Creating a PGP keys on your Android device requires you to install additional software. Android unfortunately isn't equipped with PGP.

So if you haven’t already, install OpenKeychain from F-droid or Google Playstore

To create new keypair for your email you need to:

  1. Open OpenKeychain and select “CREATE MY KEY” on start page.

(If u already have keys you can get there also via the hamburger menu (three bars) at the top right → manage my keys)

  1. Choose a name to associate with the key

  1. Enter the email address that you want to use with the key. For Lacre you will need to enter the same email address you plan to use with Lacre.

  1. you can change additional settings from the hamburger menu at the top right → “change key configuration”. You can change the key type to Ecliptic Curve as it is considered more secure and efficient then RSA keys, or you may directly go on with "CREATE KEY" if you are fine with the defaults.

  1. Congratulations! Your new encryption key is created and ready to be used.

  1. Although you are technically done, always backup your keys. Loosing important data is devastating. Loosing the key to open all your email communication can be even worse. Have a backup stored safely offline, just in case.

Select “Backup key” from the hamburger menu at the top right within the key you just created.

  1. Note down password. If you loose the password to unlock your key, you will loose access to the key. So keep the password somewhere safe, for example use password manager.

Now click “SAVE BACKUP” and save on location of your choice.

With proper end to end encryption, you are responsible yourself for your data security. So the only person to blame for lost key or password is you! With great security comes great responsibility.

Final step will be to enable PGP within email client. Only few email clients on android support that. In this tutorial I’ll show you how to do it with K9. If you are not using it already, install K9 from F-Droid or Google Playstore

  1. Start K9, open the drawer and go to “Settings”.

  1. Select the account you created the key for.

  1. Click “End-to-end encryption”.

  1. Tick the slider button “Enable OpenPGP support” and select “Configure end-to-end key” afterwards.

  1. Finally click “use key:” and you are all set up.