Send me an encrypted email

Send me an encrypted email by following the steps below.

My public key

Download my public key

Verify my public key

Public keys can be created by anyone. It's important to verify the public key you're using to send me an email is the public key owned by me.
A way to verify this public key belongs to me is to check this fingerprint against the public key you downloaded.

My fingerprint:

62A6 BC9C 8446 054A 3D3E  985E 89C4 73D2 322F 20CB

Once you have installed gpg on your machine, run the following to verify the fingerprint of my public key (change myname first).

gpg --fingerprint myname@gmail.com

This shows the fingerprint of my public key. If the fingerprint matches, it's my key.

pub   4096R/322F20CB 2015-06-02 [expires: 2019-06-02]
      Key fingerprint = 62A6 BC9C 8446 054A 3D3E  985E 89C4 73D2 322F 20CB
uid       [ultimate] Nathan Kowald <myname@gmail.com>
sub   4096R/EBC4D1C7 2015-06-02 [expires: 2019-06-02]

Software

OS X

How to: Use PGP for Mac OS X

Linux

How to: Use PGP for Linux

Windows

How to: Use PGP for Windows


Send me an encryped email

You are all setup to send and receive encrypted emails. You have verified the fingerprint in my public key matches the fingerprint in this page. You have imported my public key into your keychain. You can now send me an encrypted email.
The email subject line won't be encrypted, so choose something innocuous, like "hey".


Further reading

Freedom of the Press Foundation have create an easy to follow guide to encryption: https://freedom.press/encryption-works

A great introduction to email encryption: https://firstlook.org/theintercept/2014/10/28/smuggling-snowden-secrets/

Terms

Keypairs

Each person who wants to send or receive encrypted email needs to generate their own PGP key, called a keypair. PGP keypairs are split into two parts, the public key and the private key.

Public key

If you have someone's public key, you can do two things: encrypt messages that can only be decrypted with their private key, and verify signatures that were generated with their private key. It's safe to give your public key to anyone who wants it. The worst anyone can do with it is encrypt messages that only you can decrypt.

Private key

With your private key you can do two things: decrypt messages that were encrypted using your public key, and digitally sign messages. It's important to keep your private key secret. An attacker with your private key can decrypt messages intended only for you, and can forge messages on your behalf.

Passphrase

Passphrase is another name for password. The security of encryption often relies on the security of a password. Since passwords are very easily guessed by computers, it is important to set a strong password when setting up your keypairs.

Fingerprint

Each PGP key has a unique fingerprint. A fingerprint is a short and more convenient way to uniquely represent a key.