Browse by Topic: Encryption
How to enable IMAP encryption on an Android device
Last modified on 24 August 2018 01:20 PM

PGP encryption and decryption is not available in most mail clients, and those that do feature PGP support may not be compatible with StartMail's web interface. The following email applications on Android are known to support PGP encryption to a degree:

  • K-9 Mail: Supports encryption and decryption of PGP attachments using the companion application APG. K-9 and APG are not currently compatible with encrypted messages sent from StartMail via StartMail's web interface, but encrypted emails composed in K-9 Mail can be viewed using StartMail.
  • R2Mail2: Supports encryption and decryption of PGP attachments natively. R2Mail2 currently supports encryption and decryption of StartMail emails, and can compose encrypted emails that are compatible with StartMail. 

StartMail does not endorse any third-party email client, and makes no guarantees that any of the applications mentioned here are compatible in any way with StartMail, PGP, or any other service or technology. StartMail does not offer support of any kind for any third-party products, and recommend that you consult with the application creator for help in configuring IMAP or encryption on your mobile device.

K-9 Mail Client Setup:

To set up PGP Encryption on your Android device using K-9 Mail (required for PGP support), make sure you have first set up StartMail in K-9 Mail and have set up PGP encryption in StartMail.

Once that is completed, download and install APG.

1. Open StartMail in a web browser, and navigate to Settings > Mail Encryption. Ensure that Use Advanced options is selected and then click Export my own key pair below. Copy and paste the text that begins and ends with -----BEGIN PGP PUBLIC KEY BLOCK----- and -----END PGP PRIVATE KEY BLOCK----- into a text editor, such as TextEdit, and save this to disk.

2. Transfer the text file to your Android device; this will be necessary for importing your keypair to APG. There are a lot of methods of doing this. Here are two straightforward methods:

  • Transferring via Android File transfer and a file management app such as OI File Manager (recommended). Download Android File transfer and attached your device to your computer. From a Web browser, export and save your keypair as a text file. Then drag and drop that file in Android File transfer to the desired directory. Your Downloads folder will work nicely.
  • Transferring the file via email (not recommended.) To do so, send the keypair file as an attachment to an encrypted email to yourself. On your mobile device, visit StartMail.com and download the keypair file to your device.

3. Open APG.  If the option in the upper left-hand corner does not say "Import from file," tap the menu and select "Import file file," and then and open on the right side of the screen. You may need to tap import in the upper right-hand corner first.

4. Tap the white icon on the right that says Open.

  • If you used the first method described in Step 2, from the side menu on the left, tap OI File Manager (or whatever file manager you use), navigate to the directory where you dropped the file in Android File Transfer and select your key pair and then tap Pick file.
  • If you used the second method described in Step 2, from the side meny on the left, tap Downloads and select your key pair.

5. You will now see both your keys checked. Tap Import selected keys at the bottom of the screen.

6. To send an encrypted email, open K-9 and compose an email as usual, then:

  1. When you are finished, select the Sign and Encrypt boxes.
  2. Now tap the send icon. A screen will appear asking you to select which secret key you want to sign the message with – tap the entry that corresponds to your StartMail address and then tap OKAY at the top of the screen and when prompted, enter your passphrase.

Note: In order to send and receive PGP encrypted messages in Mail, you will need to import the public keys of each recipient.

7. Since Steps 2-5 can be cumbersome, it’s a good idea to have your contacts attach their public keys to messages they send to you. If they do that correctly, you’ll be able to perform the following steps to import their public key and thus be able to send a receive encrypted messages to and from those contacts:

  1. Open their message in K-9 mail (this is a message to which the sender has attached his or her public key)
  2. In the email, tap Show Attachments
  3. Tap Open next to the .asc file; this launches APG
  4. Tap Import selected keys
  5. Enter your passphrase and confirm

After performing these steps, you will have files on your device containing PGP keys for you and your contacts. If you wish to dispose of those, you should look into a secure, lightweight file management app. We recommend Android File Transfer or OI File Manager.

Further support for K-9 mail and APG can be found here:
https://github.com/K-9mail/k-9/wiki/Manual
https://securityinabox.org/en/guide/apg/android/

 

R2Mail2 Mail Client Setup:

Before proceeding, you'll need to save your StartMail PGP key pair in a text file on your Android device. If you are familiar with the Android operating system and are comfortable doing so, you can export your keypair from within the StartMail web interface and save it to a text file. If you're not sure how to proceed, follow these instructions:

1. Open StartMail in a web browser on your desktop or laptop computer, and navigate to Settings > Mail Encryption. Ensure that Use Advanced options is selected and then click Export my own key pair below. Copy and paste the text that begins and ends with -----BEGIN PGP PUBLIC KEY BLOCK----- and -----END PGP PRIVATE KEY BLOCK----- into a text editor, such as Notepad or TextEdit, and save this to disk. We do not recommend using Microsoft Word or Wordpad, but if you do, be careful to save the keypair as a Plain Text File instead of a Word Document or Rich Text File.

2. While still on your desktop or laptop computer, log into your StartMail account on the web, and compose a new encrypted email to yourself. Attach the file you just created to this email, and send it.

3. Return to your Android device, and open StartMail in a web browser. Find the email you just sent to yourself, and save the attachment to your device (for example, to the Download folder).

4. Return to your Android device and open R2Mail2. Your StartMail IMAP account should already be configured, as described in article

5. In the Accounts list, tap the "key" icon at the top of the screen.

6. A list of storage locations on your device will be shown. Navigate to the folder that you saved your keypair file in, and select it to import the key pair into R2Mail2. If you're not sure where the file is, or if you weren't prompted to choose a download location, it's likely in /sdcard/Download, or /Download.

Note: If r2mail2 fails to recognize your key, try changing the file extension to ".asc" instead of ".txt."

7. After tapping the keypair file, it will be imported into R2Mail2 and a confirmation message will be displayed. You can now return to your Inbox and beging composing and reading encrypted emails. Note: You'll need the public key for any user to whom you would like to send encrypted emails. They can do this in the StartMail web interface by selecting the option to attach a public key when sending you an email, or by exporting their public key into a text file and attaching it to an email and sending that to you.

8. To send an encrypted email, compose an email normally in R2Mail2 and select the Encrypt option. To decrypt an email, simply select it from your inbox. In both cases, you'll be prompted to enter your PGP passphrase, and the application will offer to store it for you so you don't need to re-enter it when encrypting emails in the future. 

(16 vote(s))
This article was helpful
This article was not helpful

Still haven't found the answer to your question? Click here to contact support.