Secure e-mail communication

There are several ways to encrypt e-mails. The most common one is to do it with a certificate. What does that mean? A certificate gives you the option to make sure that an e-mail is really from the person it pretends to be and also gives you the option to encrypt message.

There are two (main) kind of e-mail certificates:

  1. Signed by an authority
  2. Self-Signed

Certificates signed by an authority

In the first case an authority validates if you are really the person you pretend to be. Depending on different levels, you pay a different amount of money, to verify this. There were several free authorities, which gave you a free certificate. Unfortunately there seems to be no one left which is for free an useable. The benefit of this certificate is, that most e-mail clients are capable of reading it directly. I used this kind of certificate while there were free and useable providers on the market and a few people recognized that there seems to be some kind of security feature on my e-mails ;) But you have to trust the authority. In the past some authorities got hacked (very few) and some were shown not trustable because of other reasons… In this case the trust of your certificate becomes useless. Somebody else could read your encrypted messages and write, encrypt and sign e-mails with your certificate, pretending to be you.

Self-Signed certificates

The second option is a self-signed certificate. That means instead of an authority, you are going to sign your certificate by yourself. Of course you can encrypt messages with it but by default none e-mail client known by me, will be able to read your certificate (he will need to install an extension as well). Also you cannot be sure if the person is really the person he pretends to be. You could make a call for example or ask on other ways, to proof the authenticity of the key. But it is for free and because you are the person who creates the key, the security belongs to you. No risk of an authority getting hacked or so.

In ANY case: PLEASE PLEASE PLEASE make a BACKUP of your certificate (with the private key) otherwise you won’t be able to read encrypted messages anymore and it will be a big mess. Believe me! ;)

Where to download?

For mac systems you can download and use GPGTools for free.
On windows systems you can use Gpg4win but if you are using thunderbird for example, I would recommend  you Enigmail. Of course they’re also both for free!

Here is a demonstration of GPGTools:

And here is one of Gpg4win:

And finally one for Thunderbird:

It may sound complicated and the tutorials you see above often wants to show you a lot of possibilities but at least on the mac (with apple mail) and with Thunderbird (regardless of the system) you can simply download, install and use the tool :) I guess it may cost you 10 minutes at all!

Here you find the source of the main picture!

If you found an error, highlight it and press Shift + Enter or click here to inform me. Please keep in mind that I only see the error. Marking one letter only unfortunately does not help much ;) If you like the post and would like to show it, then please click on the heart under the headline :) Would you like to get an email notification for new posts? Just subscribe to the newsletter, which you will find at the side menu!