Bersoft Private Mail (BPM) uses asymmetric encryption keys to provide end-to-end email encryption. Email messages remains encrypted on internal relay mail servers and when it is stored on the cloud. The message may be stored online, in Gmail, Outlook or other service, but only BPM will be able to read it.
BPM uses RSA asymmetric keys to protect the messages in transit (like PGP does), but it simplifies the management of encrypted messages. Asymmetric keys means that instead using the same password to encrypt and decrypt messages, to different passwords are used. RSA keys are comprised of two passwords (or keys): one that is private and other that is public. You should keep the private key to yourself.
The private key is what you will use to decrypt emails sent to you, and to digitally sign emails that you send to show they truly came from you. Your public key will be used for all your correspondents to encrypt the messages they send to you and to verify the emails you send them. Therefore before sending/receiving encrypted message you will need to exchange RSA Public keys with your correspondents. BPM makes simple exchanging Public Keys, and encrypting/decrypting/signing is done transparently.
With the public key (of others) you can encrypt the messages that you are going to send to them, and verify that the message you receive came from the intended sender.
With your private key you can decrypt the messages encrypted by other people with your public key and also sign your outcoming messages to certify they are truly from you.
Before sending/receiving encrypted message you will need to exchange RSA Public keys with your correspondent.
You will use always your own Private Key to decrypt all received messages. Your Private Key should not be shared with anybody.
To encrypt the messages you send you will use the Public Key of your correspondent.
This task seems complex, but once you exchange Public Keys with your correspondent BPM will take care of all details automatically.
Your Private Key, not only is used to decrypt messages but also to sign all messages that are sent. The signature of all encrypted messages will be verified on the receiver's side with the sender's Public Key. This process (signing and verifying) is completely transparent and automatic. If the signature of a message is invalid BPM will show the following message: This message has an invalid signature. Its sender may be fraudulent!
Signing messages will prevent malicious people, who obtained your Public Key, from impersonating your friends, sending fake messages.
If the signature of a message is invalid, the message is malformed or its signature cannot be verified because its corresponding Public Key cannot be found, BPM will not allow access to that message! (see Troubleshooting, below to learn more about this issue).
The following paragraphs show how to handle Public Keys. If you are in a hurry you can use the Wizard to walk you through this process.
To open the Wizard click and select Wizard.
Click either the Configuration -> RSA Key Management or the button (on the toolbar below the menus). A menu with three items will appear:
Generate RSA Keys
Manage your RSA Key Pairs
Manage Public Keys from other people
Select Generate RSA Keys. That will open the Generate Privacy keys window, from where you can general your public and private RSA keys.
Before generating your keys, select the RSA Key Size, it can vary from 512 to 4096 bits. The longer is the Key, the more secure is the encryption. It is advisable to use 2048 or 4096 bits keys, which offer the most security. 512-bit keys should be used only for evaluation purposes, 1024 bits keys may be breakable in the near future.
BPM evaluation version is limited to use 512 bits keys, which will protect your messages from spying while they are in transit, but not as securely as longer keys will do, because they are breakable.
You will be asked to enter a name to identify your key. Notice that you will need to generate your key pair only one time (or two times if you upgrade from the evaluation to the full version). It is not advisable to change your keys without a solid motive, since you would need to send your new Public key to all your friends to replace the older one.
BPM will save your Public and Private keys, as encrypted files, The Private Key is the one that protects your privacy. Anybody that has that key would be able to decrypt your messages in transit, but since it is stored in encrypted form it is well protected against misappropriation.
Click the button to generate your key pair. BPM will only ask for the key pair name before generating them. You have to type a simple name, like "MyOwnRSAKey", not a password.
The key pair will be saved as two files (the Private and Public Keys) in the Config folder, inside BPM Main folder.
A 4096-bits key pair will take about one hour to be generated, but since it has to be created only one time, the delay is not a real problem. Notice that when you Backup your settings, your own RSA Keys and the public keys from your correspondents, will be saved as well. It is very important to keep a backup, because if you hard disk fails or your computer is stolen you will not be able to communicate in encrypted form anymore, if you didn't back-up your own key pair and the public keys from your correspondents..
After the key pair is generated successfully a notification window will appear.
The easiest way to share your Public Key with somebody is to send an email.
Click the button to open the message editor.
Click the button, in the Message Editor, to attach your Public Key to the message.
After receiving your Public Key your friend will be able to use it to send encrypted messages to you. On the other side, only after you receive the Public Key from your friend you will be able to encrypt the messages that you send him/her.
When BPM receives an email with an attached Public Key, the Key will appear as an attachment, with the name BPM_RSA_PUB_KEY. Select that attachment, BPM will ask you if you want to add that Public Key to your address book.
Click Yes, in that way BPM will save the Key and associate it with the email from where it came
Provided that you and your friend exchanged your Public Keys, you will be able to communicate using encrypted messages.
When you send a message to a person from who you received a public RSA key you will be asked if you want to encrypt it.
If you want to encrypt automatically the messages sent to some people or, on the contrary, you don't want to use encryption anymore. Click the button on the main toolbar to open the Address Book and edit the Message Encryption Options for that person. Learn More.
After your send or receive a Public Key it is very important to validate it, to make sure the Public Key is the proper one, to prevent hackers from tampering with your messages and to avoid them to send fake messages impersonating one of your friends.
The only way to be sure that you are using a valid Public key is to use an secure channel to verify that the key you have received comes from the proper people, by validating the Public Key with its fingerprint..
Read Validating Public Keys to know how to generate and use fingerprints for validation.
To be unencrypted successfully, an RSA encrypted message should have been encrypted with the Public Key that belongs to the Private Key that is active.
If you sent your Public Key to somebody and afterwards you generate a new Key Pair, your new Private Key (the one used for decrypting) will not long match your previous Public Key and hence, decryption will fail when people send you messages encrypted with your previous Public Key.
You can have several key pairs (public and private), but only one of them can be active at any time (usually having several key pairs is not a good idea).
If you keep a copy of your previous Private Key, you can make it active and then decrypt any message that was encrypted with the matching Public Key. After you made active the proper Private Key, select the message in the Main Windows and click Messages -> Decrypt RSA Encrypted message/s (you can select and decrypt several messages at once, if all them were encrypted with the same Public Key).
The Public Keys from your correspondents are associated with the email addresses of each of them. If somebody sends an encrypted message from an address that is not linked to the corresponding Public Key, when BPM tries to verify the signature of the message, it will fail, because BPM needs to know which Public Key is associated with that message.
To fix this issue, add the email address of the message to the Address Book entry for its sender. Then click on the message, and it will be decrypted and displayed, after its signature is verified (it can take a while to decrypt and verify it, be patient).
If you need to decrypt a message, no matter if its signatured is invalid, select the message, open the contextual menu (right-click on the message) and select Decrypt RSA encripted message/s.