Logo



iOS GnuPG Clients

On my Mac i already use GnuPG a lot (basically all my messages are signed, and some of them encrypted). But because nowadays i do a good amount of work on my iPad an iPhone, is had to search for a GnuPG solution on iOS too.

Clients

NamePrice
iPGMail IconiPGMail1,79 EUR
oPenGP IconoPenGP4,49 EUR
Secumail IconSecumail44,99 EUR
NouveauPG IconNouveauPG2,69 EUR

All programs where tested on iOS 8.1.2 with a iPhone 6 and a iPad Mini Retina. All programs except NouveauPG are Universal Apps and optimized fordifferent screen sizes.

Test Matrix

the programs where tested against this test matrix. I started at the top and proceeded to the bottom. Secumail and NouveauPG are disqualified, because it is not possible to exchange the private Key over iTunes, and you should never copy your private key to a Cloud Storage (even with a good passphrase).

For the remaining programs i have tested if the functionality works, and then got my own opinion if the integration in iOS is felicitous.

iPGMailoPenGPSecumailNouveauPG
Keyhandling
Generate Key pairyesnonoyes
Private Key transferiTunes, Dropbox, iCloud, ClipboardiTunes, Dropbox, ClipboardDropbox, ClipboardClipboard
Public Key transfersame + Keyserversame + Keyserversame + Keyserversame
Upload key to Keyserveryesnonono
Own Keyserver possibleyesyesyes (no preset)no
Needs access to contactsnoyes (searches for keys of contact EMail only)nono
Save passphrasesnoKeychain------
Decryption
Integration in MailShare, goodShare, good------
Signing
Single receiverok, goodok, bad------
Multiple receiversok, goodok, bad------
Encryption
Single receiverok, goodok, bad------
Multiple receiversok, goodok, bad------
Attachments
Receivingokok------
Sendingokok------
Compatibility
Apple Mailyesyes------
Outlook (Windows)yesyes------
Thunderbird + Enigmailyesyes------
Androidyesyes------
inline PGPyesyes------
PGP/Mimeyesyes------

Conclusions

The usage of GnuPG on the iPhone is not as usable as on other devices. It works with some hassle, but for a widespread use of GnuPG on iOS, Apple has to allow plugins in the iOS Mail program.

In my opinion, the cheapest App (iPGMail) is the way to go.

Recommendations

  • Always use iTunes for Key transfer (not Dropbox or iCloud)
  • Do not generate your key pair on the iPhone (unknown RNG)

How to use iPGMail

Copy your private Key

Export Keys

Find the key to export to the iPhone.

Export Keys

Select Export (Exportieren in german language).

Export Keys

Do not forget to export your private key too (Geheimer Schlüssel in german language).

Import Keys

In the Apps Section you have to completely scroll down until you see the section where you can copy files to the iPhone/iPad. There you have to select iPGMail and click add (Hinzufügen in german Language).

Import Keys

Select your exported keys and click add.

Import Keys

Start a sync which will copy the Key over to the iOS Device.

Import Keys

In iPGMail select the files Tab and tap on your Key file.

Import Keys

You have to provide your password (hopefully a good one).

Import Keys

If everything worked, the keys are imported.

Import Keys

Check if your private keys was imorted too.

Getting a public key

Getting Keys from Keyserver

Search them on the keyserver (there are already keyservers predefined, but you can use your own too, i.e. for company environments).

Getting Keys from Keyserver

Tap on the key to download.

Sending a signed and encryted EMail

Send encrypted EMail

Start iPGMail and go to the compose tab. You can select a key which is used for signing (your own key) and a public key for encryption (the public receiver key). Then you can type your subject and your message. After that, click on the send icon in the upper right corner.

Send encrypted EMail

Select "Send EMail" for creating a EMail directly.

Send encrypted EMail

The receiver is picked up from the public key you haven chosen before. Send.

Reading an encrypted EMail

Receive encrypted EMail

In a received EMail you have a encrypted Attachment. Tap on the Attachment and you have the encrypted text.

Receive encrypted EMail

Tap on the Share Button in the upper right corner.

Receive encrypted EMail

And choose iPGMail.

Receive encrypted EMail

Provide the password for your key.

Receive encrypted EMail

And you get a list of all decrypted parts (text, attachments).

Receive encrypted EMail

Tap on the text, and here we are.

Thanks for reading. Comment on this post!

Back to index