p≡p for iOS

Overview

This section covers the system requirements, feature list, installation- and user-guide of p≡p for iOS.

System Requirements

  • Mobile phone or tablet with iOS version 12.0 and higher

  • Email account accessible through IMAP/SMTP

Feature list

The following features are available in in the latest version of p≡p for iOS:

  • Encrypt/decrypt emails and their subjects

  • Store messages encrypted or unencrypted on the server (Untrusted or Trusted server)

  • Compatibility with OpenPGP (as a p≡p user you can communicate with users that use OpenPGP)

  • Passive Mode (public key only attached if the communication partner uses p≡p)

  • Automated, decentralized key management

  • Import private keys

  • p≡p Sync, automated synchronization of keys between all your devices using p≡p

  • Reset

  • Extra Keys

Supported languages

The following languages are supported:

  • Catalan

  • Czech

  • Dutch

  • English

  • French

  • German

  • Slovak

  • Spanish

  • Turkish

User Guide

First steps in p≡p for iOS

Setting up the account

In order to use p≡p, you need to setup your email account in p≡p for iOS. As soon as the email account is set-up, you can use p≡p without any additional configuration. No additional settings changes are needed for p≡p to work.

At the first startup of the app, p≡p will ask you to give permission to send you notifications: “p≡p would like to send you notifications”. It’s optional and you can change it anytime. You can configure it in the settings same as for any other iOS apps.

On the next screen select what account type you want to setup. If your provider is not listed, select “Other”:

_images/pEpForIOS-Login-0.png

On the next screen, enter your email address, account name and the other required fields (depending on the account type).

Sending Secure Emails

After a message from another p≡p user is received and you reply to that message, the Privacy Status icon on the top of the message is yellow. This means, that this message will be sent encrypted. Please note, that the very first message between two p≡p users will be sent unencrypted.

_images/pEpForIOS-Compose-Secure.png

Warning

Please note that the local part of an email address (left of the “@”) must be treated case sensitive. E.g. holden@pep.digital is not the same as HOLDEN@pep.digital, however holden@pep.digital is the same as holden@PEP.DIGITAL.

The Handshake

For general information about the Handshake, refer to Handshake.

To perform a Handshake, the Handshake dialog can be opened by pressing the Privacy Status icon. Users can see button at the bottom of the screen:

_images/pEpForIOS-Handshake-Secure.png

You can change the language of the Trustwords when pressing the green globe icon. There is choice of 8 languages: English, German, French, Spanish, Catalan, Slovak, Turkish and Dutch.

In case your communication partner is an OpenPGP user, you will see the PGP fingerprints in the Handshake screen:

_images/pEpForIOS-Handshake-Secure-Fingerprint.png

After comparing the Trustwords with the communication partner through a separate channel (like a phone call or a meeting in person), select “Confirm” if the Trustwords match. If the Trustwords didn’t match, select “Reject”. When you confirmed the Trustwords, the Privacy Status with this communication partner changes to Green (Secure & Trusted).

This step is done once with each communication partner and any future communication remains Green (Secure & Trusted).

_images/pEpForIOS-Compose-Secure&Trusted.png

Sending a message to multiple people with different Privacy Statuses

When sending a message to more than one person, you simply add the recipients to the message. The Privacy Status bar at the top will show you, if the message will be sent encrypted or not. In the example below you can see that there are three recipients. Because only one recipient has p≡p or a compatible software installed, the message will be sent unencrypted.

_images/pEp4iOS-v1.1-MultiplePrivacyStatus.en.png

When sending a message to multiple recipients, which all but one are trusted, the message will have the lowest privacy status of all intended recipients. In the following example all but one recipients are trusted, therefore the privacy status of the message is only Secure.

_images/pEpForIOS-Compose-Secure.png

Once you open the handshake dialog, you can see that a handshake with Hannibal is needed.

_images/pEpForIOS-Handshake-MultipleRecipients-Secure.png

Comparing the Trustwords over another channel f.e. calling to Hannibal, we confirm the Trustwords are the same on both sides. Once confirmed, Hannibal is on trusted communication channel and privacy status for the message will change to Secure & Trusted.

_images/pEpForIOS-Compose-Secure&Trusted.png

For additional information about the Handshake, refer to Sending a message to multiple people with different Privacy Statuses.

Disable Protection

When the communication partner’s Privacy Status icon is Yellow (Secure) or Green (Secure & Trusted), the email will automatically be sent encrypted, when the user press on ‘Send’. If the user would like to disable protection on a case by case basis, then the user can do so by long pressing the privacy status icon and selecting the ‘Disable Protection’ button in the bottom of the screen.

_images/pEpForIOS-Compose-Secure-longpress.png

The Privacy Status dot as well as the rating for a communication partner will change to Disabled and the message will be sent unencrypted when the user presses ‘Send’.

_images/pEpForIOS-Compose-Secure&Trusted-DisabledProtection.png

p≡p for iOS Options

This section covers the options related to p≡p email encryption/decryption that are available in p≡p for iOS. The options can be opened by pressing on the p≡p icon at the bottom right.

