Email Encryption
By default, the transport path in email communication is TLS transport encrypted. Additionally, the data transfer via email is secured with DNSSEC and DANE at luckycloud. This network protocol ensures that certificates cannot be exchanged unnoticed during transport. Unfortunately, very few email providers currently offer this security protocol. Here you can conduct a security analysis of your email provider.
However, this protection is often not sufficient. Therefore, email communication between two people can be encrypted with PGP (= Pretty Good Privacy). PGP is end-to-end encryption for emails and works similarly.
Encrypting Emails with PGP in the Webmailer
- Log in to the Webmailer.
- Click on the "Settings" icon at the bottom left.
- Select "OpenPGP".
- Import the public key of your recipient with whom you want to communicate securely. Click on "Import OpenPGP Key" for this.
- Generate your own private key and public key. Click on "Generate OpenPGP Key" for this.
- Now enter the following information:
• Email Address, for which the PGP keys should be created.
• Name: Enter the name under which the key should be saved. This way, you can distinguish the keys later if you have created multiple PGP keys.
• Password: The password must be entered when you want to send something to an encrypted email address.
• Key Length: The longer a key, the more secure it is. Therefore, we recommend encryption with 4096 bits.
- Then click on "Generate".
- Please save your keys carefully. Currently, the keys are only in the browser cache. Once you clear your browser cache, you will also delete the keys.
- Now you can send an email to your recipient by writing an unformatted message. Click on the "HTML" text button (< - >).
- Now go to the mail menu (the three lines at the top right) and select "OpenPGP".
- Click on "Signature" and enter the password you created during the OpenPGP key generation.
- Under "Signature" you must now select "Select Private Keys" and under "Encryption" choose "Add Public Key".
- Encrypt your previously written message content now with "sign and encrypt".
- With "Send" you send the encrypted email.
For your recipient to decrypt the message, you must share your public key with them.