How to Configure & Use PGP Encryption for Email (Mac OSX Instructions)

Pretty Good Privacy (PGP) is a type of digital mail encryption program. Email that is sent over the Internet is akin to a postcard, in that any third-party who intercepts it can read the message. Encrypted email is analogous to a letter sealed inside of an envelope; while it is still possible for third-party interception to know whom the senders and receivers are (as well as the content of the subject line), they cannot read the message itself. PGP uniquely combines both private and public key cryptography to provide the best possible “envelope” for your email communications.

In regards to privacy, you should keep a few items in mind when using PGP. Despite PGP encryption being still legally regarded by the central government as a munition, it is now exportable to other countries (provided they are not on the list of countries, groups, or even individuals subject to US export controls). The very use of PGP itself might attract digital surveillance by agents of the State, since even if they didn’t have a backdoor, they could still tell that you wanted to prevent at least casual decryption of your messages by third-parties; of course, if more people used PGP that would it make it that much harder for government snoops to surveil anyone.

While some PGP users would suggest that all users always use PGP for every single email, this is not always possible, whether because a user needs to communicate with an individual who refuses to use PGP, or because an email is being sent to a public email list anyway. Finally, you’ll need to consider how you and your contacts will exchange each of your public keys with each other (sending them in the form of a PGP key block or as an ASC file attachment via email is the least desirable, although there are a combination of digital and offline methods that can be pressed into service to provide at least a semi-secure transfer of the keys).

The following tutorial will demonstrate how to configure PGP for the Apple Macintosh operating system using the GNU Privacy Guard (which is the free and open source software implementation of the OpenPGP standard as developed by the Free Software Foundation), the Thunderbird email client, and the Enigmail plugin for Thunderbird. Any other combination of software and operating systems are not applicable for this particular set of instructions (if you want to install PGP for the Windows OS, you need to view this set of instructions instead).

 

The PGP Encryption Installation Guide

Before you get started, make sure you first have 1) a reliable Internet connection, 2) a good browser, and 3) an email address that uses a webmail provider (preferably one that uses POP3) that you would like to allocate for PGP encryption.

Step 1: Download the Thunderbird email client.

 

 

Step 2: Configure the email address you want to use with Thunderbird.

 

 

Step 3: Download and install the Enigmail plugin through Thunderbird (look for “Add-ons” under the “Tools” menu bar).

 

 

Step 4: Download and install GPG Tools.

 

 

Step 5: Create a key pair (which constitutes a public key and a private key) by using the same email address you configured with Thunderbird and choosing a passphrase that you would be comfortable typing every time Thunderbird prompts you, so that you can read your encrypted emails. While you could use GPG Keychain Access to create the key pair, the screenshots below show you how to do the same thing with the OpenPGP Setup Wizard (look for “Setup Wizard” under the “OpenPGP” menu bar).

 

 

Step 6: Export your public key and keep it on your hard drive as well as another copy on at least one USB flash drive (for the GPG Keychain Access method, simply highlight the key by clicking on it, then click “Export,” and then choose where to save the ASC file).

 

 
Step 7: Find another individual who has completed the previous steps and exchange each of your public keys (preferably by trading the exported ASC files, instead of the PGP Public Key Block text). Once each of you have imported each other’s public key into the GPG Keychain Access application and/or the OpenPGP Setup Wizard, then each one of you should send the other a test encrypted message just to make sure you have configured everything correctly (this is best done in person or over the phone, the latter of which either by landline, cellular, or VoIP).

Congratulations, you’ve successfully installed PGP; now you can send and receive encrypted email. If you’d like additional technical support with installing PGP as per this specific combination of software on a Mac OS, then feel free to send me an email (additionally, if you’d like to test whether you configured PGP correctly, also feel free to use my PGP Public Key, but remember, I’ll need yours first), preferably with the subject line “PGP Configuration Help.” If you would prefer some additional guidance with using GPG Keychain Access, I would suggest you watch the “GPG Encryption Software for Mac,” “GPGTools Screencast,” and “Adding GPG to Services/Encrypting/Decrypting on a Mac” video tutorials.

7 thoughts on “How to Configure & Use PGP Encryption for Email (Mac OSX Instructions)

  1. Pingback: Sending PGP encrypted email with Gmail and Mailvelope | Dunlap Dabbles

  2. This is not compatible with Windows variants of PGP. I’ve sent to others and they cannot use it without installing a windows plugin. Is there no way to be compatible?

  3. Pingback: A History of Dragnet Wiretapping | From the Trenches World Report

  4. Pingback: Data-mining the Haystack: Should You Attempt to Overload the NSA's Servers with "Suspicious" Email Keywords? - The Last Bastille Blog

Leave a Reply

Your email address will not be published. Required fields are marked *