Samsung Android Email now comes encryption capable. Below are the steps and screenshots to get your phone up and running. Below are some basics to email encryption. You can skip the discertation and go directly to the red text for instructions on how to use the Native Samsung Email Encryption.

Encrypted email will allow you to type an email (with attachments) which can then be encrypted with a recipents public key. Once encrypted, the email is unreadable until it reaches the recipient who has a Private Key (a.k.a. Secret Key) which can be used to unlock the email rendering the mail now readable. Before someone can send you encrypted mail, you must first send them your Public Key. This Public Key can be sent over email or can be maintained on cloud key servers with no potential compromise.

It is important to outline what this encryption will get you.

    1. Security. This will not necessarily be convenient. However, this will stop all data mining and other prying eyes of any encrypted email on any server.

    2. Integrity. When an email is signed, recipients can know for sure that the email has not been modified (such as from a bad download) since the email was sent.

    3. Authenticity. Once a distant user's Private Key has been verified as authentic, any future email signed using that Private Key can be assured that the email came from the actual sender.

    4. Public Key Sharing: Anyone can have your Public Keys. Public Keys can be emailed, copied & pasted, or retrieved from cloud key servers. These keys can be verified with a virtual fingerprint of the key.

Challanges with encrypted mail:

There are two common types of email encryption: X.509 and PGP

    X.509 Encryption is common at the enterprise or institutional level. X.509 Encryption requires a Certificate Authority to maintain keys and that each user is who they say they are when keys are issued. X.509 is common in Government, Financial, and Medical Institutions. X.509 Encryption gives users:

      1. Integrity that the mail has not been tampered with in transit

      2. Security in that no one has read the mail while in transit.

      3. Authentication in that a competent Certificate Authority verified identity of the key owner before the key was issued.

      4. Non-Repudiation: Only if the Certificate Authority requires that users utilize a password on their Private Key and has measures in place to prevent compromise of both the Private Key and the password, (i.e. Common Access Card and threat of punishment for disclosure). Non-Repuduation proves who sent a particular email.

    PGP Encryption is more common among casual users who know each other and wish to ensure that their conversations remain private. However, if a stranger sends you their public key, you have no real way of authenticating the stranger before engaging in an encrypted conversation. However, once you have personally verified one's public key in a way that you are comfortable, you can then rest assured that any future encrypted email does in fact contain:

      1. Security

      2. Integrity

      3. Authenticity

Below are instructions on PGP Encryption.

If you are only using an android device for email encryption and are not using any other platforms or computers, then skip down to step #3, below.

If you are importing keys that you already use from another platform, like Thunderbird and Enigmail, start with step #1 below.

1. For convenience, it is best if you have the same keys on all of your devices. By having different keys on different devices, things will get complicated and inconvenient. You will need to export any current public and private keys that are used on your computer to your Download Folder so they can later be moved to your phone. (Both keys will be in only one file.) Even though it may seem convenient at first, you will reget generating new keys for every device. To Export your public-private key, click on the Thunderbird menu bars (usually in the top right of screen), Select arrow: 'Enigmail' from the drop down box, then click on Key management. The Key Management box will open. Right Click on your own key that you will want to export to your phone.

Search for: Enigmail

2. In your computer PGP Email Client (Thunderbird), choose to 'Export Secret Keys.' A window will pop up asking where to save the file. Saving in your Download Folder on your computer is best. The file may be named pub-sec***.asc or something like that.

Now, connect your Android phone to your computer with a USB cable. Ensure that you have any necessary drivers for your phone already installed on your computer- or your computer wont recognize your phone as a USB device. (For Samsung devices use: Samsung Drivers) Using Windows Explorer, on your Home Computer, navigate to where you saved the public-private key and move that file into your phone or tablet (Your Download Folder on your Android Device is highly suggested.) After the file transfer of keys is complete, disconnect your phone from your computer, if desired.

Search for: Enigmail

3. Now, that keys are saved to your Android phone, they can now be imported into the Native Android Email Application. On your phone, install and open the the Email Application. Navigate to the 'Settings' menu as shown below

Choose 'Settings' in email menu.

4. Choose which account to use for encryption, as shown below:

Select which account to create a key for.

5. Scroll to the bottom and choose: 'More Settings' as shown below:

Search for: Enigmail

6. Choose 'Security Options' from the menu, as shown below:

Choose Security Options from menu.

NOTE: If you already have encryption keys saved to your phone skip down to step 8.

7. Select: Create Encryption Keys from the menu as shown below:

Select:  Create Private Keys

8. Private Keys that are listed in the Download folder can be imported by selecting Manage Private Keys as shown below, circled in Red:

Select:  Import Private Keys

Choose to Import Keys from the menu in the top right of screen. The application is expecting to find any keys in the Download Folder in the Android device.

9. You will now need public keys from everyone that you would want to send email to. Your recipents can send you their public keys as an attachment in an email or they can be transfered as a file on a thumb drive or any other way that files can be transfered. However you receive the public key, save Public Keys from others into the Download Folder. Then Import the Public Keys into the Email App by selecting: Manage Public Keys as shown in Blue, below.

Select:  Import Public Keys

9a. You will also need to select your own Public Keys for export. Select one key at a time, if there are two keys. Then click the upper right arrow to export. These exported Public Keys will need to be sent via email or other methods to others who would send you encrypted mail.

Select:  Import Public Keys

10. You are now complete. You will need to send your public keys to other users who would send you encrypted email. You can use While typing an email, you can choose to encrypt the mail by pressing the menu button and selectingYou can choose to sign email. This will let other PGP encryption users be able to be assured that the email actually came from you. Also, with each email your type, if you have a public key for the recipient, you can check the box that will encrypt that email.

  • Return to Home Page

  • Webmaster: hardyjc@yahoo.com