_images/pEpForIOS-Settings-SyncEnabled-Grouped.png

Settings - Accounts

Account settings are used to configure e.g. IMAP or SMTP settings of the current account.

Accounts can be removed by sliding the name of the account to the left.

_images/pEp4iOS-v1.1-RemoveAccount.en.png

More accounts can be added by pressing “Add Account” at the bottom of the Mailboxes view.

_images/pEp4iOS-v1.1-AddAccount.en.png

Reset All

This will reset the privacy settings of all your accounts. It revokes your existing keys and creates new ones.

To reset only one single account select the account in the list above and then press “Reset” in its settings.

For more details see Reset.

Settings - Global Settings

Global settings are used for all accounts in the app. The following settings are available.

Default Account

This option allows you to select the default account for sending emails.

Credits

In Credits, you can see the version number of p≡p for iOS, a list of projects p≡p for iOS is depending on and the end user license agreement (EULA).

Store Messages Securely

Defines for each account if messages should be saved encrypted or decrypted on the server.

When “Protected message subject” is disabled, p≡p will decrypt the subject of encrypted messages and save the subject unencrypted on the server in any case.

For more details see Store messages securely.

PGP Key Import

Note

In case your device is member of a device group, please proceed with the following steps before starting the key import:

  1. Disable p≡p Sync on all devices of the group before starting the import process.

  2. Import the key on ALL devices.

  3. Switch on p≡p Sync after the manual key import worked on all devices.

  • On Mac: Open Finder -> Select your iOS device on the left and select Files. Then, drag & drop your key into the p≡p app (on the p≡p icon).

    _images/pEp4iOS-v1.1.011_mac_finder_arrows.png
  • On Windows: Open iTunes -> Select your iOS device on the top, select “File Sharing” and press the p≡p app icon. Then press “Add File÷:÷»” and select the key you want to import.

    _images/pEp4iOS-v1.1.011_windows_itunes_arrows.png
  • Once done, on your iOS device, start the p≡p for iOS app, go to settings (press the p≡p icon) and select “PGP Key Import”. Then select the green button “PGP Key Import” and select the file that you just copied to the device.

  • Check if the key is the correct one by comparing the fingerprint. Then confirm with “Yes”.

The key is then set as default key. However, p≡p still manages keys automatically, thus, the key might change in the future (e.g., when doing a reset). Please be aware that you can import only “.asc” files.

Note

After the import p≡p will use your key to encrypt and decrypt messages. Please be aware that p≡p automates the key management and your key may change (e.g. after a reset, when joining a device group or when a key expires). Even if p≡p starts using another key, old keys will always be kept to ensure that all messages can be decrypted.

Use a passphrase for new keys

By default p≡p does not use a passphrase for new keys. If you want to use a passphrase for new keys enable “Use a passphrase for new keys”. Once enabled, p≡p will ask for a passphrase when new keys are generated. If you want to create new keys straight away, go to the p≡p Account settings and “Reset All Identities”.

Set Own Key

If you have a PGP keypair that is already imported in pEp for iOS and you want to define the key as default key for an account, do the following:

  • Go to settings (press the small p≡p icon on the bottom right) and select “PGP Key Import” and select “Set Own Key”.

  • In the Email field, enter the email address of the key you want to use. In the field Fingerprint, add the fingerprint (capitalised and without spaces, e.g. “0A1C152BEB03EC3CE7D9125D293FA3243FCE31E6”). Then, press “Set Own Key”.

If you don’t get any error message, your key is now set as default key for the address.

Unsecure reply warning

This option will warn you when a formerly encrypted message would be sent unencrypted by replying or forwarding. This option is enabled by default.

Protect Message Subject

When sending messages between p≡p users, the subject is always encrypted (in transport). However, when “Protect message subject” is disabled, p≡p will decrypt the subject of messages stored in the mailbox and save the subject unencrypted.

Further, when “Protected message subject” is disabled, the subject of messages sent to PGP users will not be encrypted at all.

For more details see Protect message subject.

Passive mode

By default p≡p for iOS attaches your public key to every outgoing email. When passive mode is enabled, p≡p doesn’t attach a public key to outgoing messages unless the communication partner uses p≡p. If you already have a public key from your communication partner, p≡p will encrypt your emails by default.

For more details see Passive Mode.

p≡p Sync

If p≡p Sync is enabled, p≡p will check if other devices are using p≡p with the same email account and try to build a device group. p≡p Sync ensures that all messages can be decrypted on all your devices with p≡p.

For more details see p≡p Sync.

Contacts

Reset

Reset allows you to reset the known information related to trust and encryption of a contact. If your communication partner cannot read your messages anymore, go to Reset, press on the contact and select “Reset this Identity”.

For more details see Reset.

Settings - Enterprise Features

Extra Keys

This option shows which Extra keys are used for outgoing email encryption.