Learn how to keep your emails private and your friends safe by encrypting your emails on your home computer or phone.  Learn the fundamentals of how email encryption and email signing works – and keep hackers from impersonating you.

Why Bother Encrypting Your Email?

Encrypting your email is a trade between security and convenience.  You gain security, but it will cost you some convenience.  It is much more convenient to NOT encrypt your email (see the section near the end of this article).  But here are some reasons you may want to keep your emails private:

• To ensure that a hacker can’t read your email while it is being transmitted or received
• To ensure that a hacker can’t hack into your email server (such as Gmail or your homebrew email server) and read your emails stored on that server
• To ensure that if someone gains possession of your computer – either through theft or because you forgot to wipe your hard drive when you sold it – that they cannot read your emails
• To ensure a family member or friend using the same computer can’t accidentally read your emails if your permission settings are misconfigured
• To ensure a hacker can’t intercept your email, change the contents of the email, and pretend to be you

The first part of this article explains the fundamental concepts in email encryption.  You can skip to the middle section to see clear step-by-step instructions for setting up encrypted email.

About Email Servers

An email server is the computer that stores your email and sends it to you when your phone or home computer asks for it.  Gmail, Hotmail, Apple, and your work email all use email servers.

Email servers are nothing more than a computer connected to the Internet.  Hopefully you trust the company that provides you email – and hopefully they keep those computers secure from hackers and secure from any random person gaining physical access.

But all email servers – like all computers – have some kind of administrator.  There is a human that does have access to the data on your email servers.  This means that a person that neither sent the email nor received the email can potentially read the email.  Yes, it is likely that most reputable companies do encrypt your emails while they are on the server, but someone somewhere has the keys to read that data.

All computers – including servers – have a human administrator.  There is always another human with access to your data.

Email servers – and the fact that someone else has access to your data – is the first reason you might want to encrypt your emails.

About Home Computers and Mobile Phones

When you read your email on a home computer or your mobile phone, this is typically done in two ways:

1. Via Webmail
2. Via an Email Client

Webmail allows you to use a browser to read your email.  Gmail and most email services have a robust webmail interface.  When it comes to security, the good thing about webmail is that the data is stored (somewhat) temporarily.  As long as you trust your web browser and you don’t allow your password (or session) to be stored for a long time, it is not likely that your emails will be around if a hacker comes looking.

An email client is a program – such as Outlook, Apple Mail, or Thunderbird where the email files are downloaded from the server and stored on your computer.  The client then allows you to read those email files in an easy and productive way.  This can be a benefit because you don’t need an internet connection each time you want to read emails you have already downloaded.

However, email clients present a risk because your emails are stored on your computer (or phone), and a hacker could find those emails and read them.  If you encrypt your emails, then it will be much harder or impossible for the hacker to read them – even if they do find them.

How Emails are Encrypted

Emails are encrypted in two main ways:

1. During transmission
2. Before and after transmission (and while it is stored) aka “at rest.”  Otherwise known as end-to-end encryption.

Transmission encryption is something typically done when you use webmail, and SHOULD be done when you use an email client.  Transmission security is not the topic of this article, but is most definitely something you should be doing.  It is much easier than “encrypting” your email as discussed here.  (Here is an article showing how to enable transmission security for Gmail)

Encrypting your data while at rest is important because it spends the overwhelming majority of its lifespan at rest.  Your email takes less than a second to transmit and be received, then it sits on a server or your home computer until you delete it.  Your emails can even reside on your hard drive after you delete it.

Encrypting Emails At Rest

There are multiple ways to encrypt your data at rest.  The method shown in the next section is the most common when discussing “encrypting your emails.”  This method of encryption actually provides three benefits:

1. Non-repudiation (You can’t deny that you sent the email)
2. Confidentiality (Nobody but your intended recipient(s) can read the email)
3. Integrity (You can verify the email was not altered)

Encrypting your data while “at rest” is important because your data is almost always at rest.  Your email takes less than a second to send, then it sits on a computer forever – until you delete it.

Essentially what you will be doing is going to a “trusted” source on the internet (Comodo) that will vouch for you as the owner of your email address.  Comodo will then create a cryptographic “certificate” consisting of a public key and a private key.  The magic here is that the public key can only decrypt things that are encrypted by the private key and vice versa.

You will hold the private key (and the public key) and Comodo will publish the public key to a place where others can view it.  You will keep the private key safe so that only you can use it.

When you encrypt your email, others will be able to ask Comodo, “did this really come from [you]?” Comodo will say, “Let me look this up… ah, yes, I see here that because the public key can decrypt this message, it must have been written by [you].” (this is called Non-repudiation)

When you know someone else’s public key, you can use that public key to encrypt the email and – because of the magic – only the person with the private key (the recipient) can read it. (this is called Confidentiality)

Because the magic won’t work if someone has tampered with the data, when the magic works you know that the contents of the email have not changed.  (this is called Integrity)

So in a way, what you will be doing in the next section is

1. allowing OTHERS to send encrypted email to YOU, and
2. allowing OTHERS to verify that emails you send were actually sent by YOU (and not someone pretending to be you).

If you want to send encrypted emails back and forth between you and your best friend, you must complete the next steps, and so must your friend.

How to Encrypt Email

So you have decided you want to encrypt your emails (or, as explained in the last section, you want others to be able to send encrypted email to YOU).  This section will show you step-by-step how to setup and send encrypted emails.  These instructions were designed using Mac OS 10.13, but should be very similar for Windows, Mac, and Linux running Outlook, Apple Mail, and Thunderbird.

