Upgrade Your Webmail With Encryption
What has prevented you from using encryption with your webmail by now?
I guess, there was no easy way to use it. The "Encrypt message" button simply wasn't there. This has changed now, as the web encryption extension can be used with webmail. The webmail application you are using may not provide you with this upgrade today, but integrating the encrypt button into your webmail application is possible, and may become a standard, soon.
Is it complicated to get the encrypt button working?
Not really, because the most important part, the standard GnuPG encryption software probably is already installed on the server. What's missing is the link between your webmail application and GnuPG, and an easy way to keep track of your encryption keys. But it's not difficult to close this gap. The Web Encryption Extension is a free and open source solution that can be downloaded directly from the download page.
The basic idea behind this solution is to read the text input of the webmail before it is sent out and perform encryption on the input using GnuPG. It then stores back the encrypted result into the input box so that hitting the send button will send out the encrypted text instead of the clear text. In many cases there is no need to change a single line of webmail code, as the software is an extension that works separately on the server. Some information, of course, has to be provided about where to find the text input in the webmail application. And graphical buttons must be added to the webmail code, which can usually be provided by modifying the skin files. As you see, it shouldn't be much work to upgrade a running webmail application.
After upgrading has finished, the webmail user will find an "encrypt" and "decrypt" button in the compose window and a "key" button to manage recipient's public keys. As the webmail application assigns a unique identification number to each user, the encryption software is able to create a separate key database that is accessible only to the particular user after login. Initially this key database is empty and every user has to store his recipient's public key and a private key for decryption in his or her own key database using the key management tool.
Is it secure to store a private key on the server?
Strictly speaking, no. There is no guarantee that nothing can go wrong, because absolute security is nothing you can get, nobody will provide it to you. Whenever a private (secret) key is used, a big security issue arises. There is a risk that your private key may be compromised when it is stored on the server, because when it is used, you need to enter a passphrase that protects your private key that will unlock the private key for decryption. The moment it's actually used, the private key is at risk.
But essentially that's no different than using it on your local machine. In an ideal environment, the private key may well be more secure on the server than on your local computer. Adding the encrypt button to a software and making encryption/decryption usable for people who are not tech-savvy, does only make sense, if the server meets some basic requirements to ensure that the risk of a compromise of private keys is very low. It cannot be zero. You cannot take any online server regardless of its security and use private keys. I'd better say, you shouldn't.
Checking that certain requirements are met is of course the job of the software, and a number of essential conditions (i.e the use of https, minimal access permissions of key files, rejection of empty passphrases) are checked, so that the software refuses to work in insecure environments.
Organizing your encryption keys
Although using encryption has become easy, the web encryption extension does not relieve you of knowing what you are doing. You have to understand that you'll need a public key for every person you are trying to communicate with securely, and you will need to get your addressee's public key in a reliable way and enter it into your public key database with the key management tool. This tool allows you to list all public keys and add new ones as well as to remove keys you do no longer use. It also assists you with uploading your private key if you already have one or with creating a key pair for you that will be protected with a secret you can invent (and keep safe) for this purpose.
If you'd like to set up your own webmail application with encryption enabled, go ahead, we've covered all the technical details in separate tutorials that are easy to follow:
At the moment, there are guidelines for:
Should you rely on other persons to set up your webmail, take the initiative and ask for an upgrade, the Web Encryption Extension is free and open source, there shouldn't be a reason not to use it.
Stay tuned, and spread the word.