next up previous contents
Next: I want to use Up: I want to use Previous: Using GPG For Windows   Contents


Using GPG For Windows With Outlook

There are basically eight things which you will do when working with encrypted email. They are:
  1. Distribute Public Keys
  2. Get Public Keys
  3. Verify Public Keys
  4. Sign Public Keys
  5. Encrypt Email
  6. Decrypt Email
  7. Sign Email
  8. Verify the Signatures on Email
For all of them, you will need to have a ''DOS box'' open. To open a ''DOS box'', take the following steps:
Windows NT
Click ''Start'', ''Programs'', ''Command Prompt'' .
Windows 95/98
Click ''Start'', ''Programs'', ''MS-DOS Prompt'' .
Let's go through each item, one step at a time.
Distribute Public Keys
Everybody with whom you regularly exchange email should get a copy of your public key. Simply send them a message, and include the key in it. In order to do so, take these steps:
  1. Create a new email message, just like you always do.
  2. Once you're done, you're ready to add your public key to the message.
  3. On the ''Start bar'', click on your ''DOS box''.
  4. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -o c:$\backslash$ gnupg$\backslash$ pubkey.txt -a -export email where ''email'' is your email address.
  5. Type in the following command: notepad c:$\backslash$ gnupg$\backslash$ pubkey.txt.
  6. Click ''Edit'', ''Select All''.
  7. Click ''Edit'', ''Copy''.
  8. Click ''File'', ''Exit''.
  9. Back in the Outlook email message, click on ''Edit'', followed by ''Paste''.
  10. Click on ''Send''.
You've just sent your first public key. You can use the same procedure to send other public keys which you have received, as well.
Get Public Keys
The easiest way to get a public key is to have somebody email their public key to you. While this is very insecure, we will verify that we have gotten the right one in the next step. Simply email the person you wish to converse with, and request their public key. They'll then send it to you. When you receive their public key, take these steps to make sure you've got the right key.
  1. Open the email message.
  2. Click ''File'', ''Save As''. Save the file as ''c:$\backslash$ gnupg$\backslash$ public.txt''.
  3. On the ''Start bar'', click on your ''DOS box''.
  4. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -import c:$\backslash$ gnupg$\backslash$ public.txt.
Verify Public Keys
Now, we have to make sure that the key we received actually belongs to the person we think we it does.
  1. On the ''Start bar'', click on your ''DOS box''.
  2. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -fingerprint email where ''email'' is the email address of the person who sent you the key.
  3. At this point, you need a reliable way of speaking with the person whose key you are reviewing.
  4. Once you are able to talk to the other person, have them look at their public key just like you are.
  5. Read the fingerprint you see to the other person. They should read their fingerprint while you read. If the two keys match, then you have definitely received that person's public key.
Sign Public keys
By signing the public key, we are saying we know that this key belongs to this person. We can send this signed key back to the person who sent us the public key, and they can use our signature to help prove their online identity. This step is optional, but is done as a courtesy to other people who are online.
  1. On the ''Start bar'', click on your ''DOS box''.
  2. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -edit-key email where ''email'' is the email address of the person who sent you the key. Type in the following commands:
    • sign
    • y
  3. Enter your password.
  4. Type ''quit''.
  5. When asked to save changes, type ''y''.
It is worth noting that we are not claiming to trust this person by doing this. We are saying that we are very certain this person actually is who they say they are.

You can then use the same process as in ''Distribute Public Keys'' to send out keys which you have signed.

Encrypt Email
In order to encrypt an email, you need to take a few more steps than you normally would.
  1. Type up the email in a normal way, such as in Notepad, or Microsoft Word. Save this document on your hard drive as ''c:$\backslash$ gnupg$\backslash$ sendme.doc''
  2. On the ''Start bar'', click on your ''DOS box''.
  3. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -a -r email -encrypt c:$\backslash$ gnupg$\backslash$ sendme.doc where ''email'' is the email address of the person you are sending to.
  4. Using the same program as you used to type it (Notepad or Word), open the file ''c:$\backslash$ gnupg$\backslash$ sendme.doc.gpg''.
  5. Click on ''Edit'', ''Select All''.
  6. Click on ''Edit'', ''Copy''.
  7. Go into Outlook, and create a new email message.
  8. Make sure you type in the email address of the recipient.
  9. Give the message a subject.
  10. When in the body of the email message, click on ''Edit'', ''Paste''.
  11. Click on ''Send'' ''OK''.
Your message will be encrypted and sent. You may, of course, combine signing an email with encrypting an email, simply by combining these two steps.
Sign EMail
In order to encrypt an email, you need to take a few more steps than you normally would.
  1. Type up the email in a normal way, such as in Notepad, or Microsoft Word. Save this document on your hard drive as ''c:$\backslash$ gnupg$\backslash$ sendme.doc''.
  2. On the ''Start bar'', click on your ''DOS box''.
  3. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -a -s c:$\backslash$ gnupg$\backslash$ sendme.doc where ''email'' is the email address of the person you are sending to.
  4. You will be asked for your password. Type it in.
  5. Using the same program as you used to type it (Notepad or Word), open the file ''c:$\backslash$ gnupg$\backslash$ sendme.doc.gpg''.
  6. Click on ''Edit'', ''Select All''.
  7. Click on ''Edit'', ''Copy''.
  8. Click on ''File'', ''Exit''.
  9. Go into Outlook, and create a new email message.
  10. Make sure you type in the email address of the recipient.
  11. Give the message a subject.
  12. When in the body of the email message, click on ''Edit'', ''Paste''.
  13. Click on ''Send'' ''OK''.
Your message will be encrypted and sent. You may, of course, combine signing an email with encrypting an email, simply by combining these two steps.
Decrypt EMail
Now that you've given people your public key, they will send you encrypted and signed email on occasion. Reading it is really as easy as two mouse-clicks, and remembering your password.
  1. Open the email message.
  2. Click ''File'', ''Save As''. Save the file as ''c:$\backslash$ gnupg$\backslash$ public.txt.asc''.
  3. On the ''Start bar'', click on your ''DOS box''.
  4. Type in the following command: c:$\backslash$ gnupg$\backslash$ gpg -o c:$\backslash$ gnupg$\backslash$ public.txt -decrypt c:$\backslash$ gnupg$\backslash$ public.txt.asc.
  5. You will be asked for your password. Type it in.
  6. Type in the following command: notepad c:$\backslash$ gnupg$\backslash$ public.txt.
The decrypted message will appear on the screen.
Verify Signed EMail
You can also check the identity of the sender. Use the same steps as in ''Decrypt EMail''. The last 2 lines of the message will contain a ''GPG Signature Status''. If the status reads ''good'', then everything is fine. If not, then somebody has tampered with the message along the way.
next up previous contents
Next: I want to use Up: I want to use Previous: Using GPG For Windows   Contents
Greg Wooledge 2000-10-11