Maximum security for emails: PGP encryption at mailbox.org

A sensitive email that transforms into cryptic gibberish with a single click – readable only to the intended recipient with the corresponding key. PGP (Pretty Good Privacy) was developed in 1991 by Phil Zimmermann and was considered not only revolutionary encryption technology at the time, but in the eyes of US authorities such as the FBI, it was even deemed an illegal weapon, classified alongside rockets, machine guns and bombs, which led to a three-year investigation.

Perhaps due to this explosive start, this powerful encryption technology was long considered complicated and therefore remained largely the preserve of experts. It has since become established wherever business-critical and confidential information must be shared securely, such as in law firms, medical practices, journalism and corporations. But is PGP also suitable for the general public? mailbox.org says yes and has made encryption to the highest standards a central element of its service from the very beginning.

The foundation of digital security: How PGP works

Here's how it works: Each user generates a key pair consisting of a public and private key. The public key is shared and can be used to encrypt messages or verify digital signatures. If Person A wants to encrypt an email to Person B, they use Person B's public key to render the message unreadable.
To read this PGP-encrypted message, Person B needs their private key – only this can make the message encrypted with the public key readable again.

Why PGP is so secure

PGP combines two methods: asymmetric and symmetric encryption. First, the actual message is encrypted with a fast symmetric key. This key is then encrypted with Person B's public key and sent along with the message. This principle of asymmetric encryption forms the foundation of PGP's security.
Encrypted messages can only be exchanged between people who actively use PGP and whose public keys are known. This ensures that only the private key is needed for decryption. Incidentally, a public key alone doesn't enable decryption – this requires exclusively the private key, which must be kept secure and secret. The private key cannot be calculated from the public key.

mailbox.org Guard: Integrated PGP encryption in focus

Whilst PGP encryption is merely a retrofitted technical feature with many providers, it has formed a central building block at mailbox.org since the company's founding. As part of the Guard system, PGP encryption is seamlessly integrated into the email environment.

Guard differs fundamentally from conventional PGP implementations. Complicated software installations and basic cryptographic knowledge aren't required. Instead, encryption takes place directly through the web interface. What's unique is that even non-PGP users can receive encrypted messages thanks to temporary, secure mailboxes.

The system automatically generates key pairs, manages them in the background and makes them available in a searchable directory. Private keys are stored encrypted on German servers and can only be decrypted with the user password.

Technical implementation and practical application

Technically, Guard is based on OpenPGP standards, but combines these with a user-friendly interface. Users can choose between fully automatic encryption and manual control. The integration works not only through the web interface, but also via standard email clients such as Thunderbird or Outlook.

Activation takes place directly in the account settings, so no additional software is required. After activation, the system automatically takes over key management and provides detailed instructions for various email programmes.

Future-proof communication for a digital world

Given growing cyber threats, PGP encryption remains a proven pillar for secure emails. Thanks to solutions like mailbox.org Guard, it's more user-friendly than ever and is constantly being developed to meet new challenges. Even compared to alternatives like S/MIME, PGP offers unique flexibility for businesses and private individuals who demand the highest data protection standards. With seamless integration and a strong focus on security, PGP remains the future-proof choice for confidential communication.