Social Media and Other Links

Background Reading

If you are new to PGP and have basic questions about how it works and where it comes from, I suggest the following Wikipedia sites as primers:

Frequently Asked Questions

  • Q: How safe are my private keys? If someone steals my iPad/iPhone can they get my private key?

  • A: There are several layers of protection involved:
    1. The entire database used to hold all of the PGP keys is stored in an encrypted format on disk and cannot be read from or written to while the device is locked or booting.
    2. The private keys in the DB (which is itself already encrypted) are also protected with a key derived from your private key passphrase, so choose a strong passphrase for your secret keys. The private key data is protected in the same way as they are in GnuPG and as described in RFC 4880.
    3. You can set the app Pin Protection in the settings for the app to force you to enter a unique 4-digit passcode to unlock the app. On newer iPhone and iPad models, this also enables you to use the TouchId feature to access the app using just your fingerprint.
    4. Make sure you have enabled the stronger passcode lock in the iOS settings. If someone steals your device, they cannot decrypt the disk unless they know your device lockout passcode, so choosing a much stronger alphanumeric passphrase (as opposed to the default 4-digit PIN), provides MUCH more protection for your entire device and data.
  • Q: When I try to decrypt a message it says “Key not found”, whats wrong?

  • A: This almost always means that the app does not have the correct private key needed to decrypt the message. This usually is the result of the user not importing their entire keypair from their computer (or wherever their keypair came from) OR, the sender did not use the right public key when they sent you the message
  • Q: What do I do after I download the latest version?

  • A: It is recommended that you delete and re-import all of your private keys, if possible. It is not critical, but occasionally there are bugfixes that fix some subtle problems with how the keys are stored and re-importing them can correct those issues.
  • Q: How can I import my existing keys?

  • A: Export the public or private key in ASCII armor format to a file and use iTunes File Sharing (see below for instructions) to import the key data into the app. This is the preferrred method.
    1. Starting with version 1.14, you can also download keys and other PGP encrypted files through a DropBox account. If you don’t have one, sign up for a free DropBox account.
    2. Alternatively (and less securely), you can email the file that contains your exported key to yourself on your iPhone mail account as an attachment with the “.asc” extension. Emailing private keys over an unsecured network (like the internet) is not recommended.
  • Q: How do I use iTunes File Sharing to import files into iPGMail?

  • A: Attach your device to your computer and open up iTunes. Select your device on the left, then select the “apps” tab on the top. Scroll down until you see “File Sharing”. Select “iPGMail” and then you can add files to the window and they will automatically be transferred to iPGMail. Make sure your device is unlocked before attempting the transfer.
  • Q: Is it insecure to leave unencrypted files on the device ?

  • A: That depends on the files. The app itself cannot make such a decision. If the user feels that the unencrypted data is sensitive, then the user should delete the file after reading it, or re-encrypt it with their own key. It becomes a policy issue that the user must enforce, it is not a application security issue that the app itself can handle.