Raising the Shields – Part 4: Encrypting E-Mails and How Search and My Smartphone Stand In the Way

On my way to putting some more privacy through encryption and self hosting between me and the rest of the world the next step was looking at email as that is certainly one of the main means of communication for me.

As I already use Thunderbird as my email client instead of a web mailer interface, getting PGP (Pretty Good Privacy) encryption to work is quite easy. The only thing that is required on my Linux notebook is the installation of the Enigmail plugin in Thunderbird, which is straight forward. On a Windows box, GPG (Gnu Privacy Guard) has to be installed in addition.

Once installed, the next step is to create a public/private encryption key pair of which the public key is then distributed to friends and colleagues so they can use it to encrypt email they want to send to me. The other end needs to do the same and once you have imported someone's public key into Enigmail's key repository, encryption works both way. Also, each end can digitally sign their emails so it can be verified that the email is not forged.

So much for the elevator pitch version, for detailed step by step instructions on how to get this working, have a look here.

Simplicity is Key

As I want to use email encryption to communicate with non-technical people one thing that is very important to me is that the Engimail plugin can be configured to automatically encrypt emails to addresses for which a public key has been imported. While not straight forward, this can be done by creating Enigmail encryption settings per email address. One can also configure Enigmail not to ask for a password to access the key store which makes encrypting and decrypting emails completely transparent to the user. Not quite ideal from a security point of view but probably the only option from a non-technical user usability point of view…

There is one big catch, however: Emails remain encrypted on the PC and searching the body text later on in Thunderbird is not possible as the decryption module is not hooked into search. I don't search my emails a lot but I need that function from time to time to find an important email I have sent or received ages ago. A pretty high price to pay for encrtyption if I can't search my email anymore. The obvious solution for this would be too hook decryption into the code that searches my email database. Another option would be, since my hard drive is encrypted anyway, to remove encryption from received and sent emails and only keep the sender's signature. This way, search would work again and emails would remain readable.

PGP on Mobile

I also need encryption and decryption of my emails to work on my Android smartphone. Again it turned out that I have the necessary stuff already in place since I already use K-9 mail instead of Google's native Android email program. While K-9 doesn't support PGP encryption out of the box there's an OpenPGP plugin called APG in Google's app store. K-9 needs to be reinstalled after APG is up and running but this is quite painless by exporting and importing K-9's configuration to a file.


Multipart-failUnfortunately, and that's another big catch for me, APG only supports simple emails.
Emails that come in multipart MIME format, e.g. because there's a file attachment, or because it has been setup up this way by the originator are not yet supported. When looking at the APG website and mailing list, it looks like there has been no real development since 2010. In other words, the project seems to have stalled.

Things That Are Never Encrypted

Despite encryption, the sender and receiver of an email are always sent as plaintext, so the metadata of whom I communicate with can still be recorded. Also the subject line of encrypted emails is also in the plain, something that one should also be aware of as well.

Summary

Being unable to search through stored emails that are encrypted and K-9's very limited PGP support, secure emailing becomes quite impractical for me for the moment. A typical
convenience trumps security decision. But these shortcomings are not inherent to the basic encryption process and could be fixed in furture software versions of Enigmail, Thunderbird and K-9.