MyMail-Crypt

MyMail-Crypt is an add-on for the Chrome Browser when using Gmail. The add-on allows a non-sophisticated user to use the features of GPG/PGP, the open source Public Key Infrastructure, to send and receive signed and encrypted messages.

The source code is published and appears to be completely secure.

To install and use MyMail-Crypt:

  1. Obtain if you do not have one, a Gmail address
  2. Install the Chrome Browser if you do not have it
  3. Install the MyMail-Crypt add-on by searching for mymail-crypt chrome and following the instructions on the appropriate page
  4. You will need to generate a Key/Pair, to do this:
    1. in the chrome browser click on the "settings icon" in the top left
    2. on the drop down that appears select "more tools", then "extensions"
    3. scroll down to and select "MyMail Crypt" and "Options"
    4. on the mymail-crypt page click on "My Keys"
    5. click on "Generate"
    6. enter your name, by which other will recognize you
    7. your Gmail address
    8. a password which will be required whenever you wish to sign or decrypt messages. You do not need a password, it ONLY protects the key on your computer, it makes no difference to the quality of message encryption and/or signing. The password only prevents other with access to your computer from using your PKI features
    9. select the longest key length offered, it is more secure and the shorter ones are offered only for compatibility or VERY slow computers
  5. When the key has been generated click on the "show key" and cut that key and paste it and save the key to a safe backup. It can NEVER be regenerated, so this backup is a really good idea
  6. you now need to click on "Friends Keys" and you will see your own key there, as a friend of yourself. Click on "show key"
  7. cut and pastes this PUBLIC KEY and save it also. It can not be regenerated
  8. the key you just cut is your PUBLIC key and needs to be shared with anyone that is going to send you encrypted messages or check signatures from you
  9. you can send this public key to others by eMail, publish it, etc. There is nothing secret about it
  10. you are ready to receive encrypted messages and sign outgoing messages
You can test by sending an encrypted signed message to yourself. Select "Compose" in Gmail, compose the message and press the new "encrypt and sign" link that appears below send, AFTER entering your password. There will be a short delay, depending on the speed of your computer, as the message is encrypted and signed and then you will see the form in which it will be transmitted. Then press "Send".

When the messages arrives back you will see it in its encrypted form. Press the "Decrypt" and/or "Verify Signature" links to decrypt and verify the message.

It really is as simple as that!

When you use "Compose" in Gmail you will now notice that there are three additional options under the "Send" button. These allow you to send messages encrypted, signed or both. If you wish to send an encrypted messages then you will need the public key of the recipient, see below for this. If you chose to sign a message then you will need to enter the password that you chose above.

If someone sends you an encrypted message it will be obvious that this is the case and you will be able to decrypt it on the "message" page, where a "Decrypt" option now appears. To decrypt you will need the password you chose above.

To send encrypted messages to others, you will need their public keys. If their keys are published on a public key server then you can get them there, otherwise you will need to have them eMail or otherwise transmit them to you. Once you have their public key just insert it into the "Friends Keys" page of Myail-crypt.

Return to my Home Page


© 2016 John P Hurst - All Rights Reserved