OpenPGP for Outlook
What Is It?
OpenPGP for Outlook is an add-in for Microsoft(R) Outlook(R) that sends and recieves
e-mails in an encrypted form.
How Does It Work?
OpenPGP for Outlook acts as an front-end to
the GNU Privacy Guard (GnuPG) program to seamlessly add secure
e-mail capabilities to Microsoft Outlook.
All encryption / decryption of data is handled by GnuPG.
GnuPG allows you to encrypt and sign your data and communication,
features a versatile key managment system
and, moreover, is free.
For more information see http://www.gnupg.org
GnuPG is functionally equivalent (superior in some respects)
to the commecial PGP software.
OpenPGP for Outlook will work with either GnuPG or PGP according to your preference.
How Secure Is It?
Very secure indeed.
Your messages and data will be protected from malicious persons or just idle curiosity.
From commercial rivals to criminal gangs,
Without the resources of the secret service of a major government dedicated
to the task for some weeks it is unlikely that your messages can be decrypted
by simple brute force.
Sufficiently interested parties may choose an alternative strategy
- see "So What Could Go Wrong?" below.
We would point out that a condition of use is that you
do not use it for any unlawful purpose.
Furthermore, your country may have specific regulations regarding
the use of encryption software.
It's Not Just Privacy
OpenPGP for Outlook will sign your messages too.
The electronic equivalent of putting your John Hancock at the bottom
of a paper document.
The signature uniquely and categorically asserts that the message was sent by you.
I Have Nothing To Hide
Good for you.
Neither do I but I still seal the envelope when I send a letter
through the post, have curtains on my windows and hide my PIN numbers.
Sending an open (i.e. not encrypted) e-mail has been compared to
writing the message on a postcard.
Anyone can read it.
Not just the postman but anyone whose hands it may fall into.
E-mails go from your computer to your ISP or the company server.
Then through various switches on the Internet before arriving
at the recipients ISP or company server and finally delivered to
the recipient's inbox.
And that assumes it's correctly addressed and delivered.
Along the way, the e-mail may be stored and is certainly available
for any interested party to inspect.
Your sent items folder : anyone with access to your
computer can read it - you do have password protectection on your
screen saver don't you?
Your company server : anyone in the IT department, and probably others too,
can read it.
Your ISP's mail server and they're obliged to keep make
a copy for the government (UK).
Any switch along the way can scan mail as it passes by.
Then all those points in reverse as it arrives with the recipient.
Misdirected on incorrectly addressed mail can end up anywhere in the World
and no pointless warning appended to the end of the message is going
to help you.
It's most likely that e-mails will be read by the wrong person close
to the sender or recipient.
I.e. where the information is most relevant and interesting
and the volume is lowest.
So, your computer, the recipient's computer and the respective company servers.
OpenPGP for Outlook encrypts the e-mail when it is sent.
It is stored in the sent items folder in encrypted form.
It passes through all mail servers and the Internet in encrypted form.
It arrives and is stored in the recipient's inbox in encrypted form.
So What Could Go Wrong?
You or the recipient could reveal your/his passphrase.
Your passphrase plus access to your computer gives access
to your GPG/PGP keyrings and hence to all messages you send.
The recipients passphrase plus access to his computer gives access
to all their messages, whoever sent them.
Choose your passphrase wisely and keep it secret.
To make life easier, OpenPGP for Outlook has the ability to retain your passphrase
so you won't have to enter it every time it's needed.
However, a miscreant could read private mail you've sent or send
mail purporting to come from you.
Choose the passphrase retention options according to the physical security
of your computer.
E.g. don't retain the passphrase if you are frequently away from your desk in
a busy office.
You or the recipient could print the message out.
Yes, but it's a very common way for private messages to go astray.
Someone could impersonate the recipient.
This is a targeted and determined though quite straightforward attack.
You know the recipient by e-mail address, which is easily intercepted,
and public key.
How do you know that the public key really belongs to the
Here we get into the GPG 'web of trust' which you can read more on
In summary, a public key that you obtain via a non-secure source, e.g.
open e-mail, or via an untrusted third-party may not be reliable.
Ideally public keys will be verified by some independent means,
e.g. key fingerprints can be confirmed by 'phone or fax;
keys can come via a trusted source such as your IT manager (assuming you trust him).
GPG allows you to assign trust levels to keys in your keyring.
Access to your computer.
Someone could steal your computer or your computer could be sold without
cleaning the hard disk.
Messages and data that you send start their life in open text
which is stored temporarily on the hard disk.
Likewise, encrypted messages must be decrypted by the recipient to read them
and the decrypted message is stored temporarily on the hard disk.
Even though this temporary data is deleted, it may not be
This is a feature of the file system.
GPG/PGP keyrings are safe, provided no one knows your passphrase.
Encrypted data is safe.
Key loggers, memory scanners, disk monitors can all pick up data
as it's entered and viewed.
This very early, test & development, version has several restrictions.
The add-in hooks into Outlook as an Exchange Extension.
It has been tested with Outlook 2000 and 2003.
It should also work with Outlook 98 and versions later than 2003.
With some effort, it could also be made to work with Microsoft Exchange client.
It handles a newly sent message when the message
is still processed via MAPI and has not be transformed into
it's final form ready to be transmitted over the Internet.
A this point the message headers are incomplete and it
is not possible to identify the sender, set the message
content type in the MIME header or obtain the MIME boundary
This has the following consequences:
It appears that these issues can only be resolved in the
transport service provider.
Which is the next stage of development.
The PGP key used for the sender defaults to the first key found in the secret keyring,
regardless of the sender name/e-mail address associated with the Outlook
account used to send the mail.
This isn't a problem for most people who don't have multiple identities,
i.e. accounts, set up in Outlook.
GPG also assumes the same default key so this workaround isn't with precedent.
The message that is transmitted does not conform to the OpenPGP MIME
standard set out in RFC3156.
The attachments for OpenPGP encrypted messages are created correctly,
with the correct MIME headers, but the MIME header for the whole
message is written by the Outlook transport service provider
and sets content-type to multipart/mixed instead of multipart/encrypted.
The work-around is to set your mail client to examine attachments
for PGP data.
Naturally, OpenPGP for Outlook does this and the option can't be turned
off at present.
Open messages cannot be signed.
The whole message, as transmitted, must be signed and the add-in
doesn't see the message in it's final form.
Encrypted messages can be signed.
The option to sign messages is disabled when encryption is turned off.
There may be interoperability problems with PGP.
GPG has a number of options for ensuring message compatibility
These have not been investigated or tested.
For download and installation instructions
click here .