Sam, why is there a strange attachment in your email?

Since I've been asked this question a few times, I thought I'd write a bit about the way I'm now sending email.

While email is generally a great way to communicate with people, it has a variety of flaws. Two of the most significant flaws are that (1) it's really easy to forge email and (2) the NSA might decide to read your email (as might anyone who is on your network).

These are not new issues; they've existed for about as long as there as been email. And so computer scientists have developed responses. Surprisingly, similar solutions can help address both the verification problem and the privacy problem.

A very common solution (and the one I use) is Pretty Good Privacy (PGP), often implemented through an application called the GNU Privacy Guard (GPG). With PGP, you use a program to generate two values, called "keys" - a public key that you make available to everyone, and a private key that only you know (well, that your computer knows).

When I send a normal email message, my email program computes a special set of text that is based upon my private key and the contents of the email message. That's the strange attachment. Someone who has my public key and the PGP/GPG software can then do another computation that will verify my identify and the contents of the message - if someone tries to forge an email message from me using a different private key, or tries to change the content of the message, the computation will fail. (Don't worry, all of this computation can happen behind the scenes - you just use the software.)

When I want to send an email message that I want it to be hard for others to read, I encrypt the message. Encrypting a message requires not only my private key, but also my recipient's public key. In this case, the software creates a new message based on the original message, my private key, and the recipient's public key. Only someone who has my public key and the right private key can read the message. (Well, someone with a lot of computing power might be able to figure it out. However, it's secure enough that the NSA uses something like this technique for their own messages.)

If you want to be able to verify that email the purports to be from me is really from me, or send your own encrypted email, or digitally sign your own email, you can install your own copy of the PGP/GPG software. It's free.

Here's what I did on my Macintosh. (I use Mail.app for reading email.)

  1. Downloaded and installed GPGMail2 from https://gpgtools.org/.

  2. Followed the instructions they give. (Yeah, I could rewrite those instructions in my own words, but that seems pointless.)

I also made a copy of my key on my Web site: http://www.cs.grinnell.edu/~rebelsky/rebelsky.gpg and uploaded the same file to a public key server, http://pgp.mit.edu.

If you do create a key pair, feel free to send it to me.

I think it's my responsibility as a computer scientist to encourage people to digitally sign their messages and to give people the tools to encrypt their messages. So, if you need more help with any of this, feel free to ask. Just realize that in this case I'm not an expert; I'm just a user. (I've never used the Windows version of this software, http://www.gpg4win.org/, so I won't be great at helping with that. But I've heard it's straightforward. And I can explain general concepts.)


Copyright © 2017--20 Samuel A. Rebelsky.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

You may wish to validate this page's HTML ; Valid CSS! ; Check with Bobby

Samuel A. Rebelsky
rebelsky@grinnell.edu