Pretty Easy Privacy Email Encryption - Thunderbird

Share on:

pretty Easy privacy (abbreviated as p≡p) is a part of the enigmail plugin, that enables easy PGP encryption for the Thunderbird Email Client. Whilst PGP Email Encryption has been available for almost 30 years, adoption has been very low, as it can be difficult to implement without a high level of computing knowledge. p≡p comes a long way to solving this problem.

p≡p is also available for Microsoft Outlook, Android & iOS. Today, I will only cover installation and operation on Thunderbird.

This post assumes you have Thunderbird installed with an email account already setup. Also that you are using Linux or Macintosh with GPG installed. If you are using Microsoft Windows, please see here to install GPG.

Installing & Configuring Enigmail/p≡p

Enigmail is a Thunderbird Add-on. Add-ons are little apps that add new functionality to Thunderbird (extensions). We can install Enigmail by searching the Thunderbird Add-ons tab as below.

Thinderbird Add-ons

Once installed a confirmation window will appear to confirm that Enigmail has been installed correctly.

Enigmail Setup

With installation taken care of, there is just one setting that has to be confirmed. Under the Privacy Section of Thunderbird Preferences, we need to check that "Force using p≡p (Pretty Easy Privacy) is selected.

Thunderbird Preferences

During the installation process, p≡p will have generated the necessary public & private keys. After this step you can immediately send and receive encrypted emails.

Sending Encrypted Email with p≡p

Below Alice composes a new email to Bob. As there has been no previous exchange of PGP Keys, p≡p warns Alice that the Privacy Status of the email is Unsecure in the bottom left-hand corner of the email. This is expected, the very first message between two p≡p users will be sent unencrypted.

Send Encrypted Email with PEP

When Bob replies to Alice, p≡p informs Bob that the email that he is about to send is Secure. That is because Bob received a Public Key from Alice when she sent him her previous email, and p≡p is now using this Public Key, to encrypt the email that Bob is sending to Alice.

Send Encrypted Email with PEP

The Handshake

The Handshake is where p≡p sets trust on the PGP Keys. In order to trust the keys, it is necessary to confirm that the PGP Key/Email is from who we think it is from. p≡p assists us in this by generating Trustwords that only the sender and receiver know. These Trustwords should be verified through a separate communication channel (e.g. in person or by phone).

Clicking on the Yellow Triangle of the received email message, will open the p≡p Handshake Dialog.

PEP Handshake

Clicking on the Handshake button will start the Trust Process. The new dialog will present the Trustwords that need to be verified with the sender of the email.

Important: These Trustwords should be verified through a separate communication channel (e.g. in person or by phone).

PEP Trustwords

Once you have verified these Trustwords, you can click Confirm Trustwords and you will be presented with the following dialog. p≡p now confirms that the sender of the email is now Secure & Trusted, as opposed to earlier where the sender of the email was only Secure.

PEP Handshake

Finally, when the p≡p Handshake Dialog is closed, the email will now display a "Green Triangle", representing the email as Secure & Trusted.

Secure & Trusted Email

Important: The Trust Process should be carried out by both the sender and recipient, Alice & Bob. In effect, confirming the Trustwords will ensure that this is the case.

Wrapping Up

p≡p is end-to-end email encryption at its easiest!

If you would like more information on p≡p, please read the p≡p Documentation.

And finally, please, please share this post to all your friends and family so that end-to-end email encryption becomes the default for email!