Add encryption to Gmail with Greasemonkey

Jack Wallen tells you an easy way to add encryption to Gmail, using the Greasemonkey add-on from Firefox.

I tend to be one of those paranoid types. And if you are one of the legions of paranoid users out there, you might think twice about sending sensitive information using Gmail; however, encrypting your email adds a layer of protection to any communication that you want to remain confidential. Recently, I covered how to set up encryption in Outlook 2007, and now I want to do the same for Gmail.

Gmail is not set up to use encryption, but it's a feature that can be added -- if you're using the Firefox browser. And believe it or not, it's fairly simple to do.

What you need

  • A Gmail account.
  • Firefox 3.0 or higher
  • Greasemonkey add-on installed
  • Public and Private key

If you don't already have Greasemonkey installed, just open up Firefox and click on Tools |Add Ons. When the Add Ons window opens, click on the Get Add-Ons tab and then search for Greasemonkey. Install that Add On and you're almost ready to begin.

The next step is to install this Greasemonkey script that actually handles the encryption/decryption. This is installed in similar fashion to the installation of the Greasemonkey add on itself. And, as with Greasemonkey, you will have to restart Firefox to complete the installation.

The final step, before the actual encryption/decryption can happen, is you have to generate a public and a private key for this. The author of the Greasemonkey script has created a very ingenious method, using RSA in JavaScript. If you go to this page, you can generate both a public and a private key. These keys are shorter than your standard key and can be saved in a file for your use. Now, make SURE you use only prime numbers when you generate your keys, otherwise they will NOT work. Remember, a prime number is a natural number that has exactly two distinct natural number divisors: 1 and itself. If you don't want to do the math, you can visit this page to get a list of prime numbers you can use.

After you enter your prime numbers (and an optional starting E value) click the Generate Keys button and you will be returned two different keys (public and private) that look like:



It should be obvious which is your public key and which is your private key. You will want to give your public key to anyone that will need to decrypt your Gmail email (and remember, they have to have the same setup in Firefox in order to do so).

Encrypting your mail

To encrypt a message, compose your email and then copy and paste your private key into the Private Key field in Gmail, which appears after the installation of the Greasemonkey script is complete; see Figure A.

Figure A

Your encryption key will NOT be stored so you will want to make sure you save both to a file.

Now, add the Public Key of the recipient to its corresponding field. It is crucial that you copy the right public key. If you copy the wrong public key, the recipient will NOT be able to decrypt the email. Click the Encrypt button and the body of your email will be instantly encrypted. You can now send it, safe from snoopers.

Decrypting mail

The process of decrypting is just as easy (with one little glitch). When you receive an encrypted email it will have been encrypted with YOUR public key, so what you need is to copy YOUR private key into the Private Key area. After you have done that, you first have to click Reply to the email as that is the only way the system can actually decrypt the mail. When in the Reply window, click Decrypt and the message will instantly be decrypted (assuming the sender of the email encrypted it with the correct public key).

That's all there is to encrypting/decrypting in Gmail. It's not a perfect solution, but it's the easiest one I have found for using encryption with Gmail.


Have you used this encryption method with Gmail? If so, what was your experience? Or, have you found a better method of encrypting when using Gmail? If so, share with your fellow TechRepublic readers.

By Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He's covered a variety of topics for over twenty years and is an avid promoter of open source. For more news about Jack Wallen, visit his website jackwallen....