GPG Encryption on Your Phone
As a security-minded individual, you are no doubt using encrypted Email. Here's a short recap on how to do that on your Linux box, and how to extend encrypted mail coverage to your mobile device without jeopardizing your all-important GPG2 master key.
A Word about Efail
In May 2018 the so-called Efail vulnerability broke, which was picked up by mainstream media and blown massively out of proportion. Unfortunately, a number of very stupid people took this as the opportunity to declare PGP-based email encryption as dead. Here is a good summary on why this is unreasonable and factually wrong. Full disclosure: Proton's business model hinges on providing encrypted email services. It is still a good, factual read.
So with this out of the way, how do we use encyrpted Email on Linux?
Thunderbird with Enigmail
The simplest answer is: with Thunderbird and an extension called Enigmail.
Assuming you already have Thunderbird installed and configured (if not, there
are good guides for that
here and
here),
next install the Enigmail package. On Fedora this can be done by running dnf
install thunderbird-enigma
.
After starting Thunderbird, and before doing anything else, you want to make sure that you are composing and viewing messages in plain text format only, not in HTML. Using HTML in emails is a fallacy that was brought about by people who do not understand that emails and web pages are not the same thing. More importantly, allowing HTML in your emails is exposing you to untold risks because your mail program will request information through links embedded in the HTML that you as the receipient have zero control over! This is the precise reason for the Efail vulnerability mentioned above.
To turn that nonsense off, execute these three steps:
- go to
Edit --> Account Settings --> Composition & Addressing
and uncheckCompose Messages in HTML format
. Confirm withOK
. - Next, go to
View --> Message Body As
and choosePlain Text
. - Finally, go to
Edit --> Preferences --> Privacy
and turn offAllow remote content in messages
.
Turning our attention back to Enigmail, you will notice you now have a new pulldown menu named "Enigmail" which among several other items includes a setup wizard. Run through this to create your new GPG keypair and configure it in Thunderbird. This is a good step-by-step instruction which also covers a lot of ground for the basic Thunderbird configuration.
At this point you're up and running and can exchange encrypted Emails with others who also use OpenPGP. In principle that also includes people using mobile devices with Android or iOS, and you might want to be able to read and send encrypted mails yourself when on your phone. Using K9 Mail and OpenKeychain on Android, this is easily doable; however, with mobile device security being what it is, you shouldn't just copy your secret key to your phone. If your key gets compromised, this compromises your entire encrypted conversation history.
GPG2 subkeys
Therefore it is preferable to go the extra length and create an additional set of subkeys with their own keyphrase, and only import these to your phone or tablet.
In a nutshell, this can be done as follows:
- run
gpg2 --list-keys
to show your keys. - enter interactive mode using
gpg --edit-key YOURMASTERKEYID
- at the gpg> prompt type
addkey
- create a "RSA (sign only)" subkey type with the longest key length possible
- repeat the above step to create a "RSA (encrypt only)" subkey type
- type
save
to save your changes - show your new subkeys with
gpg2 --with-keygrip --list-key YOURMASTERKEYID
- now export only those subkeys into an ASCII-armored file with
gpg2 --armor --output subkeys.asc --export-secret-subkeys KEYGRIP
with the keygrip of your master key
The file can now be transferred to your mobile device and imported into
OpenKeychain. Finally, change the passphrase of your master key with gpg2
--change-passphrase YOURMASTERKEYID
to something as long as you can stand. The
longer the passphrase, the more secure it is. On a computer, entering a long
keyphrase isn't a big deal (especially since GnuPG includes the gnupg-agent
which caches the passphrase for a while). On a phone, the passphrase needs to be
short enough to be reasonably easy to get right with the small on-screen
keyboards. OpenKeychain, too, includes a caching and quick-unlock function which
makes it more user friendly.
Should your phone keyphrase be compromised, e.g. through a keylogger, your master key will still be safe because it uses a different keyphrase. Should you assume breach of your subkeys, it is simple to remove them from your master key, generate a new set of subkeys, and re-deploy them to your phone. But do safeguard your master key - if that's ever compromised, it's game over...
Useful Links
- Thunderbird, Enigmail, and OpenPGP for Linux
- Using OpenPGP subkeys in Debian development (it's more generic than it sounds)
- Creating the Perfect GPG Keypair