eMail Encryption for the Lazy

Introduction

Encryption is no longer the exclusive domain of flamboyant 007-type agents and shady thugs, playing the sort of cloak and dagger games you'd find in a John le Carré novel. Easy to use software brings it within reach of less conspiciuous types, such as yourself. It's even freely available, to boot.

This site is a five step guide that quickly and easily gets you up and running with PGP, the most wide spread e-mail encryption standard. The site is loaded with screen shots, so that you'll get the full picture of what will happen during installation. Hopefully, knowing all this beforehand will remove any barriers you might have against installing the software.

Since this site is "for the lazy", it will guide you through all the settings you need for a no hassle, transparent operation. It will not go into all the little details of cryptography. For that, use the links on the "Further Readings - and Fun!" page.

When you're done here, you will have:

	One click e-mail encryption.
	Automatic decryption of received mail - without even a click.
	Automatic decryption of the encrypted mails you've sent, so that they are readable in your usual "Sent Items" folder - just like your unencrypted sent items.
	The encryption standard with the worlds largest user base.

That, indeed, is not bad for 20 minutes of your time.

Fig 1. One click in Outlook or Eudora is all it takes when you've installed PGP.

Who is this site for?

As the title suggests, this site is for the lazy, i.e. those who want to keep their e-mail correspondence private, but would neither accept their e-mail handling being any less convenient than it is today, nor pay anything for encryption software.

Who is this site not for?

This site is not for those who handle multi million dollar trade secrets, secretly work for human rights movements in countries with opressive governments, etc. Those had better find their own security answers at GnuPG.org, PGPi.org or Phil Zimmermann's site.

What we'll be doing here

The five steps we'll go through are, in short:

Downloading PGP from the Internet distribution site.
Installing PGP on the computer.
Setting PGP's options for convenient operation by the lazy user.
Generating the encryption and decryption keys.
Setting up the e-mail program for use with PGP.

If you want to see how it works in everyday use, jump directly to the next page.

What is PGP?

PGP, which stands for "Pretty Good Privacy", is an encryption software created by Philip Zimmermann. Making the software publicly available made Zimmermann the subject of a criminal investigation. It was considered a crime to make encryption software available outside the USA, which was based on the American notion that only Americans could possibly be intelligent enough to write such programs. The criminal charges helped making PGP and Zimmermann famous and the program is now the worlds most used encryption software. (New laws: The Irony of it)

System requirements

To be able to follow this guide you will need:

	Operating system: Windows 95B (OSR2), 98, ME, NT 4.0, 2000 or XP.
	E-mail client: Eudora, Outlook or Outlook Express.
	A firewall: While not a requirement for PGP to run, your secret decryption key is not safe without one.

Basic computer skills: Knowledge about how to create folders (directories), move files and extract files from a zip file. This is eMail Encryption for the Lazy - not eMail Encryption for Dummies.

If your system doesn't meet these requirements, you can't use this guide, but you're probably still able to use free PGP compatible encryption software. Check out Alternative Software.

Why encrypt?

A common question regarding encryption is "Why should I encrypt my e-mail? I'm not breaking any laws!". Before briefly touching that subject, I'd like to pose the counter question "Why not encrypt? The software is free, installing and setting it up is quickly done in the five steps outlined on this site, and using it only requires a single click on a toolbar button."

As for the original "Why?" question, we all have our own ideas regarding the extent of our private sphere. While it's ok for some to be on a reality show with TV cameras everywhere, including the toilets, others keep their curtains drawn to elude the eyes of their neighbours. Some people, like me, simply think that their mail correspondence is personal, private and nobody else's business.

As for the "I have nothing to hide, I'm not breaking any laws!" claim, it's often heard from people with their hard disks loaded with mp3 files that could render a substantial fine and hefty court fees. The point here, is that a lot of people break a law or two, thinking it's ok just because "everybody else does it and nobody cares". With low cost, automated surveillance, don't be too sure about who cares and who doesn't.

Who is eavesdropping?

Currently (2006), we have no way of knowing who might be reading our mail. What we do know, is that it's not very difficult to do so. More importantly, we also know that governments are working on laws, that not only make e-mail interception legal, but actually mandatory. As you can read in The Register or Ny Teknik (in Swedish), the goal is to keep all your mail stored for seven years, so it can be indexed and searched at the authorities will.

The first step in this direction has already been taken. On February the 21st, EU ministers approved the Data Retention Directive (links: EU Observer, The Register) which was pushed forward by Sweden's Orwellian minister of justice Thomas Bodström and his British colleague Charles Clarke.

The articles referred to above were the reasons I installed PGP on my computer.

Next page: Everyday PGP Use

written by Jörn Rönnow, 2003 (2006). PGP key here.