Encrypt and sign all your Email traffic
If you want to make sure that no one is eavesdropping on your mail traffic you should use encryption. The problem with most encryption services is that setting them up and talking others into setting them up as well is a problematic task. Encryption only works if both the sender and the recipient use the same service to encrypt the emails.
One of the easiest ways to setup a service that encrypts your emails is the encryption software Ciphire. Ciphire is a program that is available for Windows, Linux and Mac and can be downloaded for free from the developers homepage.
Before you can use email encryption you need to generate encryption keys for every email address that you use. Don't worry the process is really easy and straightforward. The first email address can be added during the first start of Ciphire.
The process looks like the following:
- Enter the email address that you want to add
- Ciphire generates RSA, DSA and ElGamal Data
- A verification email is send to the email that you have added in the first step
- Retrieve new mails from your mail client (in my case Thunderbird). The verification email should be amongst the emails. Open it, wait a few seconds and the account creation switches to the next step.
- You can either export the key if you are using Ciphire on different computers (home, work, notebook..) or finish the account creation process
Ciphire uses private and public key encryption. The private key is of course private and used to encrypt messages that have been encrypted by other users with your public key. This means of course that the user who is sending you encrypted emails needs your public key to encrypt them. Most encryption applications had a very complicated method of sending your public key to other users.
Ciphire on the other hand handles this task for you. Whenever you send someone an email Ciphire is automatically checking an Internet database that contains all public keys from all email addresses that are using the system. The email is also digitally signed which means that your account is protected against identity theft as well.
The encryption and decryption process is working automatically. If you send someone a mail and Ciphire detects that the other user is also using Ciphire your email will automatically be encrypted. If you receive an encrypted mail it will be decrypted before it reaches your inbox.
This is by far the easiest way to encrypt emails. It should be noted that Ciphire only works with emails that are received and send from within an email client. If you use webmail accounts you should add them as pop3 accounts to your mail software as well to be able to send encrypted messages with them.
Update: Ciphire's website is no longer available. It is not clear at this point in time if this is just a temporary technical issue or if the project has been discontinued.
I suggest you start using GnuPG instead. The Gnu Privacy Guard is a free implementation of the OpenPGP standard, available for Linux, Windows and Mac systems. It uses the same private and public key encryption scheme as Ciphire.
The website offers an excellent tutorial that walks you through the installation and configuration of the encryption software on your system.Advertisement