How To: GnuPG (gpg4win) for MS Office Outlook, Exchange, and Others

GnuPG is a completely free implementation of the Open PGP standard defined in RFC2440.txt. The folks at Gpg4win made an excellent Windows port that allows you to use the standard in almost any way imaginable. This particular article will explain how to use gpg4win with the intention of encrypting email communications. The steps mentioned here work with Microsoft’s Office Outlook 2003 in or out of an Exchange Server environment, and any other Window’s based email client.

First, download Gpg4Win. I chose the light installation because the German documentation and command line tools weren’t desired.

Second, install gpg4win with all the available components except Claws Mail, unless you’re interested in an email client.

Third, open WinPT (typically located at: C:\Program Files\GNU\GnuPG\WinPT.exe) and begin the key generation process. Supply the information requested (name, email, key password, etc) and make sure the check box indicating RSA keys are preferred is checked. WinPT will begin generating a random key which you’ll use to decrypt incoming encrypted messages. Create backup of this key to prevent losing encrypted information in the event of hardware/software failure. If for some you lose this key, all encrypted contents will remain encrypted, forever.

Fourth, well, that’s it. If you’d like to communicate with a friend or total stranger, simply obtain and import their public key into your key manager. For example, my public key is:

—–BEGIN PGP PUBLIC KEY BLOCK—– Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0

mQGiBEcOi98RBADtH/j6iq4bMAenHbYQc26KekulbvLl+X1hvJVfMpuL2qhRtzuX ngHIz0Oft9mDEdnGNcNwaCfvizyoWDIB7m2wvZI8jiwxKHn+0mWnHI5×6FllG5os op3gZbyDj5NVntfXHwcdK2Z18mWM3Rt2nli80nu1Bq3W6DzQoYJyxngDvwCgzsZl teqkLZ/fKV8Nxk437m1uRb8D/R0S/aaX4UywqNpG/hTIKzCkl2XdyGAhW+Yw6M4c 2ySbmnYa0bMXh/9jnGjcDmchH13IUbXsw0Eurb4jLHrsSjcdHMEVSzkLn/gd1EGF CItmZXMm5b/L0yK/ksgsI7pbBflEYk1eVe2dPRyuCv36YXuZUb+q7rrGle4Fq1Gy t4knA/0Ypu4m5/LHuy43tw3OoI1NDlELR1CcMTELGMRkpOzYEyUe8Ry+P3Tivc3A u+88ZKVrh+apw7AiNvv50Te01wNRdutmbnXSym1BkgCqnH2D+M4oZ6/YsYD9/GU2 w8DM2Z5Ge7rSckpG422r9qG4g9BnBmWtCccQ8Nd492ssFefJOLQbajB3bmVkIDxq MHduZWRAY29tY2FzdC5uZXQ+iGAEExECACAFAkcOk8ACGwMGCwkIBwMCBBUCCAME FgIDAQIeAQIXgAAKCRCEg8zciWFcHl5IAKCSKez0uCi7a0ek+pSM2aSqG2ArwgCf fYoFjhhdvHOSFy1ySIazJWlvzMK0KEd1eSBQYXR0ZXJzb24gPHBhdHRlcnNvbkBu dWxsYW1hdGl4LmNvbT6IYwQTEQIAIwIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheA BQJHDpQQAhkBAAoJEISDzNyJYVweor8AmwZUBS2cGr3v0lwfULcJ39bsHf0BAKC0 sHENPrxZcDWZp2ctkgPWYgQDgLkBDQRHDovfAQgAymFs7EG8493D7hPnogh6r0Cu c081Ewd6WRWMFgCm7Agx/OMaBHJRRKCmPzML/q7jF91fouzo5nO/QkTM1yQ04z6g nVnuHhJuxz7HnpkI+kKhecjr3S58zY3/tTvbDubfpzvUcjeXbof4y0QPzlfJyRpz CBLx+FW4J43dpCCDoi/8zOTIIj+KXyOYdm7XDNFdvKaqNMGmzODAh69mD53AooVZ /2Zecvz9tUxPj5pNre/7hnYgNEdh2yjgogMj+C58w71shU8AZDwC+b+POKxcbCVY 91HpAj3wB7PJ3DnBN1GR2lVVZhyDOEFCW3TVXTEXm9DUyp0je9Kfk3PWZnF+FQAR AQABiQFoBBgRAgAJBQJHDovfAhsuASkJEISDzNyJYVwewF0gBBkBAgAGBQJHDovf AAoJEMLX50JovmoJkJkIAK4cVSHTiyjbb2OHzdlLBmEp7ro17eixTVMJSpit7h0/ 0nFqEFrtA1nEE6dedHZ8eCpobzMKmv7A7jsG3JseunHiC8DG4gF5n2PrDVgpRkvh mT5Oby6kBn8xMRoqK5ii6drYafWo/GxOrBpbOtCAF9f0Q3VJM6h+L6tFR2CZ6DaU OJrpYdZzhFGCJPsm2ewhsgXe3ZCMzNcTjxzBZPvYz1+RnwpbCISp9ulVjSk9OreB BziX3RuVeQ/cy9ezIndW4TRqmiSydkOkPDSpD+MMCrJTe8GiG0QHAKZjoP27xMdF twSmLePT8MGITdbPFzClJR/PCxBiKK/5HaroL5/YG9OqEQCeI7bxXR3mg/8J8M3W pWga1Q15IegAnRMJzzu3yEaiR3NNXi/iZfy9jLPM =frhE —–END PGP PUBLIC KEY BLOCK—–

