blog.phyubox.com

Phyushin's Blog! These posts are for information only

View on GitHub

What is Mailvelope, and why should I care?

Mailvelope is an extension for chrome or firefox that allows you to send and receive encrypted emails with relative ease

First off - you’ll need key pair

whilst not strictly true - you only really need the public keys of other people to send encrypted emails - you do how ever need your private key if you want to read what you sent or read the replies back

we touched on how to generate a key pair in the previous blog so we’ll not repeat it here - lets get started

Installing the extension

the first thing we need to do is install the Chrome extension or the Firefox extension once the extension has downloaded and installed you should see a little padlock in the top right hand corner mailvelopelock

Importing your keys

click this padlock and go to options

options

seeing as we currently have no keys we need to import some so go to set up then important

importing a key

displaying keys

we can paste it in as text - this is handy later for all the public keys (pasting them in one after the other in that text box will import them all at once) - but for now we’ll imagine we have a private key file called private.key

selecting a file once you’ve found the private key

importing successful

you should see something like this:

displaying keys

now we’ve successfully imported our private key

we can start importing some public keys so we can send encrypted emails for this example we’ll use the public key from keybase

we then take the text from the link and post it into the text box in the importing screen shown in the screen shot above and click import a public key once that’s done - go to display keys

displaying pub key notice how there is only one key and it’s angled to one side - this is indicating that we only have the public key for this pair meaning although we can encrypt messages to that key owner we cant decrypt them

Sending an encrypted email

Open your favorite email client (gmail, hotmail, yahoo mail, etc.) you’ll see the little pad with a pencil pointing on it:

composing

a pop up window will appear, (1) select recipient’s public keys and then (2) write your message - if you don’t want it to be encrypted you can just click sign (3) and it will export the text back into the email browser window but it will be verified that what ever you typed in the compose email window (below) - if someone were to change the contents before it got to the intended recipient this signature would show as invalid (a bit like the way a wax seal on an envelope was at one time used to signify tampering)

displaying pub key

once you click encrypt you’ll be back in your email window but now will have an encrypted message ready to send to who ever you want to email privately displaying pub key

on the receipt of the email if the user is also using mailvelope they will see the following: displaying pub key

clicking on the envelope will show the following prompt

displaying pub key

depending on if you have the correct password and or correct private key you’ll either see something like this

displaying pub key

or this

displaying without pub key

I hope this has been useful, Phyu