Existing PGP users have three ways of using EasyCrypt:
Join EasyCrypt and protect your metadata
Get, in addition to encryption of content of your messages by your existing PGP key, also Tor-based anonymity and metadata protection (not available in the initial beta version).
Join EasyCrypt and use PGP on the go
Join EasyCrypt and import your keys. This will enable you to use end-to-end PGP email encryption securely from any web browser, even when you are away from your computer – for example, from an Internet cafe. If you use “Incognito” mode in the browser while accessing EasyCrypt, there will be no traces left on the computer. For extra security, you can access your email via EasyCrypt using Tor browser, at the onion address webmail.ezcrypt2dgcicxqj.onion. You can continue to use also your existing PGP-enabled email client.
Do not join – but use PGP with non-technical friends
Even if you do not join EasyCrypt, you can still use it to communicate with your non-technical friends using PGP: ask them join EasyCrypt and use their usual email account through EasyCrypt webmail when communicating with you. They may remain unaware of what “encryption keys” or “PGP” are – but they will be communicating with you using end-to-end PGP encryption!
Here is how this works. You send an email to firstname.lastname@example.org with your public key attached in armored ASCII format (for example, in Thunderbird you simply click “Attach my public key” button while composing the message). You will promptly receive an encrypted verification email with a link. You click on the link – and from that moment on emails sent to you by EasyCrypt users will be encrypted by your public key.
To get the public key of an EasyCrypt user, ask the user to click “Attach public key” checkbox when composing a message to you in EasyCrypt. That’s all.
Yes. EasyCrypt uses IMAP to access your email account, just like your PGP-enabled email client.
Yes.You can use the same key if and after you join EasyCrypt.
To register your public key without joining EasyCrypt, follow the procedure described in “Do not join – but use PGP with non-technical friends” above.
No, but you can replace it with another key. To do so, simply email your new key to email@example.com. The ensuing automated verification procedure (similar to the one used when you first registered the old key) will result in the replacement of your old key with the new one.
No, and this is by design. Public key servers are not secure since they do not perform a cryptographic verification of your ownership of the key. This facilitates potential man-in-the-middle attacks.
EasyCrypt’s cryptographic procedure of verification of the binding between your email address and your public key is much more secure.
Ask a question
Send this to a friend