approved by the
original author of the project, so safety is maintained.
Proprietary software on the other hand cannot be audited by neutral third
parties, and may have security holes that the programmers are unaware of.
5
Also in some cases, proprietary software may have a “backdoor” that allows
the persons or company who developed the software to spy on its users.
Open source software is recommended, and both Thunderbird and Claws Mail
are open source. Microsoft Outlook is proprietary.
The email client recommended and used in the following tutorial is
Thunderbird.
6
4.0 CHOOSING A SECURE PASSWORD
The weakest part of security is the password used to protect your data. This
makes choosing a strong password the most important part of security. There
are a few simple rules to creating a strong password. A strong password is at
least 16 characters long and uses a mix of uppercase letters, lowercase letters,
numbers, and symbols.
An easy way to generate a strong password is to think of a “passphrase.” A
passphrase is a phrase of 2 or more words that are easy for the user to
remember. To make the passphrase harder for someone to guess, replace
random letters with numbers and symbols.
An example is to pick the passphrase “Rubber Duckies Float” which can
changed to “rUb%ER)^cK!3Sf\0aT”.
7
8
5.0 CONFIGURATION HOW-TO
The following tutorial assumes that you have found an email provider you trust
or are using one assigned to you, and that you have already created an account
with this provider.
You may also have to look up the server settings for these providers. Most
corporations that provide corporate email will provide instructions for setting
up an email client, and public email providers usually provide instructions on
their website. For common server configurations, Thunderbird can
automatically detect settings.
5.1 CONFIGURING THUNDERBIRD
When Thunderbird starts up for the first time, it will ask if you want to set it as
the default application for email, RSS feeds, and other things. This is up to you.
Next you will be presented with a menu to create an account. You should have
already created an email account, so select “Skip this and use my existing
email” at the bottom left. On the next screen, enter your email address and
the password you created when you registered your email. You can also enter
your name so that people you send email to will know who the email is from,
but this is not required.
9
FIGURE 1
If your email provider has a common server configuration, Thunderbird may
successfully detect the settings and finish. If not, you need to look up the
server settings. The input fields in Thunderbird should be straight forward to
fill in once you have found the server settings for your email provider.
10
FIGURE 2
Once you have entered all the server information (or if Thunderbird configured
it for you) you can click “done.” Thunderbird will test the server to make sure
your password is correct, and then will display your inbox. Thunderbird is now
set up to check your email.
5.2 GPG
OpenPGP is a standard originally defined for Pretty Good Privacy (PGP), which
is encryption software. The OpenPGP standard allows multiple vendors to offer
encryption software that is compatible with PGP. One of the most popular
OpenPGP programs is GNU Privacy Guard (GPG). Go to
http://gpg4win.org/download.html to download the most recent version of
GPG4Win (GPG for Windows). Follow the installation steps, keeping the
default settings.
GPG is what will be used to encrypt email, but in order to encrypt email to
someone you must have their public key. Key generation is covered in the next
section.
11
5.3 CONFIGURING ENIGMAIL
Now Thunderbird has to be configured for encryption. In Thunderbird, click the
settings button which is 3 horizontal lines at the top right.
FIGURE 3





Select Add-ons from the menu, which will open the Add-ons tab.
Search for Enigmail in the search bar.
The top result should be Enigmail <version number> where version
number is a decimal number.
Click the Install button on the right to install Enigmail.
Once Enigmail is installed Thunderbird will need to restart.
FIGURE 4
When Thunderbird restarts, an Enigmail helper wizard will pop up to walk you
through the steps of setting up GPG. If the wizard does not automatically start,
you can run it by clicking on the Settings (3 horizontal bars) -> OpenPGP ->
Setup Wizard.
12
FIGURE 5
Select “Yes, I would like the wizard to get me started.”
When the setup wizard opens, select “I want to create a new key pair for
signing and encrypting my email”.
13
FIGURE 6
Enigmail will now ask if you want to sign all of your email by default. Signing
email is not the same as encrypting email. Signing email allows you to send
unencrypted email that anyone can read (such as an email to multiple
recipients), but allows the users to verify that it was you who sent it, not
someone gaining access to your email address. Whether or not you want to
sign by default is up to you. When you have decided, click “Next”.
The next screen will ask if you want to encrypt all your email by default. Since
you have to have PGP/GPG keys for a recipient to encrypt email, and most of
your contacts probably don’t use PGP/GPG yet, select “No” and click “Next”.
Enigmail will ask if you want it to optimize Thunderbird’s settings for OpenPGP.
You can get more information by clicking on “Details …” This is up to you. Click
“Next” when you’ve decided.
Now it’s time to generate a PGP key of our own. Select the option to create a
new key pair and click “Next”. Enigmail will fill in the relevant data (such as
14
your email address) so all you have to do is select a password. Remember the
weakest part of encryption is the password you choose for your key, so pick a
strong password.
FIGURE 7
Enigmail will show you the settings it’s going to use to generate the key, and
then click “Next”.
15
FIGURE 8
It will take a minute to generate the key. When that is complete, select
Generate Certificate and save the file somewhere safe. Finally click finish.
5.4 SHARING KEYS AND SENDING EMAIL
Once you’ve generated a GPG key, there are a couple things you need to do to
send your contacts encrypted email.
5.4.1 EXPORTING A KEY
Now that a PGP key has been generated, the public key needs to be exported
so it can be shared with contacts and email can be encrypted. Accompanying
16
screenshots are on the next page. This requires use of the command prompt.
Open up the start menu and type “cmd”.
FIGURE 9
Type “gpg –list-keys” and press Return/Enter. This should print out 3 lines
about your GPG keys.
FIGURE 10
On the first line should be the text, “pub
2048R/[key number]” where key
number is an 8 digit hexadecimal number, such as 1B836459.
To export the key, type “gpg –-export -a –o my_key.asc [key number]”.
17
FIGURE 11
Now you can share your my_key.asc file with all of your contacts.
NOTE: THE FILE YOU EXPORT YOUR KEY TO DOES NOT HAVE TO BE CALLED
MY_KEY.ASC. YOU CAN CALL THE FILE WHATEVER YOU LIKE AS LONG AS IT
HAS AN .ASC EXTENSION.
5.4.2 IMPORTING A KEY
To import a key file that someone else gave you, right click on the key file (for
this example we’ll call it “friends_key.asc”), hover over “More GPGEx Options”
and select “Import”.
18
FIGURE 12
This will import your contacts key so you can encrypt email to them.
5.4.3 SENDING AN ENCRYPTED EMAIL
The next time you send an email to a contact you have a public key for, you can
select the OpenPGP drop down menu, and check Encrypt Message. When you
send the email, it will ask which public key to encrypt for, and then prompt you
for the password you used to create your key. Once you enter your password,
the email will be encrypted, and only the contact you sent it to can decrypt it.
19
20