End-to-end encryption, and more specifically OpenPGP, is an essential part of what we do here at Mailfence.
However, OpenPGP encryption isn’t always straightforward, and proper key management remains a challenge. So in this guide, we will cover our best tips for securely managing your OpenPGP keys, including:
- how to generate and manage your OpenPGP keys;
- how to exchange OpenPGP keys with others;
- how to set expiration dates on your private keys;
… and much more! So let’s dive in.
Note: if you need a refresher on what OpenPGP is, check out this blog post here.
Tip #1: Generate the Strongest Key Possible
Mailfence by default generates a 4096-bit key using RSA (Rivest-Shamir-Adleman), one of the oldest and most widely used public-key cryptosystems.
Mailfence also supports key generation using Elliptic Curve Cryptography (ECC) with Curve25519 (256-bit key length).
ECC algorithms are generally faster and more efficient than RSA, especially in environments with limited computational resources. If you plan to generate your private key using an external tool, make sure it is based on either ECC with Curve25519 OR RSA with a 4096-bit key length.
Tip #2: Verify Public Keys
Anyone can upload keys to public key servers.
This means there is no reason that you should trust the given relationships, i.e. the association between the email ID and the public key.
You should therefore verify with the owner the full key fingerprint of their key. It is recommended that you do this verification in real life or over the phone (if possible) using a different channel than the one used for exchanging or downloading the contact’s OpenPGP public key.
As a reminder, the fingerprint is a hash of the user’s certificate and appears as one of the certificate’s properties.
If this is not possible, then look on places like social media, personal websites, blogs,… which belong to the individual you want to have a key fingerprint of – as some people simply publish their public key fingerprint.
Make sure to verify this fingerprint before importing it.
Tip #3: Don’t Just Rely on the KEY ID
Always check a given OpenPGP public key via its fingerprint, which is a 40-digit alphanumeric string (without spaces or dashes).
Even 64-bit long OpenPGP Key IDs (e.g., 0x44434547b7286901 –) probability of collision is potentially a very serious problem.
Tip #4: Update Public Keys in your Keystore
If you don’t update the public keys in your key store, then you do not get timely expirations or revocations.
Both expirations and revocations are very important to be aware of.
With Mailfence, you can do this by simply clicking on “Update from public server” on any imported public key that you have in your keystore.
If possible, perform a deniable key exchange!
You can deniably exchange keys by having an easily available and identifiable public key. Tell all correspondents to use your public key to contact you and include their public key in the encrypted body of the message.
This will protect you from all mainstream key exchange attacks. Just ensure that your public key is verifiable through multiple channels, including social media, public mailing lists, key servers, etc. The more channels that host your PGP key fingerprint, the harder it is for someone to attack them all.
Tip #5: Set Expiration Dates
Another tip that is often overlooked is to set an expiration date on your keys.
Users generally don’t want their keys to expire, but there are good reasons to let them.
Why? The point is to set up something that disables your key in case you lose access to it or if it has been compromised. The idea here is to set an expiration date that you can extend even after the expiration date.
This means the expiration date acts more as a “safety valve” that will automatically trigger at some point. If you have access to the secret key material, you can prevent the expiration.
A second tip here is to set a calendar event to remind you about your expiration date
It’s best to set up a calendar event in your Mailfence calendar that will remind you at the right time to extend your OpenPGP key expiration date. Again, you can always extend your expiration date even after it has expired! You do not need to make a brand-new key, you just need to extend your expiration to a later date.
Tip #6: Generate a Revocation Certificate
However, what happens if you forget your passphrase? Or if your private key is compromised or lost.
Then, the only hope you have is to wait for the key to expire (which is not the best solution).
A better approach is to activate your revocation certificate by publishing it on Public key servers. Doing this will notify others that you revoked the key. However, a revoked key can still be used to verify old digital signatures or, if the private key is accessible, to decrypt old data.
Note: Keep in mind that your revocation certificate is ready-to-use. If a crook gets access to it, then he/she can use it to revoke your key.
Tip #7: Securely Share your OpenPGP Keys
The first time you encrypt your emails with OpenPGP, you might be confused. How do I get my recipient’s public key? How does he get mine? Here are some of the most common methods you can use.
Method 1: Digitally-signed emails
The first option is to send a digitally signed email with your public key attached to your recipient. Subsequently, your recipient should do the same. This will require you to have the email address of your recipient in advance.
