This chapter is short for the following reasons:
- your smartphone is nothing more than a computer with additional feature that is the connection to GSM network
- the concept behind using a smarthphone for out purpose is exactly the same as using a computer, we have
- a standalone email client
- a package handling our encryption keys and encryption processes
To make a short chapter short, here’s what one need to do to work with email encryption on the smartphone.
We already have an email client, every Android, Apple or Windows phone comes with one. We’re only missing the key management software.
One that comes first in search is called APG. It does the same as Enigmail, Enigma or Mailvelope. It allows us to generateour private and public key, allows for importing a public key we received in an email and allows to import our set of private and public keys we’d generated using any of the aforementioned packages.
The package integrates with our email client adding switches to it that allow for encrypting, signing and attaching the public key.
The one problem we have is how to transfer the keys we already use on another device.
There are a few options:
- usb transfer
- bluetooth file transfer
- sending an email to yourself holding the keys. This one we should consider as the last resort, as such email and its contents will go through the mailbox stored at your email provider’s disks and therefore the data can be compromised.
We need to export our set of keys from one of the packages we use to a file, transfer it and import back to the mobile system. We’re ready to go.
Beyond adding the encryption capabilities, adding a smartphone to the set up gives us another advantage. We create a copy of our private key. And as it goes with a smartphone these days, we pretty much always know where it is.
However… Mobile phones are a popular target for all sorts of attacks, eve from authorities. Perhaps, keeping them away from the protected environment we’re trying to maintain could be a good idea.
End of Chapter V