Email encryption is something I’ve always pushed for to whomever is willing to listen! One of the hardest part when it comes to email encryption is the user factor. Many users just don’t see a need to use a desktop email client just to implement some type of email encryption. Many of us are more familiar with accessing our emails right within our web browser. The problem is that many, if not all, web email providers such as Google, Yahoo and Microsoft fails to implement one of the most popular email encryption methods out there, OpenPGP, into their interface. To put it in simple terms, we currently do not have a integrated method of encrypting and decrypting emails from traditional browsers such as Google Chrome and Firefox. The theories of why this is I will leave it to you, the readers, to decide on but one thing is certain to me. Email encryption is sorely needed in this digital time and age and the more users demand of it, the more pressure we put on the email providers to give it to us. Just because you have nothing to hide does not mean you don’t have a need for email encryption. Just as you don’t have “anything to hide” with your laptop doesn’t mean you are willing to give it up for inspection by some government agency! Well, here in this article, I will go over one of the more promising looking web browser extension out there that will allow us to encrypt and decrypt our emails all within our browser!
MailvelopeAt the moment, Mailvelope is only supported for email encryption and decryption with OpenPGP! Email signing and verification is not yet supported, although the developer says that it will be incorporated into the extension in the future. Therefore, if you absolutely require signature signing and verification of emails, Mailvelope will not be your cup of tea. However, please do keep a lookout for this extension because I really believe it has a lot of potential. Also, you can subscribe to the developer’s Twitter account for updates of the extension.
Mailvelop is a browser extension for Google Chrome’s browser along with Mozilla Firefox, although the latter is still in development. An early preview version is still available at the time of this writing (version 0.5.5). What sets Mailvelope apart and makes it so interesting from the few other extensions I’ve tried in the past is its flexibility. Mailvelope, once installed, is able to work within both Gmail, Outlook, Yahoo and GMX webmail interfaces! Many of the other extensions I’ve tried were locked down to mainly Gmail since it is one of the more popular services. With Mailvelope, you no longer have to worry about which mail service you use! The also neat aspect of the extension is that you also get to add other services to utilize Mailvelope! For example, I have an email account with Fastmail.us, which I believe is operated by Opera. By default, Mailvelope won’t recognize that email service but with a click of a button, I can instantly start encrypting and decrypting emails in Fastmail just like how I could with Gmail and Yahoo!
Installation and Configuration
In this article, I will be using Mailvelope within Google Chrome. Installing the extension is as simple as finding it in the Chrome Web Store and installing it like how you would with any other extension! Because I’m such a nice guy, you can find the link to install Mailvelope down below. Hey, that saves you one extra step right?!You can download Mailvelope from here. For more general information about Mailvelope such as documentation, visit their homepage.
Once installed, the first configuration step is to import our private and public keys into the key ring. Sadly, Mailvelope doesn’t support the import of a previous key ring and so what we need to do here is import each and every single private/public key in your library into Mailvelope. To do so, click on the Mailvelop icon at the top right corner and select the Options setting. Of course by default, your key ring is devoid of any keys:
Mailvelope does include the option of generating your own key pair for you but I already have my own key pair so I have to perform an import.
If you click on the Import Keys link, you will see a big text box. Here is where you have to manually copy and paste the PGP block text that makes up your private and public keys. You’ll have to do this for each and every private/public key you want to use with Mailvelope. The bad news is that the extension does not allow one to select a .asc key file and import it that way. The good news is that we can at least paste multiple keys within the text box to import multiple keys at once, although you’ll still have to open each key you have in Notepad or a similar text editor.
For each private key you have, you’ll most likely see both the public key portion along with the private key portion. For every recipient public key, you’ll obviously see just the public key portion. What you need to do is copy this block of gibberish text into Mailvelope. Below, you can see that I’ve opened my private key for email@example.com within Notepad:
Below that part is my private key, which looks similar except it says “PRIVATE KEY BLOCK” instead of PUBLIC. I simply copy this entire text and paste it into Mailvelope as such and click on the Submit button. If everything goes as planned, you should see two green success messages stating that the import process was successful. For the purposes of this demo, I will also import the public key of my other email account, firstname.lastname@example.org.
If I head back to my Key Ring section, I can now see that I have my public/private key for my main email account and the public key of the email account I will send encrypted email too.
As far as setup goes, I am now prepared to send encrypted emails to one of my recipients along with being able to decrypt emails sent to me with my private key within Mailvelope!
Sending Encrypted EmailsMailvelope at this time does not support encryption of attachment files in the emails so please keep that in mind! Want to test Mailvelope? Simply download my public key here (right click, save-as) and send me an email at email@example.com.
Clicking on this icon presents us with a pop up box allowing us to simply choose to which recipients to encrypt the email for. Of course, the drop down box will only include recipients for which you have added a public key for. Here you can see that I’ve selected to include both my sending email account along with the recipient. I chose to this because Mailvelope doesn’t include an option to automatically encrypt all emails you send with your own public key. Without doing so, you will not be able to re-read the email message within your “Sent” email folder! You can also choose to encrypt the email as HTML or plantext.
Once I hit the OK button, you’ll see the familiar blob of text that indicates your email has been encrypted!
I have now received the encrypted email in my Gmail inbox. Mailvelope automatically recognizes the encrypted message and will allow me to decrypt it as seen below. All I have to do is hover my mouse within the message which will change to a padlock icon, click once and Mailvelope will ask me for the passphrase of my private key. Once that is entered correctly, I can then read the message back in plaintext!
Adding New Pages
As I mentioned in the beginning, what makes Mailvelope so awesome is its ability to allow you to manually add different pages to integrate Mailvelope. In this example, I will quickly and easily show you how to integrate Mailvelope into the Fastmail email service!
First I’ll need to log in to my Fastmail account and compose a new message. Once here, I simply click on the Mailvelope extension icon and select the “Add Page” option setting. Mailvelope will add a new record for the new web page and all I have to do next is hit the “Save changes” button as seen below:
Now, when I re-login to Fastmail and compose a message, I see the familiar Mailvelope padlock icon! Although I don’t have a key pair for this email account, I can still send encrypted mail to any recipients I have a public key for due to the Mailvelope extension.
In the End…
As you can see, it doesn’t take much to use the Mailvelope extension in Chrome. This is one of the better OpenPGP browser extensions I’ve found and one that works exactly as advertised. With other extensions, it either had a problem importing keys to not being able to correctly encrypt the email message. Suffice it to say, there’s not much OpenPGP browser extensions to begin with but Mailvelope is definitely something I hope will mature and improve over time.
With that being said, there are many things that Mailvelope can improve on. For one, and this is a big one, there must be signing and signature verification. I’d rather not see this implemented until the developer gets it right than delivering something that doesn’t work outright or is broken but this is one big thing that prevents Mailvelope from being used full time. I believe the developer also is trying to fix the “plaintext draft” issue where prior to sending an email, a draft of that email is saved on the servers of the email provider. I wouldn’t also mind seeing a better way to import public keys rather than doing a manual copy and paste. Finally, I’m sure if this extension takes off, many users will want a better way to mass export/import their keys and settings of Mailvelope to quickly and easily set it up on different machines.
As it stands, Mailvelope is definitely something you should keep an eye on. I’m sure a lot of OpenPGP users out there would love for major email providers to build a native interface that allow users to implement OpenPGP but I’m sure that’s not happening anytime soon! Therefore, we have to rely on extensions and plugins such as Mailvelope to fill in the gap. Once this extension gets more fine-tuned, it would be a huge break for OpenPGP users all over the world who don’t wish to use a dedicated desktop email client such as Thunderbird and Outlook. .