Ingredients

You will need:

• Firefox web browser (allegedly, this also works with Internet Explorer)
• An Internet connection
• An email client such as Apple Mail, Outlook, or Thunderbird (or many mobile email clients)
• A place to store a password
• Access to the email address/account you want to encrypt
• The person you want to send encrypted emails to complete the same steps below

Assumptions

Because this method uses Comodo to issue email certificates, we assume that you trust Comodo.  Because Comodo is generating the encryption keys, they could be storing your private keys and could read your email (if they hack into your email server).  You are going to have to trust somebody!  If your company provides encrypted email, they provide this trust (or they have chosen to trust another company, like Comodo).

Process

1. Open Firefox and access https://www.instantssl.com/ssl-certificate-products/free-email-certificate.html (Comodo’s Email Certificate Site)
2. You should see an option to “Get Now” a Free Email Certificate. Click that button to access the application form.

   

3. On the “Application for Secure Email Certificate” form, you will enter your name, email address you want to encrypt, along with some other information and a sneaky attempt to opt-in to a newsletter. Complete the form and select “Next.”

   

4. You will be congratulated on your prudent decision to keep your email confidential. (behind the scenes, Firefox has saved part of the data)
5. In a few minutes, you will receive an email from Comodo will directions to download your email certificate.
6. The email will contain a link and a password you can use to retrieve the data. Open the link with the same Firefox browser.
7. Enter your password. Press next and you should get a screen that says Comodo is attempting to “collect and install your Free Certificate…”.  You may be prompted by Firefox, acknowledging that the certificate was installed.

   

8. Now that the certificate is store in Firefox, you will need to export the data from Firefox for use in your Email Client on your computer or phone. Go to Firefox Preferences -> Advanced -> Certificates and “View Certificates”
9. You will see a list of your certificates. Find the one you just created (either by “expires on” date or by “view”ing the certificate and going to the “Subject” line to verify the email address you entered) and select “Backup…”

   

10. You will prompted for a location to store the file, and then for a password to protect the file. KEEP THIS PASSWORD SAFE.  This password can allow anybody to read your encrypted emails.  You will also need this password in the next steps.
11. In Mac, find the .p12 files you saved and double click them to open them in Keychain.app. Keychain will ask for the password.
    In Windows, try these steps: double-clicking the .p12 file should prompt Windows or Outlook to open the Certificate Import Wizard, from ciphermail.com.
    Thunderbird, try these steps from ciphermail.com.
    On iPhone, email the .p12 to your iPhone (or open it using some other file services like Drive or iCloud’s Files) and select it, you will be prompted for the password.
12. Once you enter the password correctly: you are done.

Using Encrypted and Signed Emails

Now that you have installed an email certificate, you are ready send signed emails and encrypted emails.

A “signed’ email is one where your public key is attached to the email, allowing others to verify that the email really came from you.  After completing the steps above, most of your emails will be signed without further effort.

When you go to Apple Mail (or Mail on iPhone) to send an email, you will notice the blue seal indicating that a valid certificate was found (and that others will be able to prove that you are sending the email).

An “encrypted” email is one where you and/or the recipient have exchanged public keys already.  You can’t send an encrypted email to someone unless they have sent you a signed email already.

If you have the public key of your recipient (i.e. if you have previously received a signed email from them) you will see a blue “lock” indicating that the email can be encrypted.

If you don’t see the lock (or if the lock is grayed-out), you need the person with whom you want to encrypt the emails to first send you a “signed” email – that’s an email where they have the blue check box highlighted. After that, Apple Mail should recognize that it has their public key, allowing you to encrypt something only they can read.  Some email clients won’t “sign” emails by default… check your settings.

This method uses Comodo to issue email certificates – so ensure you trust Comodo.  Comodo could be cheating and could read your email if they hack your email server or your computer.  You will always have to trust somebody.

Here are some resources for: Sending signed emails in Windows & sending signed email in Thunderbird.  There is a probably a very similar process for your phone.

Typically if I want to have an encrypted email conversation with someone I have never encrypted with, I start by sending an unencrypted, signed email that says, “here is my public key, let’s start an encrypted conversation.”

Congratulations, you have set up signed and encrypted email!

Not Fool-Proof

But wait – this doesn’t guarantee a hacker can never get your data!  This system assumes that a thief does not have your phone or computer in-hand.

If a thief has your iPhone in-hand and the screen is unlocked, they may be able to send an email pretending to be you.  They will certainly be able to read all of the email on your phone.  This is because the client might automatically decrypt emails while you have client open to save you time.

If a thief has your laptop or desktop computer unlocked, they may be able to do the same thing.

To prevent that thief from sending an email pretending to be you, you can tell your client to ask for the encryption password each time you send an email.

The Hassles and Risks of Encrypting Your Email

Congratulations! Your decision to send encrypted emails means you may have to suffer the following hassles:

• Losing keys – if you lose the certificate or the password for the certificate file, you may never be able to read those emails again! (Risk to Availability)
• Expiring certificates – Comodo issues certificates that expire in one year.  That means one year from today you will be back here following the same steps.
• Extra installation steps – As you have seen, there are several steps involved in making this all work.

For some of the things you do, this hassle is probably worth it.  But just consider the incredible amount of effort and infrastructure necessary to make this encryption work – and we didn’t even dive into the work that Comodo has to do to provide this service.