Facebook just released a great use case for OpenPGP encryption in Gmail and other web email providers. You can now configure Facebook to encrypt all email it sends you with OpenPGP.
Whether or not you use Facebook, it’s surprisingly easy to use Mailvelope to integrate OpenPGP with Gmail and other email providers. Mailvelope is a browser extension for Chrome and Firefox that lets you encrypt messages that you write and decrypt messages that you receive.
The encryption can be done externally to the web email interface, so your email provider does not have access to the plain text of your email message.
OpenPGP is based on public key cryptography. You have two keys — a public key you can share with everyone, and a private key that you keep secret. Everyone can use your public key to encrypt messages they send you, but only you can decrypt them using your private key.
Why encrypt email? Email is generally transmitted in plain text across the internet, meaning a hostile party can intercept it. With the web (http) moving to encrypted connections for everything, email is left as an insecure communication medium. You as a user have to take active steps to make it secure.
Here’s how you can transparently integrate OpenPGP encryption with Gmail and Facebook:
- Install Mailvelope
- Generate a new key in Mailvelope options
- Go to Display Keys, click on a key, go to Export, and copy the public key
- Open your Facebook profile, go to About > Contact and Basic Info, and paste in the key in the PGP Public Key field
- Facebook will send you an encrypted notification. Mailvelope should turn your browser cursor into a golden key when you hover your cursor over the encrypted contents
You may also want to share your public key on keyservers like the MIT PGP Key Server or the PGP Global Directory. In principle, that will allow other people to send you encrypted email messages that only you can decrypt.