Email Encryption


Revision as of 14:00, 29 June 2021 by Wikiadmin (talk | contribs)

When you digitally sign a message, you embed information in the message that validates your identity. When you encrypt a message, it appears to be "scrambled" and can only by read by a person who has the key to decrypting the message. Digitally signing a message ensures that the message originated from the stated sender. Encrypting ensures that the message has not been read or altered during transmission.

Overview

The following three steps will use the Bravenet console to create two PGP email accounts enc1 (Encryption 1) and enc2 (Encryption 2) and one regular non-encrypted email account noenc (no Encryption) to setup PGP capable email.

enc1@domain.com       # Email 1 configured with PGP encryption
enc2@domain.com       # Email 2 configured with PGP encryption
noenc@domain.com      # Email 3 configured without PGP encryption to prove encryption is working

Step 1 Create Three Email Accounts

Use the following link to login to an existing Bravenet Account. https://www.bravenet.com/login

Please substitute domain.com for your own custom domain in the instructions below.

Create Three Email Accounts

  1. Email > New Email Address
  2. enc1@domain.com
  3. Email > New Email Address
  4. enc2@domain.com
  5. Email > New Email Address
  6. noenc@domain.com

Configure Encryption on enc1 and enc2 email accounts

  1. Email > enc1 > Webmail
  2. Settings > PGP Keys > Click (Create) > Choose Password and Confirm Password (Please Note your Key Pass Phrases during this process) > Save
  3. Settings > Preferences > Encryption
  4. Select all of the following Settings with a checkbox:
    1. Enable message encryption and signing
    2. Enable message signatures verification
    3. Enable message decryption
  5. Click Save
  6. Repeat above step to Configure PGP for enc2


Step 2 Setup - Swap Public keys (enc1 and enc2)

  1. enc1 to send enc2 Public Key
    1. Compose (Send) Email
    2. Compose (Note Encryption Tab in Webmail Compose Menu/Tab)
    3. Attach my public Key
    4. Send
  2. enc2 to Import Senders Public Key
    1. Receive Email Import Public Key
  3. enc2 to send enc1 Public Key
    1. Compose (Send) Email
    2. Compose (Note Encryption Tab in Webmail Compose Menu/Tab)
    3. Attach my public Key
    4. Send
  4. enc1 to Import Senders Public Key
  5. Receive Email Import Public Key


Step 3 Test your emails

The test listed in Step 3.1 below should send an encrypted and signed email successfully. The test listed in Step 3.3 below should fail because enc1 has not received a public key from noenc.

  1. enc1 to send to enc2 with Digitally Sign This message and Encrypt this message
    1. Compose (Note Encryption Tab in Webmail Compose Menu/Tab)
    2. to: enc2@domain.com
    3. Digitally Sign This message
    4. Encrypt this message
    5. Send
  2. The passphrase requested is step 2.1 above.
  3. Verify enc2 received your signed and encrypted email
    1. enc1 to send to noenc with Digitally Sign This message and Encrypt this message
    2. Compose (Note Encryption Tab in Webmail Compose Menu/Tab)
    3. to: noenc@domain.com
    4. Digitally Sign This message
    5. Encrypt this message
    6. Send
  4. The passphrase requested is Step 2.1 above.

Verify when sending to noenc you receive a Key Not Found error. This is expected as you are trying to send an encrypted message to someone you do not have a public key for

Further Information

    • To receive encrypted messages from other people, you must first send them your public key:
    • To send encrypted messages to other people, you must receive and store their public key:
    • Although we are fully capable of supporting end to end encryption we are do not support Hippa

Further Reading