Use “Pidgin-Encryption” for secure chats with Pidgin


“Pidgin-Encryption” is a plugin for the open-source IM client Pidgin that provides for secure instant messaging sessions encrypted with the RSA protocol.

Here’s news for you: relatively speaking, your IM sessions are not secure. In an office environment your instant messages are probably fairly easily attainable by your network admin if they really wanted to see them, and there’s even software offered out there that does exactly this.

The good news is that if you use Pidgin you can install this simple plugin for instant encryption of your chats. One caveat, though, is that both yourself and the person you are chatting with have to have this plugin installed (and by implication both need to be using Pidgin).

How it works:

  • Download and install “Pidgin-Encryption”
  • Launch Pidgin, go to Tools > Plugins from the main console and then check the box next to the “Pidgin Encryption” plugin to install it.
  • Once installed, you should be able to see 2 visible changes in Pidgin as follows (a) an “enable encryption” command in the within the chat session window, and (b) a “turn autoencryption on” context menu entry for each buddy on your list (see screenshot above). Note that these options only work when the person you are chatting with also has the plugin installed.
  • To invoke encrypted chat, either click on the “enable encryption” button in the chat window or turn on the autoencryption for your buddy. What’s cool is that the program will automatically detect someone who has the plugin and transmit your key to them (they will be prompted to accept). It will also save the keys for known users and warn you if the keys change.

More info on this program:

  • Encryption protocol: uses the RSA protocol, which is supposed to be one of the slower types of encryption, but you don’t really notice any difference in messaging speed whatsoever. The plugin is open source and in theory can be used as a wrapper for different types of encryption.
  • How secure is this?: this is one question that is tough to answer in a review such as this one, as there was no hacker on hand to attempt to compromise our chat when we tested it (where’s one when you need one!). If you want more info on this check out the FAQ from the plugin’s site that discusses this issue.
  • Encryption will work on all chat protocols that Pidgin supports (AIM, MSN, etc.) I am not sure if it will work with group chats (guessing that it won’t).

The verdict: if you use Pidgin and need encryption you should really check this plugin out. Its painless and easy and so unobtrusive you will likely forget that its there most of the time.

Version Tested: 3.0

Compatibility: WinAll. Requires Pidgin to be installed; you might need to upgrade to the latest version.

Go to the Pidgin-Encryption page to download the latest version (you need the Win32 self-extracting binary; approx 605K).