Easy to use email encryption

I've been researching email encryption recently, and have come across various sites, but I know I'm not even scratching the surface.
But what I'm after is an easy to use email encryption software that even my grandmother could use... FireGPG, although now defunct, is an example of something far too complicated with key exchange etc. as well as instantcrypt key creation although very simplified. Hushmail and Xerobank offer email services as well but the keys are kept on their servers which I don't feel too secure about.
Is there an encryption service out there with a transparent key exchange as well as reassurance that your encryption actually worked?

A lot of the threads are very technical which is not the direction I'm trying to go with this one. Maybe a post about which encryption service you like and briefly something about how the key exchange works.

Thanks all!

 

Thunderbird with Enigmail is pretty straightforward. It works with any IMAP email account, AFAIK. However, one must create a GPG key pair, and put the public key on keyservers. I don't see how to get around that without ceding control of your private key. With a good "quick install guide", most folks could probably manage it.

 

Hey Simon

First things first - you will probably get resistance from most if not all of your contacts as the general public can't be bothered with securing their email yet. One day it will be the "Norm" but not at this time

You are correct in your approach as to make it as easy as possible for your contacts to adapt if they wish to and is the reason why i have recommended InstantCrypt previously. With the help of the built-in help demos, found the learning curve fairly straight forward and will handle the key exchange for you. Best thing about InstantCrypt is it can be used with webmail (no email client needed) and also encrypt attachments so IC has a leg up on simple text encryption programs.

Another direction you could look is something like "TrulyMail" It is a fully functioning client capable of handling regular email, sending regular email as "encrypted attachments" or "Fully transparent encryption/decryption between TM users" Both parties need trulymail installed and need to accept each other after an invitation. Once done, everything is automatic. Your trulymail is encrypted clientside, sent and stored on the trulymail servers and then received and decrypted clientside. Everything is encrypted - even all the header information.

Your keys are stored clientside as well and have tested this by locating my keys and moving them to another location. Trulymail wouldn't open unless shown the new location of the keys.

 

You didn't say it had to be "free" so i want to mention an excellent service called CryptoHeaven - http://www.cryptoheaven.com/

They've been around for a number of years and prices start at $7.99/month and if you pay yearly, it's only 5.50/month us dollars.

You get - 200 MBs encrypted storage
- encrypted chat, mail, file-sharing

Encrypted mail can be sent to non-cryptoheaven users which they access by following a link to a web version of the cryptoheaven desktop client.

All regular email (sent plaintext such as hotmail, gmail, etc) sent to your cryptoheaven account is automatically encrypted with your public key when they hit the cryptoheaven servers.

I'm running a free trial account right now which is good for 3 months. Will probably subscribe when the trial ends as i think it's an excellent service which gives the user options to deal with contacts that can't be bothered with encryption.

Edit: Forgot to mention that "you" store your private (decryption) key, not the servers and again, like trulymail, the cryptoheaven client will not open without your keys!

Edit#2 :

I think this is inaccurate - the cryptoheaven client your non-encryption contacts access is loaded via a "java" applet so (and please correct me if i'm wrong) this is still secure as the java runs from ones computer. They aren't simply using a web interface which i deem less secure.

 

Also, adding to tobacco's post...they've been around and are aren't a fly-by-night company. In fact, Cryptoheaven was one of the Internet's first privacy services. They go back to the nineties.

 

The easiest email encryption system I know of where you get to keep the encryption keys is this one.

1) Write email message on Notepad

2) Use Winrar to compress Notepad message and attach file if necessary, password protect it. (Winrar uses AES128 for encryption)

3) Call your grandmother and tell her the password over the phone.

It is not military grade security, but you can't have everything.

 

Your'e going to have to exchange keys no matter what you do. That's just the way public key encryption works. As others said, I think Thunderbird and Enigmail is the best way to go. You can use GnuPG or PGP to create your keys and then upload your keys to a key server. From there your contacts will be able to download your key from the server. Thunderbird/Enigmail automates this.

