At some point in your mobile life, you’re going to need to send an encrypted message. Whether it’s mission-critical, sensitive business data, personal information, or a secret family recipe, the need to hide that information away in an encrypted missive will come to the fore. When that moment arises, you want to be ready. If you happen to use the Android platform, worry not…there are plenty of means to that end.
These are four ways you can send an encrypted message on the Android platform. The sending methods will vary, but the end results will be the same: encryption.
SEE: Free ebook–Executive’s guide to mobile security (TechRepublic)
K-9 Mail and OpenKeychain: Easy PGP
If you’re looking for an email app that offers solid encryption, you’d be hard-pressed to find a better one-two punch than K-9 Mail and OpenKeychain: Easy PGP. With these two apps together, you can work with encryption keys (generating, importing, and exporting), send encrypted email, and decrypt incoming email.
An important detail about using these two tools is the order in which you install them. Before installing K-9 Mail, you must first install OpenKeychain and then, from the app’s main window (Figure A), generate a new PGP key.
After installing OpenKeychain and generating a key, install K-9 Mail and walk through the process of setting up your email account. Once the account is properly set up, tap the menu button (bottom right corner of K-9 Mail), tap Settings | Account settings, tap Cryptography, tap OpenPGP App, select OpenKeychain (Figure B), and grant OpenKeychain access.
Select the key you generated with OpenKeychain, and now you’re ready to start sending encrypted emails. The usual encryption rules apply here, such as the need to import any PGP public keys from users that you want to send encrypted messages; otherwise, you’re good to go.
If you’re looking for a way to encrypt your SMS messages, Signal may be your best bet. Signal allows you to use your existing contacts, do group chats, and make private phone calls. Signal communicates, via SMS or voice, using advanced end-to-end encryption called TextSecure.
The one caveat to Signal is that anyone you are communicating with must be using Signal to view encrypted messages. Anyone not using Signal will be sent unencrypted messages. If you send an unencrypted message to a user, a message will appear at the top of the chat encouraging them to install the app.
Installing Signal is handled as you would any Android app. During the installation, you must first verify your phone number. Then, Signal will automatically generate your encryption key and apply it to your phone number. When the installation is complete, Signal behaves like any other SMS client. Messages to users who are already using Signal will be automatically encrypted, so there are no extra steps for the user to take.
SEE: Don’t use Android pattern lock to protect secrets, researchers warn (ZDNet)
Encrypt text with CryptMax
If you’re looking for a really simple means to encrypt a quick message so that you can paste that message into an email or an SMS message, you can’t go wrong with Encrypt text with CryptMax. With this tool, you install it, type in your message to be encrypted, enter an encryption password, and tap ENCRYPT (Figure C). Now copy the encrypted message, paste it into your email or SMS client, and send away.
The recipient of the message will need to install the same app and know the encryption password used for the message. Once the recipient has that, they paste the message into CryptMax, type the encryption password, and tap DECRYPT.
If you don’t want to bother installing an application, you can always use something like the Encrypt Easy website. In the designated box, you enter the text you want encrypted, enter an encryption password, tap Encrypt (Figure D), and then copy the resultant message.
Paste the encrypted message into an email or SMS message and send it. The recipient of the message will need to either go to the same site used to encrypt the message or make sure whatever app/service they use to decrypt it works with the same encryption algorithm; if it doesn’t, encryption will fail.
The choice is yours
There are a number of variations on each of these types of apps; the route you take and which app you choose is up to you.
Some people might consider the web-based route a bit less secure because a third-party is involved. If you’re looking to send sensitive company information, you’ll probably want to work locally and use an app specifically designed for the sending of such data.
From this list, the K-9/OpenKeychain combo would be your most secure and best bet.