This post guides you through the process of setting up PGP on OS X and registering a Keybase account.
Configure Thunderbird and create a verified Keybase profile that allows you to send and receive encrypted email messages with other Keybase members.
The entry was written for the CryptoParty get-togethers in Northern Ireland. Hello, Belfast chapter!
Pre-requirements
You’ll need the following:
- Thunderbird installer
- An invite for Keybase
Depending on your operating system:
Instructions
Installing Thunderbird
The first step is setting up your mailer. Follow the slideshow below to install Mozilla Thunderbird. We also configure it to access your mailbox via IMAP and SMTP protocols.
Check out the CryptoParty Wiki for the installation instructions on Windows and Linux if necessary.
Installing GPG Suite
Good job! Now download the GPG Suite installer from the official page and follow the screenshots.
Windows users should refer to the CryptoParty Wiki. Linux users should read these instructions instead.
Generating Public and Private Keys
The next step is creating a PGP key pair using GPG Suite. Launch the GPG Keychain app from Applications and follow the instructions below.
Linux users should skip to the Enigmail configuration, Windows users please click here.
Setting up Enigmail
Once the key pair is generated, we can move on to the Thunderbird integration. Enigmail is an extension that integrates Thunderbird and GPG Suite (or GnuPG/Gpg4win) together.
Exporting the PGP Key Pair
In the following section, we export your key pair into your Keybase profile. Open the GPG Keychain again and follow the instructions below. Your key will tentatively be saved into a text file on your computer.
Setting up a Keybase Account
Once we have the PGP keys exported, we can now sign-up for Keybase on https://keybase.io. We also will upload your public and private key onto your profile.
Please note you will need an invitation code for registering an account, so just ask me for an invite.
Verifying your Keybase Identity
The following screenshots show you the process of verifying your Keybase identity through Twitter. The purpose of the verification is to provide assurance that the public key really belongs to you.
Importing Someone’s Public Key
Once the Keybase profile is ready, we are almost ready to send our first encrypted email.
Before doing that, we need to import your recipient’s public key from Keybase first. Locate a friend on Keybase and download his or her public key as below. Alternatively, download my public key from https://keybase.io/gszathmari and send me a message.
Sending the First Encrypted Email
Once the public key is on your keyring, open Thunderbird and start writing a message as usual. Notice the padlock icon on the toolbar, however. Make sure the padlock is on to send your first encrypted email to your buddy.
Further Reading
Check out the following links and other materials for more information.
Slides
PGP and Keybase (CryptoParty Belfast)
PGP public key exchanging process is susceptible to MitM. Although built-in features exist to verify the authenticity of keys, but usability of PGP has always …
Links
Check out the CyrptoParty Handbook on the Wiki for other useful guides
EFF’s Surveillance Self-defense portal collects guides on using PGP, OTR messaging, Tor and similar technologies
Mailvelope is a browser extension that enables the exchange of encrypted emails using webmail services (e.g. Gmail, Yahoo! Mail, Outlook)
Cover image courtesy of Kraftwerk