Introduction: Encrypt Your Gmail Email!

Picture of Encrypt Your Gmail Email!

If you want to be sure that your email can be read by no one but you, then it needs to be encrypted. You'd be surprised to find out who might want to read your email. I was.

One of the best encryption systems is called GPG encryption which is an open-source version of PGP encryption. PGP stand for Pretty Good Privacy and is actually an understatement made by a programmer who didn't want to be too optimistic about how secure it is. However, as it turns out, PGP is has actually proven itself to be extremely good. It's been around for many years, being maintained by the best coders in the world and it hasn't been cracked.

In this Instructable, I'll walk you through the simple process of setting up GPG and then installing a Firefox plugin that will make it easy to encrypt your Gmail.

Step 1: How It Works

Picture of How It Works

The principle behind GPG encryption is easy. Anyone who wants to play creates a public key and a private key. Your public key is the part of the encryption that you make public. Your private key is the part of the encryption that you never share with anyone under any circumstance.

The two keys work together so that you need both to decrypt anything. To send an encrypted message to someone you lock the message with their public key and when they get it, they can unlock it with their private key. If they want to respond, then they encode the message with your public key and you can read it with your private key.

Of course, this only works so long as you can trust that you have been given the right public key and that you know who you are talking to. One of doing this is by having a key signing party with your close friends. You all show up at a given location at a given time and exchange public keys. Then you have a list of trusted public keys with which you can communicate. This is often referred to as a web of trust.

Step 2: Install GPG on Your Operating System

Picture of Install GPG on Your Operating System
Like I said before, getting your email protected is a two-step process. First, we have to get GPG installed on our operating system. Getting Gmail set up is on the next step.

I got GPG working on Mac OS X without too much trouble. I used the instructions and downloads at http://macgpg.sourceforge.net/ and summarized the process below. If you're on OS X, open that link in another window and get ready. For other operating systems, you can check the links on http://www.gnupg.org/download/.

Now, start downloading and installing! I've adapted the information from the Mac GPG FAQ, so you can also go there for more details. Here are the things I downloaded (you should got to the downloads page and get the latest):

First, open the DMG for GPG that you downloaded and run the installer. I just used all the defaults. This is the actual encryption engine that everything else runs on.

Once the installation is complete, open a Terminal window and type gpg, then hit [Return]. My installation gave me a "Go ahead and type your message ..." which I think means that GPG was up and running, so I ctrl-C'd out of that and closed the Terminal window.

Next, I installed GPG Preferences. That put a GPG icon in my System Preferences pane; I didn't change anything.

Finally, I installed GPG Keychain Access. This was easy: just unzip the ZIP file and drag the application into your Applications folder.

By the way, you can also do all of this from the command line. Here's a great tutorial for that.

Next up: Set up Gmail and start sending seeekrit messages!

Step 3: Generate Some Keys

Picture of Generate Some Keys

Then, I ran the app and it had me generate my two keys (one public, one private). I typed in my secret passphrases which, of course, I will never tell anyone.

The last step with my keys was to select my public key and export it to a text file. Once you do this, you can attach it or copy and paste the contents into an e-mail to send to you PGP/GPG wielding friends.

Step 4: Open an Anonymous Gmail Account

Picture of Open an Anonymous Gmail Account

Before you can encrypt anything, you need to make sure that you open a Gmail account that by no means can be traced back to you. This means that you have to be liberal about giving them your real name and address when you sign up. You should also always use a TOR server.

Step 5: Install FireGPG in Firefox

Picture of Install FireGPG in Firefox

Once you have done all that you need to install FireGPG into Firefox. Go to this link and click the link to download it to your computer. From here it should coach you through the process.

Restart Firefox, and now you have new buttons in your compose view for encrypting and signing messages. Now you can discuss your nefarious plans in private!

Step 6: Encrypt Anything!

Picture of Encrypt Anything!

Encrypting your Gmail is just an example. Now that you have GPG installed, there are a whole bunch of programs you can use to encrypt and sign stuff. For example:

GPGDropThing - This is a simple program which lets you encrypt text to people whose public keys are on your keyring, and also allows you to decrypt messages that they have written. GPGDropThing is especially useful when writing encrypted mail to your friends as some clients don't have GPG support built in. So far only Apple Mail and Mulberry have GPG support. Your can encrypt text on your hard drive, this way, or even paste encrypted snippets into your IMs.

GPGMail - For encrypting your email going through Apple's Mail.app.

