If you’ve ever worked on a shared computer, merged your personal and professional messages, or simply dealt with the odd bout of paranoia that the feds are surveying you, it’s worth considering email encryption.
Before we get into software recommendations, let’s answer the important question. How does encryption work?
Let’s say that you would like to send a private message to your friend Harold, but Harold’s overbearing mother is continually checking his email when he’s not home. How do you get around this? You both install encryption software for your desktop email client (i.e. Thunderbird, Apple Mail, etc.).
When that happens, you’ll get what’s called a public key, which you will want to exchange and confirm with the person outside of the internet in order to verify that you are sending potentially sensitive information to the correct person. The other component of your key pair, your private key (in conjunction with the passphrase you choose), will help you make sense of the jumbled text that encryption software makes of your original message. It also serves as an electronic signature, which is a great way to substantiate your cousin’s claim that she is really stuck in a Tanzanian airport and needs cash wired to her and hasn’t just had her email account hacked.
Modern encryption programs have also evolved to the point that it is nearly impossible to look at an encrypted message and make conclusions at to the length and contents of the original. It’s not like a traditional cipher in which every character is represented consistently throughout the message.
Now are you ready to get started? Check out Enigmail, which is a Thunderbird add-on that works with GnuPG (Gnu Privacy Guard). If you’ve got a Mac, take a look at GPG Tools, and if you run Linux, you’ve got this.
Disclaimer: Encryption itself is seldom the weak point in divulging any unwanted information–user error is much more perilous. Know the software well, complete some “test flights” before attempting any correspondence that absolutely needs to remain private.
the most helpful explanation I’ve ever seen of pubkey encryption:
http://www.youtube.com/watch?v=3QnD2c4Xovk