 

Email certificates maybe? With any software that helps protect your privacy will require you to do extra processes. Video on certificates http://www.youtube.com/watch?v=Pm_079B4d6s. You still deal with keys and exchanging them.

 

Thanks for the link!

 

Thanks for all of the suggestions everyone. I was discussing this with someone and they suggested Hushmail which has a seamless key exchange and encryption process.

Fortunately I can try it out before I commit. If this doesn't work out I guess I will have to go with the idea that the key exchange is necessary and unavoidable.

Thanks again

 

I would "re-think" that suggestion - http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/

 

Wow, thanks for sharing that. Very helpful. A little confusing about the Java bit; if I use the Java applet is it more secure? Even if I am targeted?
CTO Brian Smith said: "Turning on Java provides an additional layer of security, but is not necessary for secure communication using this system[...]" Are they trying to dissuade their clients from using Java and therefore relying on Hushmail servers?

Gosh, so many more questions now....

 

It's actually very simple -- your private key is either private, under your control, or it's not.

 

So then I guess you're implying that any service like Hushmail is bad... that if I want privacy i need to go the long route with the key exchange and an obvious encryption with each email I send.... I guess the lucrative thing about hushmail was that i didn't need to do that, but here we go again with the trade offs: ease of use=less privacy.

 

You want a service where both your password and private key are stored on your computer. Some store both of your keys (public and private) on their servers - meaning they already hold your decryption key and just need to gain your password which hushmail proved can be done.

CryptoHeaven, TrulyMail and also O!polis(not tested it yet though) do everything and store everything "locally".

 

And it shouldn't be this way. The only way should be the simplest and most secure way, and the HCIsec (Human-Computer Interaction Security) types are working towards that problem; in fact, one of the first, and pioneering case studies, was PGP: "Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0."

Vincent Rijmen, who you might know as one of the co-designers of the AES, and I, worked on what we call "green cryptography," which promotes simplicity and security as mutually-dependent factors in real-world cryptographic engineering, and we have a project in the works that aims to instantiate this in practice.

Usability and privacy are both important, and must co-exist; there's no reason to settle on the belief that one is a burden on the other. Unfortunately, a bulk of available solutions do nothing to counter this belief. The sooner we take security decision-making out of the hands of both developers and users, the better.

 

Just started reading, but great article so far. Thanks for sharing. The authors are more eloquent at expressing what I was trying to say earlier. I think the paper hits the nail on the head, and as you stated: "usability and privacy...must co-exist."

What do you mean by this? Shouldn't users and developers work together, or perhaps be one and the same in the sense that the developers know exactly what would/n't work by conferring with the user? Can you explain what you mean?

 

What I mean by this is that developers shouldn't be burdened with making cryptographic design decisions and users shouldn't be burdened with configuring cryptographic features. By doing so, we're asking them to act outside of their know-how.

Instead, we should have a cryptographic framework that makes these decisions for developers, and one that provides a secure-by-default interface to users. No ad-hoc, piece-meal implementation or smorgasbord of block ciphers and hash functions.

If we're talking about interfacing, in general, then yes, it makes sense for developers to take cues from users as to what feels more tactile and makes for a more intuitive navigation process. But security is a terrain that neither developers nor users should be expected to tackle.

 

I quoted this again because this is unfortunately the toughest obstacle to overcome in your efforts to improve email security.

I think i am sometimes misunderstood on this subject so i want to say for the record that i am in complete agreement with those preaching the use of open pgp and handling (encryption/decryption) it yourself. However, at this present point in time, it's not only impracticable but damn near impossible to implement in day to day email exchange

It is for this very reason why i have looked for and recommend making it as easy as possible for your contacts to grasp and accept your desire to encrypt your email correspondence. Telling them to download and install Thunderbird/Enigmail/GPG4WIN and send you their key is not gonna happen in most cases. Trust me, i've put in all the effort for my contacts with very little success.

Which is why for the time being( until the general public makes email security a priority), you need to look at other means to do the best you can until that day comes. It may not be perfect, but it's a start and much more secure than continuing to send and receive everything "plain text".

