Email Encryption - Any Recommendations?

jonnyy40

jonnyy40

Experienced member
Messages
1,329
Likes
11
I went to download.com and there are several free utilities.I just wondered if anyone had a personal favourite? I would like it to encrypt both text and attachments to a high standard.Attachments could include video or images (not of a salacious nature!).
 
Not a trivial topic, but I'll give it a go... are you planning on exchanging e-mail with just one person, or many? What's your technical level, and how much are you willing to pay? What's sort of level of attack are you looking to repel (untrained individual, individual with cryptoanalysis experience, small business, major company, major world government)?


Edit: Oh, and how long does it need to resist attack? Hours, days, months, years?
 
The average BT engineer.For ever.Free if possible.There are a few on Free Software Downloads and Software Reviews - Download.com but which to choose? Some offer password encryption but then you have to send the password somehow? Others mean the recipient has to download the same software you have.I'm a technical novice and just want something workable that I can have reasonable faith in.If there's something that would make Yahoo Messenger secure as well that would be good.I just want to keep what I'm saying to various women online between us and not for the whole village.(Talking ,not any activities).I'd like to be able to send secure files too.In Skype's acceptance document it mentions data and recordings may be shared with other parties or used for research.I would like my online communications to be as nearly secure as Royal Mail as possible.
 
Two options:

PGP (pretty good privacy)

Hushmail (google it, which uses PGP). Hushmail is excellent for mobile folk needing a web interface.
 
Thanks to both of you and if there are other suggestions I'd be interested too.(Just to get educated).I did actually hear something that made me a little paranoid hence my question about the town exchange.
 
PGP is definitely a good start, although if you just want it to stop bored BT engineers from seeing your e-mail then fairly much anything out there should do. GPG is a free version of PGP, if you don't mind it being rather technical... The GNU Privacy Guard - GnuPG.org

Want to suggest X.509 certificate based crypto, as it's supported out of the box by many e-mail applications, but have no idea where to even start trying to explain it... anyone know of any good guides?
 
I downloaded and evaluated a number of alternatives, and the conclusion was that if you want to avoid technicalities and make it easy for the receiving end Husmail is the way to go. So that is what I am using.
 
nine said:
Two options:

PGP (pretty good privacy)

Hushmail (google it, which uses PGP). Hushmail is excellent for mobile folk needing a web interface.
Click to expand...

HI,

With PGP, do you have to deliver a key to the email recepient upfront?

Alex
 
jonnyy40 said:
I went to download.com and there are several free utilities.I just wondered if anyone had a personal favourite? I would like it to encrypt both text and attachments to a high standard.Attachments could include video or images (not of a salacious nature!).
Click to expand...

N.B: Whatever you use, make sure the Encryption algorithm is open source, like Blowfish.

Blowfish


I wouldn't trust proprietry encryption algorithms because chances are someone in the company has a secret crack.
 
Last edited:
alexander said:
HI,

With PGP, do you have to deliver a key to the email recepient upfront?

Alex
Click to expand...

Sort of. Both sides should create a public/private key pair. They then send their public keys to each other. I'd suggest that you either do this by recorded post, or that if you have to e-mail keys that you call each other and confirm the key signatures (PGP should tell you how to do all of this).

E-mails are then encrypted with the recipient's public key. Once encrypted, only the person with the private key can decrypt the message.
 
http://wald.intevation.org/frs/download.php/355/gpg4win-for-novices-1.0.0.pdf
A pdf explaining the 'key' idea in simple language from the gpg4win front-end for gnupg.It tells you to refer to the 'advanced user' pdf at unecessary moments when it would have been easier to include it all together.Much easier to understand than the wikipedia explanation.It's as rnicoll explains above but with pictures too.Just make sure you keep your 'private key' private.Your 'public key' needs to be transferred.I'd never heard about possible encryption until recently but it certainly makes sense to me with the rogues of the world moving into the internet as a new happy hunting ground.Think I'll also encrypt my files too.
 
If you want simple ... have a look at Hushmail ...

If you want more completeness look at the openpgp solutions. With your public keys you can publish them on a keyserver (there is a network of free keyservers worldwide so you put it up once). Then anyone can get your public key and encrypt a message to it. Similarly you can go to the keyserver and download theirs to encrypt messages to them (the process is gui based point and click so its not hard).

Finally, when you send a clear text or encrypted message you can sign it using your private key (which creates a hash code). The recipient who has your public key runs the message and hash code thru the checker (all happens automatically) and it either confirms you signed it or declares the message not authenticated.

Quit fun really. And its open. And they're the latest public encryption/signing algorithms.

Hushmail does it all without the fun ... but its very very simple (both my girls use it to send private and financial info to me from "hostile" environments).


https://addons.mozilla.org/en-US/thunderbird/search?q=pgp&cat=all

points to enigmail which is an addon for thunderbird that handles the pgp stuff for you (7000 downloads). There are similar things for outlook express etc.
 
rnicoll said:
Sort of. Both sides should create a public/private key pair. They then send their public keys to each other. I'd suggest that you either do this by recorded post, or that if you have to e-mail keys that you call each other and confirm the key signatures (PGP should tell you how to do all of this).

E-mails are then encrypted with the recipient's public key. Once encrypted, only the person with the private key can decrypt the message.
Click to expand...


I don't know the accuracy of the information but I read someplace that this email privacy scheme has a built in backdoor.

Alex
 
alexander said:
I don't know the accuracy of the information but I read someplace that this email privacy scheme has a built in backdoor.

Alex
Click to expand...


Accuracy = 0.
Urban Myth = 1.

Technology = open and public. Multiple algorithms available for your secret satisfaction :innocent:

Seriously, if you use the gnupgp option I suggested then you can download the source code, check for front back and side doors, and compile it yourself. But, given the anti-government paranoia of the encryption community you don't need to go that far.

Enjoy :)
 
new_trader said:
N.B: Whatever you use, make sure the Encryption algorithm is open source, like Blowfish.

Blowfish


I wouldn't trust proprietry encryption algorithms because chances are someone in the company has a secret crack.
Click to expand...

Personally I wouldn't touch proprietry algorithms with a barge pole. If you're lucky, they merely have a crack for it. If you're unlucky, it's about as effective as sticking a large "Do not read" sign over your data. There are some very good, well tested algorithms published, stick with them.
 
alexander said:
I don't know the accuracy of the information but I read someplace that this email privacy scheme has a built in backdoor.
Click to expand...

If it does, an awful lot of cryptography people have missed it. There's a slim chance CIA/NSA or similar have figured out a crack for it, but there's certainly nothing widely known about, and a lot of people (myself included) have tried breaking public key crypto.
 
You must log in or register to reply here.

Similar threads

A
The Essential Crypto Guide
Replies
0
Views
54K
A.M. Singer
A
DaVinciFXGroup
Assistant Indicator Email Alert & InfoPanel
Replies
0
Views
2K
DaVinciFXGroup
DaVinciFXGroup
C
Any TSX Day Traders?
Replies
1
Views
2K
StockHound
S
F
Spread Betting v Trading & Recommendations
Replies
8
Views
2K
windsurfing_stew
W
Sharky
T2W.com Email Accounts
2
Replies
28
Views
9K
Sharky
Sharky
Top