OpenKeychain: Your New Best Friend on Android for Serious Encryption
PGP. The great encryption technology. Well, more specifically, OpenPGP. This is an encryption technology that has quite the story behind it (really, it reads like some of the best spy thrillers you can imagine). And in the present, as well as likely going forward, it is still the encryption that is feared most by bad actors of all stripes (government organizations, etc.) because it is still so solid. An impressive fact on it’s own considering how long it has been around (going on 25 years).
There’s something to be said for using tried-and-true older technologies. Consider IRC. It’s still the single best “chat” system on the planet, regardless of bullshit newcomers like Slack or Facebook’s latest nonsense. Nothing else comes close, and it’s been in existence for decades. Email is still king when it comes to communicating via the internet, and it also has an ancient history by digital standards. And PGP (which I’ll use synonymous with OpenPGP from now on in this post) makes email all the more relevant and important today, because that’s what it encrypts.
Unfortunately, the use of PGP has been a complex affair, even for those well-versed in the use of computers, to say nothing of using it on mobile devices. In the past at the Dark Android Project, I’ve had to recommend using some kind of third-party service that automatically encrypts your email for you with PGP or the like. Tutanota.de, ProtonMail, Whiteout.io, Lavaboom, and others were what I would recommend for ease of use. Unfortunately, we’re seeing some of these services either get DDoS’d and get saved by questionable organizations (like ProtonMail recently went through), or they have seen an unfortunate lack of further development (like Whiteout.io). Also, using these services via a web browser does raise security concerns for some, and I’m sympathetic to those. Again, I generally only recommended these services due to their ease-of-use, not because I thought they fell under absolute “best practices”.
On the main page of the Dark Android Project, I do mention that you can use the best Android email app (Dark Android or not), K-9 Mail, in conjunction with an app called “APG”. It wasn’t the easiest setup to do, so it wasn’t my first choice, but now I need to update Dark Android’s main page, because the “Holy Grail” of PGP-encrypted email is now here.
It’s called OpenKeychain, and it works beautifully with K-9 Mail on Android. This app is phenomenal. Don’t have a PGP key? It will help you create one in a very user-friendly fashion. Already have a PGP key? You can import it easily. And there are tons of easy-to-use features for PGP key management within the app. It’s the simplest implementation of PGP I have ever seen, an any platform, not just Android. And again, it works really well with K-9 Mail, allowing with just a change in the settings and touch of a button in every email you send from that point on to choose whether or not you want to encrypt your emails. Honestly, this works so well that I’m switching over to my Android device being the primary way that I send emails. I’ve yet to see any flaws with OpenKeychain. It’s amazing.
And if you have a full Dark Android setup on your device (as in, you don’t have the Google Play Store installed), you can get the latest version of OpenKeychain (and K-9 Mail, too) via the F-Droid app store. This is a no-brainer folks, and I consider it the number one secure/encrypted way to communicate with an Android device (even more so than Signal, not that there’s anything wrong with Signal). Seriously, I really can’t believe that using PGP could get any simpler without their being diminishing returns.
Any time you can use older software standards that have a phenomenal track record, I recommend it. And any time you can have those standards used on a mobile platform, I recommend it. OpenKeychain, in concert with the fantastic K-9 Mail app, give you both. Get on it.