I know it's "payware" but give CryptoHeaven a trial (trial account good for 3 months) and you'll see the flexibility it has when dealing with contacts who don't want to be bothered with encryption.

Again other freebies like O!polis are less flexible but make the process easier for your contacts if they will create a free account and install and use the client.

I know some are against TrulyMail because they are "closed source" but for what's it's worth, here are my thoughts on them.

They have a business model which in the upcoming new release (3-6 months), will offer a pay version (more features) along with the free version( which will get some new features as well) They use the inbuilt encryption features in windows. You get a trulymail address and a client (installed or portable mode). This client handles all encryption/decryption automatically (clientside) between trulymail users. The client can also handle regular accounts and email such as hotmail, gmail, etc. Can also send/receive secure email from normal accounts such as gmail as "encrypted attachments".

I have probably exchanged upwards of 30 emails with their support and they have always answered promptly and to my satisfaction.

Whichever way you decide to go, keep in mind that the "process" and "storage" must be done "clientside"

EDIT: Since i'm only using a trial account and my current cryptoheaven address will not be my final address if i subscribe, if any of you wish to see a demonstration of cryptoheaven and have Java (client based on java), send me a P.M. You will not need to install the client. And if you wish, just use a junk email address like for forum filling.

 

Thanks for all the advice. There's a lot to look at and sort through, but all of your advice and recommendations have been helpful. I appreciate the serious and honest impute about all of your experience and the "realities" of what is actually offered today and the reasons for it being so e.g. with the user interface design and the resistance, no matter what, that I will get from those I ask to use encryption.
I'll do some more research and let you know what happens!

 

Could someone tell me what the last version of PGP for e-mail, and disk encryption was before Symantec bought them out? I was curious because they still have a version of it on oldversions.com. http://www.oldversion.com/PGP-Freeware.html It appears that this was a version from 2002 when i looked at wiki. I'm also not really sure if this is for e-mail or disk encryption since i have not installed it.

 

Last version is 10.0.0. Not cheap but can be used in a limited free version with email encryption(through clipboard only), file shredder and i think pgp self decrypting archives.

Who knows if it's backed doored now Glad i kept my download from before they were bought out

 

This corresponds to my experience. I wote instantcrypt this because I wanted him to understand my issues with encryption:

Encryption presents unique communication problems because both parties must understand it and have compatible agendas BEFORE communication can begin. Therefore, straightening out the pre-encryption protocol (anything that happens in the user/recipient communication pre-key exchange) must happen as kind of a "proto-communication." This is where people falter."

I mean, you're already communicating with the guy. And chances are you're using email. And it's not encrypted. If you want it to be, you actually have to teach him how to do this. His encryption is your problem. That's why email encryption is hard.

I going to against the grain and say that I think Hushmail is an a good intro to crypto. It gets users used to the idea of encryption. It is better than nothing. It's easy to sign for, it's free, and anyone who needs more than web-based email already knows exactly when, why, and how Hushmail was compromised in the past. But users can see that messages are encrypted and get used to the terminology. Let's remember, we're interested in a societal shift - first comes vocab. Then, people can begin to appreciate a user friendly looking software like InstantCrypt. And then they can encrypt files apart from email with something friendly like TrueCrypt. Then, pretty soon, they're on Wilders hoping Justin posts something on Mackeral

 

Hi Nix

Here's the problem with that and i'll give ya a real world example -

There ya go, how the heck does the user wanting to secure "all" their email beat that

 

Aside from the subtleties of real-world implementation, user interfacing is probably one of the hardest things to get right, and it's a real problem. It would pay InstantCrypt well to look into the niche sub-field of HCIsec, or Human-Computer Interaction Security; one of its pioneers, Alma Whitten wrote a seminal paper, while at Carnegie-Mellon University (now at Google), titled, "Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0." She also started a Yahoo! group, which is populated by some well-known security folk who are glad to lend their opinion.

I hope to have an update by the middle part of this month; it's still coming together.