Comments

techsonite (author)2016-10-29

I thought at Gmail Sign Up, you get all these benefits automatically?

zajpzetn (author)techsonite2017-10-20

For gmail encryption using smtp I use FreeEmailEncryption.com and no install needed, it has a few newer options like message expiration, anticracking protection, and generates keys >18,000 bit.

Yes you do this isnt real :/

suzysmith24 (author)2015-04-24

whenever i try to upload an instructable it says "verufy your email"how in the world do i do that?

lol u had to tro reply so u already did

I guess to confirm that your are not a bot :)

FrankD116 (author)2016-12-12

You must be a pretty boring person with nothing of note to say, nor anything in your email worthy of protecting. I hope you always feel that way about your privacy. Fortunately for me, you don't get to decide how I protect mine.

basilyok (author)2016-12-04

That's what you think now. But, tomrrow, what you said yesterday may be deemed subversive by a new oppressive government.

JosephB209 (author)2016-11-18

I do care...

nmeunier. (author)2016-09-19

As Snowden so aptly put it: "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."

LelTrolo (author)nmeunier.2016-10-04

t r i g g e r e d

rebecca_jeames (author)nmeunier.2016-09-21

That's exactly what i as going to say that. :)

dexb1 (author)2016-05-29

PGP encryption no longer meets the definition of a non-exportable weapon as of year 2000. Myths abound on the internet.

DominicC32 (author)2016-05-13

How to encrypt saved emails?

KevinR162 (author)2016-04-26

I know this is 2 years old, but... What is the point in you making such a useless comment? You came to a guide on how to encrypt your e-mail just to say you don't care if people can read your e-mail?

AmericanLawman (author)2016-01-18

If you're OK with other people reading your emails, you can basically replace "reads my emails" with "empties my bank account" or "steals my identity".

billbullock557 (author)2016-01-02

all I want is my email

BryanL13 (author)2015-08-23

"The two keys work together so that you need both to decrypt anything."
I believe this is wrong. You should only need the private key to decrypt, which is also what is shown in your diagram.
Unless you are referring to signing, which does have an decryption step using the public key at the receiver.

MatthewR15 (author)2015-06-23

ok, so M.R (?)
Lete get started

MatthewR15 (author)2015-06-23

ok, so M.R (?)
Lete get started

MatthewR15 (author)2015-06-23

protection of https://privatoria.net/

StanleyM2 (author)2015-03-26

I prefer 'double encryption' The service that I use

https://privatoria.net/ encrypts my text message and sends it over a secure SSL channel. That way you'll have to break one encryption just to get to another one

LyudmilaK (author)StanleyM22015-03-30

I also prefer the protection of https://privatoria.net/

It is easy to use and secure.

andybuda (author)2015-02-12

what bin did you rescue that computer from?

bradleybc (author)2008-05-22

Hasn't been cracked? C'mon, a cipher cracking util run on the fastest desktop PC would take about 22,000 years to decipher. On the other hand, the NSA's "BrainChild" supercomputer can solve it in about 20 minutes. So, it really depends on who you are trying to hide information from...

muzac (author)bradleybc2008-09-25

Actually, agents from the Secret Service themselves are admitting that if something is encrypted with PGP, it's pretty much impossible even for them to crack (mentioned in this article). The NSA may be able to crack it, but I've seen no published cases on this. It seems like if someone encrypts with PGP, anyone (including the government) wanting to decrypt the info tries to just find ways to swipe the key from somewhere, instead of a "brute force" method.

franklinonline (author)muzac2010-08-21

For all we know, they could already have cracked it a long time ago, and they already read everything encrypted or not. They just aren't telling us to give us a false sense of security.

thanks to Snowden we know they haven't :) http://www.theverge.com/2014/12/28/7458159/encryption-standards-the-nsa-cant-crack-pgp-tor-otr-snowden

The thing is, with enough time anything can be cracked but without knowing how long the original passphrase was it's pretty hard to do anything. My passphrase is in the neighborhood of 16+ characters which means they would have to make a list of all the possible strings that are 16 characters long, 17 characters long, etc until they cracked it. Without knowing that my passphrase is 16 characters at least though, you'd have to run through all the 1 character, 2 character, 3 character, 4 character, etc. passwords possible and finally be able to crack the passphrase. It'd take a wicked long time but eventually anything can be bruteforced. Just me $.02

If you were a suspect for a crime, they would probably just install malware on your computer, steal your password and not have to brute force anything. Or they can force you to reveal your passwords with torture or sever criminal penalties.

chamunks (author)franklinonline2012-09-05

l2crypto https://class.coursera.org/crypto-preview/lecture/index

Its all about reducing your odds. The best method for decrypting hashes is rainbow tables but that was solved by adding salt to the hash's. Private Public key crypto is much more complex by requiring multiple factors required to decrypt ans since gpg is an opensource crypto its been reviewed publically by many its very difficult to decrypt anything gpg related without two things your private key and your passphrase. You'd really have to try hard to replicate either of these things.

