The email infrastructure that everyone uses is, by design, not secure. While most people connect to their email servers using a secure (“SSL”) connection, some servers allow unsecured access. Furthermore, as the message moves through its transmission path from sender to recipient, the connections between each server are not necessarily secure. It is possible for third parties to intercept, read and alter email messages as they are transmitted.
When you digitally sign a message, you embed information in the message that validates your identity. When you encrypt a message, it appears to be “scrambled” and can only by read by a person who has the key to decrypting the message. Digitally signing a message ensures that the message originated from the stated sender. Encrypting ensures that the message has not been read or altered during transmission.
To encrypt messages, you can use the public-key cryptographic system. In this system, each participant has two separate keys: a public encryption key and a private decryption key. When someone wants send you an encrypted message, he or she uses your public key to generate the encryption algorithm. When you receive the message, you must use your private key to decrypt it.
The protocol used to encrypt emails is called PGP (Pretty Good Privacy). To use PGP within Thunderbird, you must first install:
These two applications also provide the capability to digitally sign messages.
Installing GPG and Enigmail
To install GnuPG, download appropriate package from the GnuPG binaries page. Follow the installation instructions provided for your particular package. For more information on installing PGP on specific operating systems, refer to:
To install Enigmail:
- In Thunderbird, select .
- Use the search bar in the top right corner to search for Enigmail.
- Select Enigmail from the search results and follow the instructions to install the add-on.
Creating PGP keys
Create your public/private keys as follows:
- On the Thunderbird menu bar, click and select .
- Select Yes, I would like the wizard to get me started as shown in the image below. Click to proceed.
- The wizard asks whether you want to sign all outgoing messages or whether you want to configure different rules for different recipients. It is usually a good idea to sign all emails so that people can confirm that the email is indeed from you. Message recipients do not need to use digital signatures or PGP to read a digitally signed message. Select Yes, I want to sign all of my email and click to proceed.
- Next, the wizard asks if you want to encrypt all your emails. You should not select this option unless you have the public keys for all the people that you expect to send messages to. Select No, I will create per-recipient rules for those who send me their public keys and click to proceed.
- The wizard asks if it can change some of your mail formatting settings to better work with PGP. It is a good choice to answer Yes here. Click to proceed.
- Select the email account for which you want to create the keys. You need to enter a password in the ‘Passphrase’ text box which is used to protect your private key. This password is used to decrypt messages, so don’t forget it. The password should be at least 8 characters long and not use any dictionary words. (See this Wikipedia article for information on creating strong passwords.) Enter this password twice and click to proceed.
- The next screen displays the preferences you configured. If you are satisfied, click to proceed.
- When the process of creating your keys is completed, click to proceed.
- The wizard will ask if you want to create a ‘Revocation certificate’ which you would use if the security of your key pair was compromised and you needed to inform others that it is no longer valid. If you want to create the file click on and follow the steps on the subsequent screens. Otherwise, click .
- The wizard finally informs you that it has completed the process. Click to exit the wizard.
Sending and receiving public keys
Sending your public key via email
To receive encrypted messages from other people, you must first send them your public key:
- Compose the message.
- Send the email as usual.
Receiving a public key via email
To send encrypted messages to other people, you must receive and store their public key:
- Open the message that contains the public key.
- At the bottom of the window, double click on the attachment that ends in ‘.asc’. (This file contains the public key.)
- Thunderbird automatically recognizes that this is a PGP key. A dialog box appears, prompting you to ‘Import’ or ‘View’ the key. Click
- You will see a confirmation that the key has been successfully imported. Click to complete the process.
Sending a digitally signed and / or encrypted email
- Compose the message as usual.
- To digitally sign a message, select
- If your email address is associated with a PGP key, the message will be encrypted with that key. If the email address is not associated with a PGP key, you will be prompted to select a key from a list.
- Send the message as usual.
Reading a digitally signed and / or encrypted email
When you receive an encrypted message, Thunderbird will ask you to enter your secret passphrase to decrypt the message. To determine whether or not the incoming message has been signed or digitally encrypted you need to look at the information bar above the message body.
If Thunderbird recognizes the signature, a green bar (as shown below) appears above the message.
If the message has been encrypted and signed, the green bar also displays the text “Decrypted message”.
If the message has been encrypted but not signed the bar would appear as shown below.
Revoking your key
If you believe that your private key has been “compromised” (that is, someone else has had access to the file that contains your private key), you should revoke your current set of keys as soon as possible and create a new pair. To revoke your current set of keys:
- On the Thunderbird menu, click
- A dialog box appears as shown below. Check Display All Keys by Default to show all the keys.
- Right-click on the key you want to revoke and select Revoke Key.
- A dialog box appears asking if you really want to revoke the key. Click to proceed.
- Another dialog box appears asking you to enter your secret passphrase. Enter the passphrase and click to revoke the key.
Send the revocation certificate to the people you correspond with so that they know that your current key is no longer valid. This ensures that if someone tries to use your current key to impersonate you, the recipients will know that the key pair is not valid.