Gpg4win (GNU Privacy Guard for Windows) is an encryption software suite for Windows that supports OpenPGP cryptography standard to encrypt the email messages. OpenPGP works on the model of private and public key pairs and makes it virtually impossible for anyone to read your email messages unless they have been given a public key by you. Other than the encryption of messages, it also includes a tool to digitally sign your email messages. Here is how you can use Gpg4Win in Mozilla Thunderbird to encrypt your email messages:
To be done on computers of both sender and recipient:
- Download and install Gpg4Win from https://gpg4win.org/.
- Install Enigmail extension in Mozilla Thunderbird from https://www.enigmail.net/.
- In Thunderbird, select Enigmail → Setup Wizard from menubar and choose Standard configuration.
- Create an encryption key pair for an email address that you want to use for sending email messages. Choose a difficult to guess passphrase so your key cannot be misused.
- In Thunderbird, select Enigmail → Key Management from menubar.
- Right-click on the newly generated key and select Send Public Keys by Email to send public keys to other people with whom you want to communicate. This will send an ASC file to the people who wish to communicate with.
Import public key of recipient:
- In Thunderbird, select Enigmail → Key Management from menubar.
- Select File → Import Keys from File and select the public key file (.ASC file received through email).
Start sending encrypted messages:
Once the public keys are imported, you are all set to communicate with each other through encrypted messages. You can simply enable encryption when composing an email and sending it. On the recipient’s computer the message will be auto-decrypted.
Gpg4Win creates two types of keys – public and secret. You should never share your secret keys with anyone or they will start abusing your encryption keys. Using Enigmail, you can easily manage all of your key pairs and public keys very easily in Thunderbird. It also helps you search for public keys from key server so that you do not have to ask for public keys from anyone.