Mailvelope is a free and open source browser extension that allows you to send and receive encrypted email text and attachments when using webmail services. It relies on the same form of public key encryption as GnuPG and PGP.
Mailvelope is a browser extension that allows you to encrypt, decrypt, sign and authenticate email messages and files using OpenPGP. It works with webmail and does not require you to download or install additional software. While Mailvelope lacks many of the features provided by Thunderbird, Enigmail and GnuPG, it is probably the easiest way for webmail users to begin taking advantage of end-to-end encryption.
1.0 Things you should know about Mailvelope before you start
Mailvelope relies on a form of public-key cryptography that requires each user to generate her own pair of keys. This key pair can be used to encrypt, decrypt and sign digital content such as email messages. It includes a private key and a public key:
Your private key is extremely sensitive. Anyone who managed to obtain a copy of this key would be able to read encrypted content that was meant only for you. They could also sign messages so they appeared to have come from you. Your private key is, itself, encrypted to a passphrase that you will choose when generating your key pair. You should choose a strong passphrase and take care not to let anyone gain access to your private key. You will use your private key to decrypt messages sent to you by those who have a copy of your public key.
Your public key is meant to be shared with others and can not be used to read an encrypted message or fake a signed one. Once you have a correspondent’s public key, you can begin sending her encrypted messages. Only she will be able to decrypt and read these messages because only she has access to the private key that matches the public key you are using to encrypt them. Similarly, in order for someone to send you encrypted email, they must obtain a copy of your public key. It is important to verify that the public key you are using to encrypt email actually does belong to the person with whom you are trying to communicate. If you or your correspondent are tricked into encrypting email with the wrong public key, your conversation will not be secure.
Mailvelope also lets you attach digital signatures to your messages. If you sign a message using your private key, any recipient with a copy of your public key can verify that it was sent by you and that its content was not tampered with. Similarly, if you have a correspondent's public key, you can verify his digital signatures.
Mailvelope lets you:
Generate an encryption key pair
Export your public key so you can share it with others
Import other people's public keys
Compose, encrypt and sign email messages
Decrypt and authenticate messages
Encrypt, attach and decrypt files
Your correspondents do not have to use Mailvelope, but they do have to use some form of OpenPGP encryption, several of which are listed below.
Since Mailvelope is a browser extension, it will only work with the browser on which it was installed. If you want to use Mailvelope with a different browser, you will have to install it again. This is true even if both browsers are on the same computer. You will also have to export all of your keys and import them into the new copy of Mailvelope.
Because Mailvelope is a browser extension, it works on most desktop operating systems. This includes GNU/Linux, Microsoft Windows and Mac OS X. It does not work on Android or iOS mobile devices. Below are a few free and open source alternatives:
You do not have to use your real name when generating your key, but you should enter the email address of the account with which you intend to use Mailvelope. If you like, you can create a new email account specifically for this purpose.
We recommend that you generate a unique key pair for each email account you want to use with Mailvelope.
Step 4. Uncheck the Upload public key to Mailvelope Key Server box
Step 5. Click[Submit] to begin generating your key pair:
When it is finished, Mailvelope will display: "Success! New key generated and imported into key ring".
Step 6. ClickDisplay keys to have a look at your new key pair, as shown in the section below
2.2 Export and Send Your Public Key with Mailvelope
You must share your public key with others in order for them to send you encrypted email. You should also share the full fingerprint of your key, through a different channel, so that your correspondents can verify that the public key you sent them really belong to you. You should never share your private key, as anyone who has a copy of it can decrypt messages sent to you and sign messages so they appear to have come from you.
To export your public key with Mailvelope, follow the steps below.
Step 1. From the Mailvelope Options browser tab, select the Key Management tab then click[Display Keys], on the left.
Step 2. Click the key you want to export. (In our case, the public key we just generated is the only one we have.)
This will activate the screen below:
This screen displays, among other things, the fingerprint of your key pair. For example, the fingerprint of the key pair we just generated for email@example.com is 3B9F 54DD 571A 6F77 251D 92E7 E8B1 F5E6 FBB4 EFFE.
Step 3. Click the Export tab.
Important: Make sure that [Public] is selected at the top of the screen. If either [Private] or [Any] is selected, you will end up exporting your private key. You should never send your private key to another person or upload it to a server. (The only reasons you might want to export your private key are to make an encrypted backup or to migrate your keys to a new web browser.) The default filename should end with "_Pub.asc".
Step 5. Click[Save] to save your public key
Step 6: Send the file you just exported (Elena_Katerina_Pub.asc, in this case) to correspondents with whom you want to exchange encrypted email.
You should now verify that the key you have imported actually came from the person to whom you think it belongs. You and your email correspondents should go through this process for each public key you receive.
To verify your correspondent's public key, contact him using a means of communication that allows you to be absolutely certain that you are talking to the right person. In-person meetings are best, but voice and video conversations are acceptable if you are confident you can recognise voice or appearance. You will be exchanging public key fingerprints, which do not need to be kept secret, so this conversation does not have to be confidential as long as you refrain from discussing sensitive topics.