Method 2: Instant messaging apps
In most cases, this option will require you to have the mobile number of your recipient in advance. You also need to both be using the corresponding app.
If you plan on using this method, we recommend you use Signal.
If you are not certain of the identity of your contact, then follow the contact verification steps detailed here.
Method 3: Social media accounts and websites
A lot of people today are on social media (Facebook, X, …). This means you can send them a Direct Message with your OpenPGP public key in plain text.
You can sometimes find the OpenPGP public key fingerprint on a user’s website/or other online presence. Mailfence also provides the option of sharing documents via public links which can be used to share an OpenPGP public key.
Note however that fake social media profiles are common. So make sure you use the right one (by doing some checks). Social media profiles also get compromised. Always check your recipient’s profile for suspicious flags, just to be sure that it has not been compromised.
Method 4: Public key repositories
A public key repository is a place where public keys of different people reside.
We recommend using repositories or servers that implement email verification and are GDPR-friendly (e.g., keys.openpgp.org).
Alternatively, there are other open-public key servers based on the “OpenPGP HTTP Keyserver Protocol” specifications. Hockeypuck is one such implementation.
However, publishing public keys on these servers is a non-reversible process (your key cannot be deleted or entirely removed). An additional disadvantage of such key servers is that your key’s UID (name & email address) may become public.
Note that anyone can publish a public key on these open public key servers. Therefore, you need to ensure you have established some level of ownership trust before importing the public key of your contact.
Method 5: Meeting in person
If you know your recipient in advance and it is possible to meet in person, then this is probably the most suitable option. You can share or exchange the public key using a flash drive. Then exchange its fingerprint orally, or by any other possible means that is secure and reliable.
The goal when exchanging OpenPGP public keys is to ensure that they indeed belong to the claimed owner.
Tip #8: Back up your Secret Key Material
Double-check that you have an encrypted backup of your secret key material.
Ideally, you should backup your key (encrypted with your passphrase by default).
With Mailfence, you can easily back up your secret keys and any other sensitive document with our virtual cloud solution.
Also, make a backup of your revocation certificate and store it in a protected location on your device.
Tip #9: Make Proper Use of the User ID
Do not include a “Comment” in your User ID, if you don’t need to. OpenPGP User ID is usually to mention your name or alias and not for commenting.
Tip #10: Pay attention to Public key Servers
Most OpenPGP-based applications come with a single, specific key server with no other options for key discovery or exchange. This is not ideal because if the key server fails, or even worse if it appears to work but is not functioning properly, you may not receive critical key updates.
Not only is this a single point of failure, but it is also a prime source of leaks of relationship information between OpenPGP users, and thus a target for attacks.
Finally, all your interactions with the keyserver should be encrypted (over TLS/SSL – hkps), which will obscure your social relationship map from anyone who may be snooping on your traffic.
Tip #11: How to Reply to an Encrypted Email
Delete the decrypted content in a reply to an encrypted email, and only quote the relevant parts if necessary. Configure your application to not save drafts (or store them encrypted) by default and discard the encrypted messages from sent items or don’t keep them in plain text.
Tip #12: Protect your Meta-Data
Minimizing the contextual information leakage from the communication is also a good practice by simply hiding the meta-data (to, from, ip address, etc).
Where possible, and relevant, take control over that information and unlink it from data linked to you.
For example, you can control the From field by creating a new email account. The IP address of the sending email client can be changed by using a VPN, Tor, or a public Internet connection. The usual caveats about Tor apply: do not rely exclusively on Tor, if you need to protect your IP address then use an IP address that is not attributable to you.
For data privacy, the subject line should not refer directly to the content of the email. For example, “Subject: It was nice meeting you at Eiffel Tower!” provides almost full disclosure of what the email content is about.
Tip #13: Final Checks
Finally, here are some last checks you can perform on your OpenPGP keys:
- ensure your OpenPGP key format is not v3 or older;
- verify that your OpenPGP keys should have a reasonable expiration date (for instance, 2 years in the future).
If you have generated your private key using Mailfence, you can be assured that the keypair will be generated with strong technical parameters.
Last Word on OpenPGP Best Practices
This wraps up our guide on OpenPGP best practices! We hope you found it useful and will be able to put these tips into practice.
If you are interested in diving deeper, you can check out the following readings: