Facebook flings PGP-encrypted email at world+dog. Don't lose your private key

Hands-on Facebook can now powerfully encrypt notification emails sent to its users with PGP – keeping potentially sensitive messages out of the hands of hackers and other snoopers.

The social network has also added a spot for people to share their public PGP keys via the HTTPS-protected website.

"We are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to 'end-to-end' encrypt notification emails sent from Facebook to your preferred email accounts," the company said. "People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications."

Most users turn off email notifications from Facebook, since endless spam notifying you that Aunty Doris and some git you knew in high school liked your post gets annoying after a while. But if you request a new password, having that data encrypted is a very good idea indeed.

You can upload your public key here, from your profile's contact info settings. Notifications and other alerts sent from Facebook to you can be encrypted using your public key. Once you've received the messages, you can decrypt them using your corresponding private key.

Only you should have a copy of your private key – no one else. Attempts to upload a private key instead of a public key are blocked by Facebook.

Enabling encrypted messages from the social network is not for the faint-hearted: if you choose to receive encrypted messages from Facebook and lose your private key, you will not be able to decrypt the emails. This means you may wind up losing control of your account if you request a password reset and then can't decrypt the email containing the password-reset link. Facebook repeatedly warns you about this.

Hands on with PGP support

We created a public-private key pair to test out the new service, creating a 4,096-bit RSA pair with a one-year expiry using gpg --gen-key. Then we ran gpg --export -a and the key ID to export the key, and cut'n'pasted it into the form. Decrypting the message from Facebook was as simple as gpg --output facebook.txt --decrypt encrypted.asc. The file encrypted.asc was attached to the received email.

 

 

 

Facebook has picked the GNU Privacy Guard (GPG) implementation of OpenGPGP, and is using the long term primary key 31A7 0953 D8D5 90BA 1FAB 3776 2F38 98CE DEE9 58CF with a short term subkey D8B1 153C 9BE9 C7FD B62F 7861 DBF4 E8A2 96FD E3D7 to digitally sign its messages – allowing peeps to verify an email has some from the California web giant. It says it'll rotate operational keys occasionally for security purposes.

The firm's choice of GPG is no accident. In February, Facebook promised to pay $50,000 a year to GPG creator Werner Koch after the German developer said he was running out of funds to keep the project going.

The 50 grand looks like a very cheap investment, yet it did cheer Koch up and will allow him to hire an assistant. Facebook says its implementation will support the RSA or ElGamal algorithms and it's investigating GPG's newer elliptic curve algorithms.

Facebook's move will also bring encryption to more people's attention. The site's users aren't necessarily techie, but the addition of GPG might prompt a few to think more seriously about security.

As part of its plan, Facebook will make it possible for users to upload their own public keys to their profiles and publish them in public, providing a reliable way to share public keys such that users can be more assured of their authenticity. Having a public key next attached to a public Facebook profile will make the key more trustworthy, assuming the account has not been compromised.

This means the PGP public key support is a welcome step in the right direction, even if you don't opt into encrypted notifications.

"Security tools like PGP encryption are most effective when they are used widely," said internet advocacy coordinator for the Committee to Protect Journalists Geoffrey King. "Facebook has taken an important step to help protect users' private communications by default, and make the risky environment in which journalists work a little bit safer." ®