PGP Tour: PGPmail
Index

PGPmail - Encryption/Decryption
PGPmail - Signing/Verifying
PGPmail - Outlook Express Plugin

(Return to Main Index)

Note: Click on thumbnail pictures to view full-size screenshots.
  

PGPmail - Encryption/Decryption
Shot Caption Comments
select Public Key/Recipient
to encrypt with/for (1)
PGP makes encrypting email messages easy. Having composed an email message to someone who also uses PGP and whose public key we have on our keyring, we've now used the Current Window menu from PGPtray to start to encrypt the email message. The first thing we must do is specify the public key for the recipient of the email. That public key will be used to encrypt the message. 
select Public Key/Recipient
to encrypt with/for (2)
Here we've simply dragged the public key of the intended recipient of our encrypted email message down to the bottom portion of the window into the Recipients list. 
encrypted message
before sending
Once we specify the public key of the recipient, PGP encrypts the email message for us. This is what the email looks like right before we send it -- complete gibberish (because it's encrypted). That gibberish is known as ciphertext (as opposed to the plaintext original message). Finally, we send the encrypted email. 
enter Passphrase to decrypt
message after receiving (1)
Now let's play the recipient and receive and decrypt the encrypted email message we sent (I used two different email accounts here -- one to send, one to receive). Again, we're using the Current Window menu of PGPtray to decrypt the message. The first thing we must do is enter the passphrase of the private key corresponding to the public key that was used to encrypt the email message. (This is what what you do when someone sends an encrypted email to you using your public key.) You can see the encrypted email that we received in the background.
enter Passphrase to decrypt
message after receiving (2)
Yet another look at the box in which we enter our passphrase to decrypt the message. To review: email is encrypted using the recipient's public key; it is decrypted by the recipient who enters the passphrase for the private key (which only she has).
the decrypted message Voila. Here is the decrypted message. Mission accomplished. 
PGPmail - Signing/Verifying
Shot Caption Comments
Enter Passphrase for
digital signing
Now we'll digitally sign an email message using our private key. When we digitally sign a message, we are verifying that we are in fact the one who sent it. We sign messages with our private key (and only we have the private key from the keypair). Again, we've used the PGPtray Current Window menu to start the signing process. First we must enter our passphrase for our private key.
email with digital signature
before sending 
PGP then generates a signature for the email based on our private key and the contents of the email message being signed. Here's the signed message just before we send it.
email with digital signature
after receiving
Again, we'll switch roles and play recipient. Here's the signed email message we just received. What we need to do now is verify the signature. To verify it, we'll use the sender's public key (which anyone has access to).
verified digital signature  This is a good signature, which means: 1) the message has not been tampered with (if it had been tampered with the signature wouldn't match what we would expect when using the public key to verify it); 2) the message was in fact sent by the person whose public key we used when verifying it.
PGPmail - Outlook Express Plugin
Shot Caption Comments
Encrypt email message  Several of the more popular email clients have plugins that allow PGP to integrate straight into the user interfaces of those email clients. In this series of screenshots, you can see the special buttons added by the PGP Outlook Express plugin. Look closely for the text label -- Encrypt (PGP) -- which has popped up over one of the PGP buttons in Outlook Express.
Sign email message Here's the button we use in Outlook Express to sign an email message. The advantage to using a plugin with an email client is that it's easier to acess PGP functions from within the email client itself than to use the Current Window menu of PGPtray. 
Decrypt PGP Message  And here's the button to decrypt an email message we've received.
verify (Decrypt) email signature  We use the Decrypt button to verify an email with a PGP signature.
launch PGPkeys Your PGP keyring is accessible from the Outlook Express toolbar.
PGP on the Outlook Express Tools menu Still other options are available from the Outlook Express Tools menu.
PGP Options for Email Using the PGP email options, we can even tell PGP to automatically encrypt, sign, and decrypt/verify messages upon sending and receiving.

2000, 2001 Eric L. Howes (eburger68@myrealbox.com)