On Encryption


Sending e-mails is not like sending a letter. Everybody knows that. Letters are made of paper, they have to be printed, they need a stamp but most of all, letters are closed and unreadable to the transmitter. E-mails are not: every server an email is send to, before it reaches the recepient, can read, copy and even change the contents and all attachments. This, of course, is not what I want. I want to send a letter, that is closed and sealed so that it will reach the recepient unread and unchanged. Since I don't want to print my e-mails out, I use encryption.

A very strong and widely used way to encrypt e-mail is to use the OpenPGP algorithm as implemented in GnuPG. PGP is an asynchronus end-to-end-encryption, which means that there are two keys:

To send someone an encrypted message, you need to know their public key. Then you use it to encrypt the message (1). After that you can no longer read the message yourself. Now the message is send to the recepient. Any attacker trying to read or change the message on its way will fail. The recepient can then use their private key to decrypt the message (2) and read the message.

How to send me encrypted messages

Sending encrypted messages is fairly easy once you have everything set up. All you really need is an email client and an encryption plugin. Here it is explained for Enigmail in Thunderbird.

My keys can be found on this server: https://lorenz-sieben.com/public/keys


All my public keys are stored on the server at https://lorenz-sieben.com/public/keys. Below are also sha-256 hases of all stored keys. To check the keys after the download run $ sha256sum key.asc (Linux) or $ shasum -a 256 key.asc (macOS).