2011-01-03 // GnuPG on Android with APG and K-9 Mail

I'm using a separate1) email address for my Android 2.2 based mobile phone. This makes it possible for close friends and my family to write me when I'm on the road. For free and without the need for crappy SMS phone GUIs. Additionally, it is very handy to mail yourself a grocery list or a quick note before leaving the house. ;-) However: All unencrypted2) mails for your phone are clear for the telco provider and others to see. But there are comfortable applications to change this.

Quick and superficial guide about the needed actions:

  1. Install the needed applications on your phone (click on the app names for QR Codes containing an Android Market search query):
  2. Generate a new key pair for your phone. IMHO, it is a bad idea to place your main private key on an unencrypted mobile device. The risk of theft/loosing it is too high. I created the new key pair on my PC (even it would be possible on Android) because I prefer some kind of key hierarchy :lang_de: and a keyboard makes the creation more comfortable. Additionally, it is not a bad idea to have a backup copy of the new key on your PC.
  3. Export you new key pair into .asc files: 
    gpg -ao ~/privkey.asc --export-secret-key KEY-ID
gpg -ao ~/pubkey.asc --export KEY-ID

    If you don't like the terminal, use Enigmail or another GPG GUI for the export. It is also a good idea to export the public keys of the persons you want to write encrypted mails from your phone. Even APG provides the possibility to use keyservers, it makes no fun to search and import dozens of keys using that way.

  4. Copy the .asc files on your phone (e.g. via USB), the location does not matter (you can delete these files after the import was done).
  5. On your phone:
    1. Open APG→click Menu button→“Manage Public Keys”. The screen changes→click Menu button→“Import Key”. The program is asking where the .asc file containing your public key to import is located. Click on the file browser icon and run the action with “ASTRO”. Browse to the file and click on it. Check “Delete After Import” and click OK.
    2. Open APG→click Menu button→“Manage Private Keys”. The screen changes→click Menu button→“Import Key”. The program is asking where the .asc file to containing your private key to import is located. Click on the file browser icon and run the action with “ASTRO”. Browse to the file and click on it. Check “Delete After Import” and click OK.
    3. Open K-9-Mail→click Menu button→“More”→“Accounts”. The sceen changes→Click and hold on your account→“Advanced”→Cryptography→Select “APG” as the OpenPGP Provider. And check “Auto-sign” if it makes sense for you.

That's all. But you should know that K-9 Mail brings no support for PGP/MIME right now. This means you have to tell your friends to write Inline-PGP encoded mails, not PGP/MIME mails. But this should be default in most environments. If not: Enigmail provides a non-global select box for this setting at the “Per-Recipient Rules” menu.

1)
I don't want all of my emails on my mobile
2)
Only an insignificant amount of unencrypted mails are hitting my mailbox. It was a lot of work LOL but nearly everybody who writes mails to me is using GnuPG. Even my Mom. No excuses for not using it!
2011-01-03 @ 03:38 | written by Andreas Haerter
Tags:

Comments

[…] 2011:01:03:gnupg-gpg-pgp-on-android-with-apg-and-k-9-mail - blog.andreas-haerter.com - IT, web and nerdy stuff […]

» Reply
Juergen
No. 2 @ 2011/01/04 01:16

Is the energy consumption issue fixed in the current release? Last time I tried APG it killed my battery within 3 or 4 hours.

» Reply
Andreas
No. 3 @ 2011/01/04 04:25

@Juergen: Running a few days on my Milestone, no problems so far (APG 1.0.8).

Considered no higher energy consumption as usual: charged my phone to 100% ~12h ago. Most of the usage today was stand by, just one 30 second call and two mails (encrypted, for sure :-P). Battery Widget says: discharging, 80% left (~13h).

» Reply
Enno Lenze
No. 4 @ 2011/01/09 13:05

Thanks for the manual. Works like charm :)

» Reply
Juergen
No. 5 @ 2011/01/21 22:07

@Andreas: Yup, can confirm it now as well.

Next cool app would be a jabber client integrating APG :)

» Reply
Kailee
No. 6 @ 2012/02/01 10:43

I a keep getting an error when trying to import my.asc secret key. Keep saying “no keys added or updated”. Anyone else having this problem?

» Reply
No. 7 @ 2012/02/02 00:17

[…] 2011:01:03:gnupg-gpg-pgp-on-android-with-apg-and-k-9-mail - blog.andreas-haerter.com - IT, web and nerdy stuff […]

» Reply
Andreas
No. 8 @ 2012/02/03 22:23

@Kailee: Which program versions do you use (Android, K-9, APG)?

» Reply
Jan Wedekind
No. 9 @ 2012/03/02 15:06

Thanks. Worked well after I switched the mail format to “plain text”.

» Reply
Jordila
No. 10 @ 2014/08/19 14:20

Thanks for sharing

» Reply

Leave a comment…




  • E-Mail address will not be published.
  • Formatting:
    //italic//  __underlined__
    **bold**  ''preformatted''
  • Links:
    [[http://example.com]]
    [[http://example.com|Link Text]]
  • Quotation:
    > This is a quote. Don't forget the space in front of the text: "> "
  • Code:
    <code>This is unspecific source code</code>
    <code [lang]>This is specifc [lang] code</code>
    <code php><?php echo 'example'; ?></code>
    Available: html, css, javascript, bash, cpp, …
  • Lists:
    Indent your text by two spaces and use a * for
    each unordered list item or a - for ordered ones.
I'm no native speaker (English)
Please let me know if you find any errors (I want to improve my English skills). Thank you!
QR Code: URL of current page
QR Code: URL of current page 2011:01:03:gnupg-gpg-pgp-on-android-with-apg-and-k-9-mail (generated for current page)