EricE7 (author)2014-12-16

In addition to keep the message private when it is transmitted between the sender and the receiver, does GPG keep the message encrypted in each party's mailbox? If not the case then how can I have my message stored in my Gmail mailbox in a way that even for Google couldn't read it?

xhizors000 (author)2014-10-20

You would if you were communicating with marketplace vendors.

tsaltzman (author)xhizors0002014-10-20

Nope

xhizors000 (author)tsaltzman2014-10-23

If you're buying illegals on the darknet then yeah mabye, unless you have a prison wish.

xhizors000 (author)tsaltzman2014-10-23

For purchasing Illegals on the darknet, yeah.

istevee (author)2014-02-23

I could also recommend www.securencrypt.com . It's free, has trusted lists, comes with encryption for emails, files and even SMS if you use the mobile version.

tinja (author)2013-12-01

I tired Galaxkey thanks for telling me about it, its really great! so easy to use.

www.galaxkey.com

P

rejoraju (author)2013-03-13

Find out how to encrypt your mail in Chrome and Mozilla in a very simple steps, no need to be tech savvy to do this work.

Learn how to Encrypt your mail in Gmail using Chrome

http://www.techxure.com/2013/01/encrypt-your-mail-using-safe-gmail.html

and also see how you can encrypt your mail in Mozilla

http://www.techxure.com/2013/03/encrypt-your-mail-in-mozilla-firefox.html

jacktrades (author)2012-07-11

You can also try:
www.safegmail.com

It's a browser extension for Gmail, PGP like.

kpatel18 (author)2011-10-23

Yup now a days gmail has 2 step security features also so no 1 can hack your mail.
< a href=”http://thexbit.com”>

pabloreyas (author)2011-10-09

This is the beast service for Secure Encripted Email!
http://securitykrypto.blogspot.com/2011/09/secure-email.html

Rhada (author)pabloreyas2011-10-11

Yeah is true, i use this service from 11 month and is really Excellent!
they have also a very good support.
For who want know more go here http://en.kryptotel.net/kryptomail.html

bfarnsworth (author)2011-08-26

It is discontinued. http://getfiregpg.org/s/gmailstatut

bijikenyot (author)2011-05-24

--BEGIN LOCKTHETEXT--
m3/cTRAQEBCgaQodPyz1yg42E+V8xge7TIA6W3S1a7E=
--END LOCKTHETEXT--

-nokia PIN

Mark Regan (author)2008-11-19

But I thought that gmail automatically appends your IP address. Therefore, "big brother" can easily trace any encrypted message back to your computer and, with or without a search warrant, even via a "black bag job", find out what you typed even before it was encrypted. There is no easy, reliable method of ensuring that anything is confidential anymore.

Cheswick32 (author)Mark Regan2011-01-19

If u use TOR to surf gmail, u essencially cant be traced

bijikenyot (author)Cheswick322011-05-24

psssst......voice down

si (author)2008-05-27

FWIW, I use a combination of a Truecrypt (Windows/OSX/Linux) encrypted volume to store a Keepass (Windows) database to maintain my passwords. There are similar password managers to Keepass for OSX and Linux. This means I only ever have to know one (very strong) password, all my other passwords are generated using Keepass, and are typically 30 random characters (including non alpha-numeric characters) or whatever the maximum number and type allowed by the particular system. This means I don't know my own Gmail password, and because the password database is double encrypted (Truecrypt volume + Keepass db) with AES, I can safely keep it on my USB flash drive, and not be worried if I lose it. The other nice thing about Keepass is you can attach files, so I also have my PGP keys stored in there as well. Yes, it's putting all your eggs in one basket, but it's a redundant, strong and secure basket!

threecheersfornick (author)si2008-07-30

But aren't you hooped if you lose the usb key? You'd never be able to open your email again.

About This Instructable

779,451views

169favorites

License:

Bio: Taking back the world, one hacked game console at a time ... Have you ever felt like the technology you love could be used against you ... More »
More by m1k3y:Go Online without Getting Snooped: Tor (The Onion Router)How to blend in with crowds.How to lie to authority figures
Add instructable to: