Odds are you check your email at least once every day. But who else might be checking your email as well? If your email isn’t secured then the answer is, anyone and everyone. Email allows us to communicate personal, corporate, and possibly sensitive classified messages. You can bet that classified messages undergo quite a bit of protection. Why shouldn’t you be able to secure your messages, too?

With PGP securing your email is easy and transparent. PGP, created by Philip Zimmermann in 1991, stands Pretty Good Privacy. PGP is used for signing, encrypting and decrypting emails to increase the security of email communications. That seems straightforward enough but how does PGP work?

PGP acts as a messaging proxy that resides between your email client and your email server.

When secure email messaging is enabled, PGP will monitor the traffic between your email client and email server. Depending on how you have your email policies set, PGP will work transparently. It will automatically encrypt, sign, decrypt, or verify messages for incoming and outgoing email messages using your secure key.

Your secure PGP key is created during setup and is based on your name and email address. It is actually a keypair that contains one public key and one private key. Your private key can decrypt data that was encrypted using your public key and should not be given to anyone. A passphrase you create during setup will be used to create your private key. Your public key is widely distributed to others so that they can send protected messages to you and verify your digital signatures. This concept of private and public keys is based on public key cryptography. We will look further into public key cryptography in a future article.

Now that we understand a few basics about PGP and public key cryptography let’s implement PGP so we can send secure emails.

Step One: Download PGP

This isn’t as easy as clicking a link and saving your file to your computer. You need to visit the PGP Download site and read the contents of the page. After reading the PGP Software License Agreement you need to accept it. Then you need to fill out the PGP Desktop Trial License form and select your system platform.

You will be emailed a message containing a link to the PGP software download and an order PDF file. Download this PDF file and then follow the link to download the PGP Desktop software.

Step Two: Install PGP

Find the PGP file you just downloaded and unzip it. Open this new directory and unzip the “Inner” file. At the time of this writing, the “Inner” file is named “PGPDesktop9.10.0_Windows_Inner.zip”. After unzipping the “Inner” file you will have a documentation directory and two executable files (assuming you’re using Windows): “PGPDesktopWin32-9.10.0.exe” and “PGPDesktopWin64-9.10.0.exe”. Run the version that applies to your system (32-bit or 64-bit).

A screen will pop up and eventually prompt you to select your language. I chose English. The following screen will display a license agreement. You must agree to the terms of the license agreement before continuing installation. Eventually you’ll install PGP and be prompted to reboot your system. Please reboot your system and come back to this article to finish installing and configuring PGP to secure your email.

After you’ve rebooted you will need to run PGP Desktop from your Windows Start menu. You will see this screen:

It should default to “Yes” but if it isn’t click “Yes” and then click Next. The next screen should prompt you for your name, organization, and email address twice. Open the PDF document you downloaded earlier and use the same information from that document for these input fields. The next screen should ask you for your license number.

Use the same PDF document to obtain your license number and then enter it in their respective input fields. Click Next to continue with the PGP Setup Assistant.

The Assistant should authorize this license number and then allow you to continue to the following:

The above screen will display what features of PGP Desktop are available to you based on the license you provided. Click Next to continue to configure the User Type.

If this is the first time you’ve used PGP then you will need to select the “I am a new user” option and click Next.

You will be greeted by a PGP Key Generation Assistant, click Next. You will be asked for your Full Name and Primary Email. Provide this information and click Next.

Now you’ll need to be creative and think of a passphrase. This passphrase needs to remain a secret known only to you. It is used to create your keypair and is needed to use PGP, so remember it! Once you have created your passphrase, enter it into the Enter Passphrase and Re-enter Passphrase boxes then click Next. If you would like to see what you are typing in the two boxes simply check the Show Keystrokes box. Be mindful of people around you should you do this.

You’ll see this screen if you successfully typed your passphrase twice. It should summarize the steps previously taken, Generating Key and Generating Subkey(s), and then inform you that you have successfully created your keypair.

The next screen will be the PGP Global Directory Assistant. Please read the information provided and decide what you would like to do. If you wish for your friends or co-workers to be able to decrypt or verify your email messages then it is probably a good idea to add your public key to the global directory.

If you decided to add your key to the global directory you should be informed that this process was successful. Click Next.

The PGP Messaging assistant will help guide you through the process of setting up your system to use secure email. I don’t use AOL Instant Messenger so I just left the “Automatically detect my email accounts” option checked and clicked Next. Those of you using AOL Instant Messenger might want to give this a try (your friends will need PGP as well if you wish to communicate securely).

After the PGP Messaging: Introduction screen you’ll be shown the PGP Messaging: Default Outgoing Email Policies screen. I did not alter anything at this prompt, I just clicked Next.

The PDP Desktop program will inform you that it has successfully completed installation and configuration. You should see a white looking lock icon in your system tray, that is PGP Desktop.

We’re almost done, let’s configure Mozilla Thunderbird to use PGP. Open Mozilla Thunderbird. PGP Desktop should popup a screen that states PGP Desktop detected an email account and provide you with two options: “Yes, secure this email account” and “No, do not secure this email account”. I chose to let PGP secure my email account which directed me to the following:

I chose the PGP Desktop Key and clicked Next which eventually led me to a screen stating Completing the PGP Key Setup Assistant.

Some of you may need to Enable Messaging services within PGP Desktop (I had to). Left-click on the white PGP Desktop system tray icon and click Open PGP Desktop. The program will open and you should see a column on the left with following buttons: PGP Keys, PGP Messaging, etc. Click the PGP Messaging button (it should turn blue). Verify your email account information. I had to re-enter my email address. Now click the Messaging menu item at the top of program and select Enable Service from the drop down menu.

Now let’s test PGP and Thunderbird. The easiest way to do this is to send yourself a message. This will allow you to see if outgoing email and incoming email is working properly (encrypting, signing, decrypting, verifying signature, etc.)

If you have set everything up correctly you should see a popup at the lower right of your screen stating something similar (depending on whether it’s incoming or outgoing):

Conclusion

As we’ve just seen, securing your email isn’t difficult. It may take some time to go through all of the configuration options but once you’ve done it, creating new email policies and settings is really easy.