Contact

Encrypted E-mail

MALS has the ability to accept and respond to your e-mail using OpenPGP.

OpenPGP is a common encryption standard that protects the content of your e-mail messages against eavesdropping. PGP stands for “Pretty Good Privacy.”

It works using two keys:

Public Key

This is a key you share with your recipients, kind of like a code that's linked to your e-mail address. When somebody writes you, they use this code to transform the text content of their e-mail into "cyphertext" which basically means the output of an algorithm, which basically means really crazy maths—so crazy that it cannot be solved without the Secret Key, which is what keeps the message safe until it's ready to be unlocked...

Secret Key

An encrypted message can only be unlocked by your Secret Key. It's the missing piece of the puzzle to the complex maths problem created above. If someone has correctly encrypted an e-mail to you using your Public Key, you can decrypt it using your Secret Key. Obviously, you keep this key private, protected, and safeguarded against being copied or read by others, as anyone who has your Secret Key has the ability to unlock any e-mails encrypted with its corresponding Public Key.

Like most things, OpenPGP is not a silver bullet against surveillance, but it can provide a secure form of protection to the contents of your e-mail. Encrypted messages are only able to be read by persons holding the Secret Key that unlocks their contents. To everyone else, it just looks like jibberish.

Quick Guide: How to Do This

This guide assumes you have an existing e-mail address and e-mail program that is already configured to handle OpenPGP keys. If you’re not quite ready yet, you could consider researching some available software, as noted by on the OpenPGP website, to match your device and Operating System.

First, import our Public Key

To encrypt your e-mail to MALS, you must first import our Public Key to your e-mail program’s keyring, either by copying the key below and “importing the clipboard” into your e-mail program’s keyring, or downloading the key, which you then import into your e-mail program’s keyring. Either method is fine. As long as the key is imported successfully.

Verify the Public Key

To ensure the key you’ve imported is actually our key and hasn’t been modified getting to you, please check it matches the fingerprint posted on this page.

Encrypt your e-mail

If the keys match the IDs, and you’re satisfied you trust them enough, you can go ahead and encrypt your e-mail, using our Public Key.

Send your message to:

admin [at] melbactivistlegal [dot] org [dot] au

Please note that if you prefer an encrypted response from us, you will have to also provide your Public Key in kind. It is a good idea to attach it to your initial message to streamline the process.

Good luck!

Import Our Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEXjHCUxYJKwYBBAHaRw8BAQdAb/ziRLDVz3IQKwvHlx7cApbeiq3d3XRpA4o4aH4LNA7NQU1lbGJvdXJuZSBBY3RpdmlzdCBMZWdhbCBTdXBwb3J0IDxhZG1pbkBtZWxiYWN0aXZpc3RsZWdhbC5vcmcuYXU+wpYEExYKAD4WIQRgsAYtFzc4DHSgCZZoSMurFetCqAUCXjHCUwIbAwUJCWYBgAULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRBoSMurFetCqM7TAQDfSEuxJDisIbj3eD4TWx0Y9XgMSmUwqTO2p2ht7gOF9AEAiUrReowdZ+AMZWbXw6EuTgV8y6UJtXJ1pSqVDCJ2EwzOOAReMcJTEgorBgEEAZdVAQUBAQdAowUNYKmCpFiaTWCP4Yw/lFGISDQy4hjcPOtdaAdXiG0DAQgHwn4EGBYKACYWIQRgsAYtFzc4DHSgCZZoSMurFetCqAUCXjHCUwIbDAUJCWYBgAAKCRBoSMurFetCqNAkAQCwoX60M1rcYuiIloNbjSNzAmqlhnx3uQlJrBZI3BziiwEAkwtZXV8cMQPEdP/04OF9DXCn65Wsw/4MUfu9vP2xXAY==sBCU
-----END PGP PUBLIC KEY BLOCK-----

Fingerprint

Once imported, remember to check the key matches this fingerprint:

60B0 062D 1737 380C 74A0 0996 6848 CBAB 15EB 42A8

PGP Key ID

This is the last 16 characters of the fingerprint, usually expressed in hex format. For instance:

0x6848CBAB15EB42A8 

Does it match?

If the key above you've imported matches the fingerprint posted above, then you're good to go!

You can find more information about OpenPGP here, including supported software and links to guides to help you get started.

Please note: Unfortunately, MALS does not have the capacity to provide technical assistance outside of Digital Security Workshops.