I haven’t used e-mail encryption for a while, I am not sure how exactly to set it up, but once it is installed, it’s very easy to use. Here is what I know, though you will need more details; perhaps someone here can add them.
First, you need a mail client that supports encryption. I use Mozilla Thunderbird as an e-mail client, and there are some plugins that support encryption. I don’t have recent experience with them, so I don’t know which one to recommend. (After short googling, Enigmail seems to be a popular choice.)
Second, to send encrypted e-mails or digitally signed e-mails, you need a public/private key pair. There are some softwares that will generate such pair for you, and you will add them to your mail client. Additional layer of security is if you have a certificate confirming that this is your public key. (Such certificate protects you against a kind of attack where I would send your friends an e-mail pretending to be written by you, including my public key pretending that it is your public key—or I could do the same thing by hacking your webpage, if your public key is published there.) Last time I tried this, there were some certificate companies that would give you a free certificate, but only for non-commercial use and with validity of one year. Another use of certificate authority is that if someone steals your private key, you can publish an information that people should not use the corresponding public key anymore.
Please note that encryption and digital signature are two sides of the same coin. Simply said, encryption (based on public/private keys) is “everyone can write, but only one can read”, and digital signature is “everyone can read, but only one can write”. Actually, there is no difference between private and public key—they are just two numbers that together have some mathematical property, and their role in this property is symmetrical: if you encrypt something with public key, you can decrypt it with private key (this is called encryption), and if you encrypt something with your private key, you can descrypt it with public key (this is called digital signature verification).
This is the difficult part, but once it is done, using the system is the easy part.
If you receive a digitally signed message, it will have an icon (colored pen). By clicking on the icon you can add the person’s public key to your database. (You should be pretty sure that the mail was really sent by that person, not someone pretending to be them.) If you have someone’s public key in a database, when you write them an e-mail, you can select to send it encrypted. You can also select to digitally sign your e-mails (which will allow other people to send you encrypted messages). If you receive an encrypted message, it will be automatically decrypter for you.
It really is as simple as checking “sign this message” and “encrypt this message” when sending mail, and clicking “import this signature to my contact list” when receiving a signed mail. Otherwise it is like normal e-mail use.
I haven’t used e-mail encryption for a while, I am not sure how exactly to set it up, but once it is installed, it’s very easy to use. Here is what I know, though you will need more details; perhaps someone here can add them.
First, you need a mail client that supports encryption. I use Mozilla Thunderbird as an e-mail client, and there are some plugins that support encryption. I don’t have recent experience with them, so I don’t know which one to recommend. (After short googling, Enigmail seems to be a popular choice.)
Second, to send encrypted e-mails or digitally signed e-mails, you need a public/private key pair. There are some softwares that will generate such pair for you, and you will add them to your mail client. Additional layer of security is if you have a certificate confirming that this is your public key. (Such certificate protects you against a kind of attack where I would send your friends an e-mail pretending to be written by you, including my public key pretending that it is your public key—or I could do the same thing by hacking your webpage, if your public key is published there.) Last time I tried this, there were some certificate companies that would give you a free certificate, but only for non-commercial use and with validity of one year. Another use of certificate authority is that if someone steals your private key, you can publish an information that people should not use the corresponding public key anymore.
Please note that encryption and digital signature are two sides of the same coin. Simply said, encryption (based on public/private keys) is “everyone can write, but only one can read”, and digital signature is “everyone can read, but only one can write”. Actually, there is no difference between private and public key—they are just two numbers that together have some mathematical property, and their role in this property is symmetrical: if you encrypt something with public key, you can decrypt it with private key (this is called encryption), and if you encrypt something with your private key, you can descrypt it with public key (this is called digital signature verification).
This is the difficult part, but once it is done, using the system is the easy part.
If you receive a digitally signed message, it will have an icon (colored pen). By clicking on the icon you can add the person’s public key to your database. (You should be pretty sure that the mail was really sent by that person, not someone pretending to be them.) If you have someone’s public key in a database, when you write them an e-mail, you can select to send it encrypted. You can also select to digitally sign your e-mails (which will allow other people to send you encrypted messages). If you receive an encrypted message, it will be automatically decrypter for you.
It really is as simple as checking “sign this message” and “encrypt this message” when sending mail, and clicking “import this signature to my contact list” when receiving a signed mail. Otherwise it is like normal e-mail use.