Hi!

After the previous article about PGP, here are some real use of encryption.

On Android, you can easily encrypt your emails, using the Open Source email app "K9-Mail'. See my previous post about Android Email App, where you will understand that protecting your privacy is very important, especially using Email App.

To permit K9-Mail to encrypt/decrypt emails, install the application "OpenKeyChain" from F-Droid or the Play Store. This is of course an Open Source software, so no secrets and no backdoors. This application allow you to manage private/public PGP keys, and use them in other applications.

After installing it, start the app. The first screen will ask you to create or import your private key. If you already got one, with USB put your private key on the phone (and remove it after the process!). Do not send the private key on your phone using mails... don't forget the criticity of private key :) If you don't have one, follow the wizard to create your own key. Don't forget to export it after, and backup it!

alt

When the key is created/imported, you will see it on the main screen.

alt

Now, in the parameters on the left, enable the link to the contacts. The app will ask you to allow contact access (say yes). I will allow on K9-Mail, and other app, to search for a key when you use a contact name.

alt
alt

On K9-Mail, you can now enable the encryption. Go to "Account settings", and "Cryptography". Choose OpenKeyChain app on the OpenPGP application, and select your key. You can enable the signing support for unencrypted mails too.

alt
alt

Now your K9-Mail is ready to decrypt mails for you, or sign mails.

But what about encrypting mails for other people? Like explained on previous article, to encrypt a mail for Alice, Bob (you) need Alice's public key.

On the OpenKeyChain, touch the "+" button. You can scan a QR code from other application, or import a file, or search on PGP server.

alt

When the file is imported, it will appear with an orange exclamation mark, because the key must be validated. You can use the key, but don't forget to validate with the real person the validity of the key.To do that, touch the key, and confirm the key scanning the QR code from the real person's application.

Now, on K9-Mail, when you will send an email to a person, the app will propose to encrypt the mail if the public key exists for this person.

Enjoy !!