Both you and your correspondent should verify the fingerprints of the public keys you have exchanged. A fingerprint is a unique series of numbers and letters that identifies a key. You can use the Display Keys section of the [Key Management] tab in Mailvelope Options to determine:
The fingerprint of the key pair you have generated
The fingerprint of other people's public keys that you have imported
To view the fingerprint of a particular key pair, follow the steps below:
Step 1. Click[Display keys], on the left, from the Key Management tab.
Step 2. Click the key you want to verify
In the Key Details window, you will see the fingerprint of the selected key. For example, the fingerprint of firstname.lastname@example.org is 3B9F 54DD 571A 6F77 251D 92E7 E8B1 F5E6 FBB4 EFFE.
Your correspondent should carry out these steps as well. To verify fingerprints:
Read the fingerprint of your key pair to your correspondent,
Have him verify that the fingerprint he has for your public key matches what you just told him,
Have your correspondent read you the fingerprint for his public key,
Verify that the fingerprint you have for his public key matches what he just told you,
If the fingerprints don't match, exchange public keys again and repeat the process.
Note: Because key fingerprints are not themselves sensitive, you can easily write down the fingerprint that your correspondent reads off to you. Then, when you have more time, you can verify that it matches the fingerprint you have for his public key. This is also why some people print their key pair fingerprints on their business cards.
The key pair(s) you have generated and the public keys you have collected and verified are the most important element of your Mailvelope installation. You can save all of these keys in a single file in order to back them up. See Recover from information loss to plan a secure backup strategy. We recommend updating this backup any time you generate a new key pair or import and verify an important public key.
Important: Because this file will contain your private key, you should not upload it to a server or to any sort of "cloud storage."
To save all of your keys in a single file, follow the steps below from the Mailvelope Key Management tab
Step 1. Click[Display Keys]
Step 2. Click[Export]
Note: You can choose any name and location for the file that will contain your keys. In this example, we will use the default name: all_keys.asc
Step 3. Click[Save]
Step 4. Make a secure backup of this file, then remove it from your computer.
Important: This file contains your private key(s), so you should keep your backup safe. For example, you might want to store it in an encrypted VeraCrypt container on well hidden USB storage device.
To import all of the keys in this file, follow the steps to Import a Correspondent's Public Key in Section 2.3.
3. Configure Mailvelope to work with your webmail service
Mailvelope comes preconfigured to work with several webmail services, including Gmail. You can check if Mailvelope is already configured to work with your webmail provider by loging into your email account and composing new message. You should see a Mailvelope button in the upper, right-hand corner of the message area, as shown below:
If you see this button, you can skip the remaining steps in this section.
To make Mailvelope work with the Roundcube webmail interface used by Riseup and other providers, follow the steps below. By following a similar process, you should be able to configure Mailvelope for other webmail providers, as well.
Step 1. Launch the browser on which you installed Mailvelope
Step 2. Sign in to your email account
Step 3. Navigate to your inbox and open any e-mail message
Step 4. Click the Mailvelope lock icon in your browser toolbar to open the Mailvelope menu as shown below
Step 5. Click[Add] to display a screen containing a List of E-Mail Providers
At the bottom of this list, you should see a new entry for mail.riseup.net.
Step 6. Switch back to the browser tab with your webmail.
Step 7. Click compose to write a new e-mail.
Step 8. Click the Mailvelope lock icon in your browser toolbar to open the Mailvelope menu as shown below
Step 8. Click[Add] again.
Your browser will once again display a screen containing a List of E-mail Providers.
Step 9. Close this browser tab and return to your webmail.
Step 10. Reload the page in which you are composing a new email.
You should see a Mailvelope button in the upper, right-hand corner of the message area, as shown below:
Step 2. Click the Mailvelope button in the upper, right-hand corner of the message area to open Mailvelope's Compose E-Mail window.
Step 3. Type your message.
Important:If you intend to encrypt a message, you should type it into Mailvelope's special Compose E-mail window, rather than the normal text area displayed by your webmail interface. Otherwise, your webmail provider can record unfinished drafts, as you are writing, without you knowing it.
All email addresses in the To:, Cc: and Bcc: fields will be copied to the recipients field of Mailvelope's Compose E-mail window. Your message will be encrypted to all public keys associated with the addresses shown here (and to your own public key as well). You can manually add or remove address in the Compose E-mail window. If any of these addresses are marked in red, it indicates that you do not have a public key for that recipient, and you will not be able to send the message unless you remove that recipient or obtain her public key.
Note: Because of the way OpenPGP works, you should not rely on the Bcc field to hide the existence of some recipients from other recipients.
Step 3. When you are done selecting recipients and composing your message, click[Encrypt]. Your message will be encrypted and transferred to your webmail's normal message area.
Using the browser on which you installed Mailvelope, log in to a webmail account with which Mailvelope has been configured to work, open an encrypted message that has been sent to you and follow the steps below:
Mailvelope will automatically detects if an incoming message is encrypted. It will display the Mailvelope icon over the encrypted message, as shown below
Step 1. Click the Mailvelope icon to activate the password screen.
