The easiest tool to use is Mozilla’s email program, Thunderbird with the Enigmail extension. (Be sure to click “Save Link As…” and download the extension to your computer; otherwise Firefox will try to install it.) You’ll also need to download a the free GNUPGP software for Windows.
Here’s how to put it all together.
- Run the GPGP installer. It should put GNUPGP under your Program Files directory.
- Once you’ve downloaded Enigmail, in Thunderbird open Tools -> Options -> Extensions -> Install New Extension, and then choose the Enigmail extension file.
- When you’ve restarted Thunderbird with Enigmail installed, you will see an OpenPGP menu item. Open it and go to Preferences. There you’ll find a dialog to point to your GnuPGP binary. Click Browse. On my machine, GPG was installed under Program Files\GNU\GnuPG\gpg.exe.
- Now you’ll need to generate your public/private key pair. From the OpenPGP menu item, choose Key Management. From the Generate menu, choose New Key Pair. Choose the email address you want to create a key for, and set a passphrase. Hit the “Generate Key” button, and relax – it can take a few minutes.
When it’s done, you have the chance to generate a “revocation certificate.” This certificate can invalidate your public key just in case your private key is ever compromised. Go ahead and get your revocation certificate and save it.
Once that’s done, you’re all set to send encrypted mail. To find someone’s PGP key, from the OpenPGP menu, choose Key Management. From the Keyserver menu, choose Search. Search for another PGP user by name or email address and add his or her key to your key manager. Once it’s in there you will be able to encrypt mail to that person.
Then, compose your message as usual. Encrypt it by clicking the little key down on the lower right of your compose window. You can also cryptographically sign your message to prove it’s you; that’s the little pencil. Both of these buttons will turn green to show that they’re active.