Importing this key into your key manager will allow you, or anyone else with this key, to send me an encrypted email. Now that your friend’s public key is listed in the key manager, compose an email message like you normally would. Before sending the message, and with WinPT running, press ALT+SHIFT+E. WinPT will ask you to select a key (your friend’s/recipient imported key) and then encrypt the contents with that key. Your email will now look similar to:

—–BEGIN PGP MESSAGE—– Version: GnuPG v1.4.7 (MingW32) - WinPT 1.2.0

hQEMA8LX50JovmoJAQf/Tj0yEYAm9g8NrjLUC/xWId3cli2oSY1/a47Qs5q1puU5 cQKa4rbOT8l/tAeuMeWR74Xt9KguCEZnNDeYKatkixpwMEfCmz2toLvDVjNE1+ad xZZLlDhzJYE5ZUhor0uLBTo5+oaz827SBTP7mKTJX0tGLVmh0lvCEDFa/63x/B/J iz3z452TDYVFog4LNoYhnQ5LxwJSNwG0qSeXeWDDs8u04D+91EwzyDbW4lMguzl6 wi4l2biKu9Dq+ljs79KcXz/tW95AtrEG8P2KHCG5Q4PkNZVNDSmU4nVS3NT7KJ2o a8ZaDypa3ODFixjFNrpMTAmCqZVJs0KYDQoYFafWkNKpAfYvXVG3/eu5G+kphePe QJctXW4GgR6XP9Ljcsgq+gceDxZpH2PDjwJTmskV1v4jb4IN+Y8lL04TQwtlZ8KF UIYnp8XOgvZuKzPGIina5agSrvucys4gYCEXf7k+TNpCuvlJmcp6XOY7ls2hC7gY 6ler5vfbcIH9gZ9azeJT3UeeBSI8ZbX2EVRIbuy38cIwRtqBVNChQsSokd7GomFX qajscvcjBgpcRg== =jEuy —–END PGP MESSAGE—–

Now, send the email. The contents are safe and only readable by the intended recipient, assuming the public key came from a reliable source, and the feds haven’t confiscated the workstation housing the recipients secret/private key.

If you’d like the recipient to have the ability to respond back encrypted, simply send them your public key. They’ll encrypt an email using your public key, and when it arrives in your inbox, press ALT+SHIFT+D while WinPT is running. Type in your key password, and viola! Feel free to ask any questions in the comments section.