FireGPG is an OpenPGP MIME-compliant add-on to Firefox that allows you to select some text on a web page (or entered in a form) and perform some cryptographic operations on it.

This add-on provides immediate security benefits. It can allow you to easily and quickly encrypt a message and send it over a public channel without even having to leave your browser. For example, you can send a (short) secret message to someone by encrypting it and posting the block in a public forum or on a public blog– as long as the recipients have the correct key, they can decrypt it. This add-on can also be used to generate digital signatures, providing both integrity and non-repudiation.

Below is an example of some encrypted text sent via Gmail and the results of FireGPG’s decryption:

Although it doesn’t offer anything groundbreaking in terms of functionality, having access to these features with just a right-click within a browser window can certainly come in handy. And for people who want the benefits of public-key cryptography but their web-based email clients don’t support it, this might just scratch that security itch.

You can get FireGPG here.

NOTE: FireGPG is just the add-on that provides an interface to the PGP functionality. You will also need the software to manage keys and perform the cryptographic operations. For this purpose, FireGPG requires GnuPG– a free open-source implementation of OpenPGP. Get it here.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!

This entry was posted on Thursday, March 12th, 2009 at 10:47 pm by Nick Staples and is filed under cool, Technology & Tool Thursday. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.