Step 2. Type the passphrase you chose when you generated your key pair
Important: If you check the Remember password temporarily box, Mailvelope will remember your passphrase for 30 minutes. (You can change this length of time in Mailvelope's Options.) We recommend unchecking this box unless you are about to decrypting many messages.
Step 3. Click[OK] to decrypt the message
Note: If Mailvelope displays a message saying, Error! No private key found for this message, it means the sender did not encrypt this message to your public key (and may not even have your public key). You will not be able to decrypt the message. Contact the sender and ask her to re-send the message encrypted to your key. You might also want to send her your key and offer to verify your fingerprint.
Important: It is generally not a good idea to make unencrypted copies of encrypted messages or attachments and store them on your computer.
4.3 Signing messages and verifying signatures with Mailvelope
In addition to encrypting messages to someone else's public key, Mailvelope can sign them using your own private key. That way, recipients who have your public key can verify that a particular message really came from you and was not changed in transit.
Mailvelope does not currently allow you to sign and encrypt the same message.
Step 1. Compose a message in Mailvelope's Compose E-Mail window, as shown below:
Step 2. Click[Sign].
Step 3. Select a private key to use when signing the message.
Step 4. Click[OK].
Step 5. Type the passphrase for key you have selected.
Note that we deselected option Remember password temporarily.
Step 6. Click[OK].
The signed message will be copied to your webmail's message area, as shown below:
Important: When you sign an email, it will not be encrypted. Note that you can still read the content of the message above. The block of text below the message is the digital signature. Do not edit the message before sending. If you do, recipients will be told that your signature is invalid.
To verify a signed message, follow the steps below while viewing the message.
Step 1. Click the envelope with the red seal that is displayed over the message.
If you have the public key for this sender, a green box should appear above the message to let you know that it was signed by the corresponding private key and was not changed in transit.
Important: If you see a red box that says Invalid signature, the message may have been tampered with or sent by someone else. You should contact the person in the From: field using some other communication channel and confirm that she sent it.
If you see a yellow box that says Signed with an unknown key, it means that you do not have a public key that corresponds to the private key used to sign the message. You will not be able to verify the signature until you obtain and validate the correct public key.
To encrypt a file, follow steps below using the browser on which you installed Mailvelope.
Step 1. Click the Mailvelope lock icon in your browser toolbar and selectOptions to open the Mailvelope Options browser tab.
Step 2. Select the [File Encryption] tab.
Step 3. ClickEncryption on the left-hand side.
Step 4. Click[+ Add] to select files you would like to encrypt, as shown below.
In this example, we selected an image file called picture.png. You can add more than one file. Each of them will be encrypted separately to the public keys you select.
Step 5. Click[Next].
Step 6. Select a corespondent for whom would like to encrypt the selected file(s).
Step 7. Click[Add].
In this example we select keys for both Elena and Mansour. You can select more then one person, including yourself.
Step 8. Click[Encrypt].
Step 9. Click[Save all] to save the encrypted files.
Encrypted files will be saved to wherever your browser saves downloaded files (most likely the Downloads folder). The encrypted files will have a new extension, .asc. For example, picture.png will become picture.png.asc. You can now send the encrypted files as attachments using your webmail provider's normal attachment feature.
Important: Keep in mind that you still have the unencrypted version on your computer somewhere, so make sure to send the encrypted version (the one that ends in .asc). Also, remember that the original filename is still visible and will not be encrypted. So choose a name that does not reveal sensitive information.
To decrypt a file, follow steps below. If the encrypted file was sent to you as an attachment, these steps assume that you have already saved it somewhere on your computer.
Step 1. Click the Mailvelope lock icon in your browser toolbar and selectOptions to open the Mailvelope Options browser tab.
Step 2. Select the [File Encryption] tab
Step 3. ClickDecryption on the left-hand side.
Step 4. Click[Add] and select a file you would like to decrypt.
You can select multiple encrypted files, as long as they were all encrypted using the same public key.
Step 6. Type the passphrase to your private key.
Note that we deselected option Remember password temporarily.
Step 7. Click[OK].
Step 8. Click[Save all] to save the decrypted files.
Encrypted files will be saved to wherever your browser saves downloaded files (most likely the Downloads folder).
Q: Can Mailvelope be installed in different browsers like Safari or Opera?
A: No. At this time Mailvelope only works as an add-on/extension in Mozilla Firefox and Google Chrome or Chromium browsers.
Q: How many accounts may I generate key pairs for?
A: As many as you need.
Q: Does Mailvelope store my private keys anywhere online (for example, in a cloud)?
A: No, private keys are stored on your computer. For Firefox it's in a profile directory, for Chrome or Chromium it's a user data directory. However public keys may be uploaded to Mailvelope key server.
Q: Does Mailvelope allow to create keys that can work for limited time only?
A: Not at this moment.
Q: Can Mailvelope be installed for a portable version of a browser?
A: Yes. Once you do it you can copy the browser folder which contains the Mailvelope installation and all keys to a USB and use it on another computer.
What is difference between a public and a private key?
What is a fingerprint and how is it used?
What additional software is required to use Mailvelope?