Here's how to send super-secure messages like Edward Snowden

We live in a post-Snowden world. For many, that means assuming none of your digital assets are safe from surveillance.

There are ways, however, to use the internet and insane mathematics in your favour to ensure that no one can see whatever it is that you’re sending to someone else.

It’s called PGP, which stands for “pretty good encryption,” and it’s a way to encrypt your messages. Encryption, at its most basic form, is a way to cypher a message so that if anyone that sees the data in transit they have no way to know what the message says. OpenPGP is the most popular standard for digital encryption.

In fact, Edward Snowden first contacted journalist Laura Poitras to inform her of his trove of documents using PGP.

So let’s take a look at what PGP is and how easy it is to use.

So what is encryption?

Encryption is basically a way of jumbling digital data so that no one can see what it really says while it's being sent. For the purposes of this explainer, we're going to focus on what's called 'public key encryption' for email. This uses a multitude of cryptographic techniques to cipher every message using two factors that are constant to every person using PGP: a public key and a private key.

A public key is the information that is needed to encrypt a message. People wishing to receive encrypted messages make their public key readily available, as it's the only way for sources to begin the process of sending secure messages.

Encryption can change a plaintext message from this....

To this jumbled mess...

See? No one will know what the heck you're sending!

But can it be cracked?

The problem with any non-random code is that it can always, in theory, be cracked. PGP, however, is known for being one of the safest standards. In fact, leaked NSA documents indicate that the authorities were in the dark whenever a PGP message was intercepted.

This is all to say, that it's one of the best ways to ensure security.

There's two types of keys to remember.

A diagram explaining the basic of public key encryption

Public key encryption relies on two important things: public keys and private keys. A public key is usually quite easy to find. There are repositories online with people's public keys -- they exist so that people can indicate they are prepared to receive confidential emails.

Private keys, however, are not readily available. They are the password to any secret message you receive -- and they are necessary to decrypt a message.

Think of encryption as a safe deposit box with two keys: A person writes a message and uses the public key to open the box and put it in. When the message is in the box it is completely safe. But the only way to get the message out of the box is through another key, which only the recipient has.

So now that you know the basics, it's time to learn how to do it...

It always helps to get a sense for how PGP encryption works and to visualise the need for two keys (again, think safe deposit box).

But now let's look at how to set it up so that you can send your own encrypted messages...

How to use open-sourced tools.

The easiest way to get your own public key is to use a computer program that make the process much easier. GPGTools is a program that uses the OpenPGP standard (which is widely considered the best PGP standard) and is available for both Mac and Windows.

You can download it here. There are also other tools on the web that will work on other operating systems.

How to generate a public key.

There are ways to do this using a web browser, but it's safest to use a tool that is well-regarded by the privacy community. GPGTools is trusted by many and creates an easy way to set up your own public key.

To create an encryption key using its app GPG Keychain:

Click 'File' and then 'New Key.'

Next, enter your credentials.

Put in your name and email address.

Then choose a passphrase.

This passphrase is one of the most crucial steps. It's the 'public key' we've been talking about this whole time. Never share it with anyone, and never share it digitally. More, it should be long, random, contain numbers, caps, and symbols. In short, it must be insanely difficult to crack, so make it as complicated as possible.

And, voila! You've now created your very own public key.

You'll see a shortened sequence of bytes called the 'Fingerprint' in the GPG Keychain program. But if you copy a key and paste it in a textbox, you can see the entire public key (it will be longer).

This is what the new generated public key looks like when pasted into a textbox.

Pretty crazy, right?

Now you can use your GPG Tools app to send an encrypted message.

First, you must find the public key of the person you wish to send the message to. The GPG Keychain lets you look up keys. Once you find the key for the person you're trying to contact, click 'retrieve key' and it will be added to your keychain.

The Keychain works in Gmail.

If you want to send a message in Gmail, simply type the message you wish to send in Compose.

Then highlight the text, right click, and press 'Encrypt Selection To New Window'

Then, using the GPG Keychain list of public keys you've imported, you decide whose public key you're sending it to.

Then a new window pops up with the encrypted text!

You copy and paste that jumbled nonsense in place of the original message, click send, and you have just sent your first encrypted message!

How to decrypt an incoming message.

If you receive an encrypted message here's what you do:

You do the same text highlighting, but instead right click and select 'Decrypt Selection To New Window.'

It will ask you to enter your secret passphrase to finish the decryption...

...And then the plaintext message opens in a new window.

You have just sent and received your first encrypted message!

If you wish to encrypt a message without using a desktop app...

There are many websites that will do it for you. iGolder, for instance, has an easy web form asking for the public key, the message to encrypt, and will then perform the encryption to be copied and pasted into an email.

But it's important to keep in mind...

Vigilance is key. Many privacy experts will say that it's best to not compose a message in the compose box like Gmail's because it auto-saves, making it possible for a digital trail of what you're sending to made. For this sort of privacy, it's best write the message offline in a textbox and encrypt it within that.

A benchmark of operational security is sharing as little as possible. A way to do this is to avoid putting any unencrypted information online.

Now that you know how to keep your email secure, why don't you learn how to keep your mobile messages encrypted too...

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.